Windows
Analysis Report
https://ibx2.net/ibx/em/opn/i039KSrgJ9M?x2=zQd8qda-XWeI_bDr6Nw_bVIlgP3zwBDJSJMrWPfVXp_EBHgqXbi_OVY3x6AaYbMLz44-X4NhpH3UnAp5Bb8dykNVpe7PekL-D4I6-UL0MEo1vGuRL3Oc6HCn7OERYAMTXGt49-JCyt2M8GYseP7PDnldwd5w9MklAkkPEwzEo7spzXfMcJFVC59isGqIvvfXjMhXcZo1yblkWDdSzx090ywAnSfNIIGHfUevf23qdBd8lJezQN6iHG6sLDo2krWRj
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3004 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) chrome.exe (PID: 4148 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2848 --fi eld-trial- handle=272 4,i,127126 2212719647 7524,10411 9986347793 68472,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
chrome.exe (PID: 4996 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://ibx2. net/ibx/em /opn/i039K SrgJ9M?x2= zQd8qda-XW eI_bDr6Nw_ bVIlgP3zwB DJSJMrWPfV Xp_EBHgqXb i_OVY3x6Aa YbMLz44-X4 NhpH3UnAp5 Bb8dykNVpe 7PekL-D4I6 -UL0MEo1vG uRL3Oc6HCn 7OERYAMTXG t49-JCyt2M 8GYseP7PDn ldwd5w9Mkl AkkPEwzEo7 spzXfMcJFV C59isGqIvv fXjMhXcZo1 yblkWDdSzx 090ywAnSfN IIGHfUevf2 3qdBd8lJez QN6iHG6sLD o2krWRjMWW ddT9xAhnGY xWGRh5JLue e_07CPnUUi awLw30nUA, " MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
ibx2.net | 34.111.8.32 | true | false | unknown | |
www.google.com | 216.58.206.36 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
216.58.206.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
34.111.8.32 | ibx2.net | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
192.168.2.6 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1447156 |
Start date and time: | 2024-05-24 14:45:31 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 41s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://ibx2.net/ibx/em/opn/i039KSrgJ9M?x2=zQd8qda-XWeI_bDr6Nw_bVIlgP3zwBDJSJMrWPfVXp_EBHgqXbi_OVY3x6AaYbMLz44-X4NhpH3UnAp5Bb8dykNVpe7PekL-D4I6-UL0MEo1vGuRL3Oc6HCn7OERYAMTXGt49-JCyt2M8GYseP7PDnldwd5w9MklAkkPEwzEo7spzXfMcJFVC59isGqIvvfXjMhXcZo1yblkWDdSzx090ywAnSfNIIGHfUevf23qdBd8lJezQN6iHG6sLDo2krWRjMWWddT9xAhnGYxWGRh5JLuee_07CPnUUiawLw30nUA, |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/6@6/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.18.110, 142.250.186.163, 64.233.184.84, 34.104.35.123, 20.114.59.183, 192.229.221.95, 20.3.187.198, 93.184.221.240, 20.242.39.171, 142.250.181.227, 142.250.185.206
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, d.8.0.a.e.e.f.b.0.0.0.0.0.0.0.0.5.0.0.0.0.0.8.0.0.3.0.1.3.0.6.2.ip6.arpa, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, clients1.google.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3004_1166289982\_metadata\verified_contents.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1311 |
Entropy (8bit): | 5.996625649405505 |
Encrypted: | false |
SSDEEP: | 24:pZRj/flTLVmddL9V7aoX9cz+MJx2Klm6b+LrdoXH0P4NC/lBTkCKNXvF:p/hLAdvV7akA1UZkUygllkC4fF |
MD5: | 1B902651165F365CE171967091E325DA |
SHA1: | D564887A167C8C588BC8FDF1259C94A377967DB8 |
SHA-256: | 36C438E32D79F8AF43D6CD90A9FEAEF423674AE78852557F716271C007D6028C |
SHA-512: | 78A4EE7F653D552D000C3C1E47B8D97F0523DA72A6B8E93EDB9F56760CCDC145F27AE94B3E801A4184D746C77FB2B7105CA4DE266C10B946E87C91A358620CA2 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3004_1166289982\manifest.fingerprint
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 66 |
Entropy (8bit): | 3.82777764407819 |
Encrypted: | false |
SSDEEP: | 3:SWjX2RCQdE+ZD8MXcAdTSqn:SWjX2JdbZDhXPdTSqn |
MD5: | D8ADF922B4F26B8D100BED213F3EABEB |
SHA1: | F91139716E99F0374B1610EBE9F5B7A8827A84CC |
SHA-256: | 4EE4858DA2C7E49D3630CB497FA0BB3EF0602E4C0CA732DB7A25811099144E4F |
SHA-512: | B54BB4D108C25937F6F03A918D48201791BB7B6943A5EC51A8680E6CABC683E9DDF606E5330656C54293EBF4D09437CAB8B1E40E7EAF75D92D48A8647DCDCB13 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3004_1166289982\manifest.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 300 |
Entropy (8bit): | 4.707443234515725 |
Encrypted: | false |
SSDEEP: | 6:zeXC6WQpVyTJCAEIfd26VO9bIA6VDHs/C6wrhKXk7Vm01LwyAGI/zqSkhO:0eTJCAEQLO9hQADgK0711LqGik8 |
MD5: | DB7EB7E54EED7C7A94FABEF1FF06FFCE |
SHA1: | 59EC7C4812B8281EEDEE765E052D280EF6D14BE1 |
SHA-256: | DD43B3AFEAC53C5756B53B5A987FEB96CA78D2016C5513A971B2D570A959C0D0 |
SHA-512: | EAAE4182DBBD8C53A83CEFC0070C1BA4542FDBF912E39537054F2FD5EEF3AB0A6247F37D17ACAB31859A72FE69B2008D5EA5FF04FDE3FB31666C2CADA205EA53 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1150 |
Entropy (8bit): | 3.799094911018403 |
Encrypted: | false |
SSDEEP: | 12:Xl8lNKhuu0l0aUEVmeoKsajOeo3w+USoj0Vj3TueMNo7cgaQnNBuMppX81NLK1:XlRucaQ3KpXnWjjZ7cfQnNBuMppUNm |
MD5: | 46A2285245303B1615CA40C64B5DC43F |
SHA1: | E10915123B3BD5CFFD508011BE633EC8338A1354 |
SHA-256: | 1EA6FD78D7583F8FDC9ADDF37FC9A8251C6499CD081E4DD3A5647864097B8319 |
SHA-512: | 9CFD35D8834A3B26CAFF06D5C430D6CF186ABA58EC6F2F8C13CD157ACA1D0EBA1F40B438831CBE0BE4C5133E0D0675843BA993123A3ABCD25F5DA86A8CA8919C |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1150 |
Entropy (8bit): | 3.799094911018403 |
Encrypted: | false |
SSDEEP: | 12:Xl8lNKhuu0l0aUEVmeoKsajOeo3w+USoj0Vj3TueMNo7cgaQnNBuMppX81NLK1:XlRucaQ3KpXnWjjZ7cfQnNBuMppUNm |
MD5: | 46A2285245303B1615CA40C64B5DC43F |
SHA1: | E10915123B3BD5CFFD508011BE633EC8338A1354 |
SHA-256: | 1EA6FD78D7583F8FDC9ADDF37FC9A8251C6499CD081E4DD3A5647864097B8319 |
SHA-512: | 9CFD35D8834A3B26CAFF06D5C430D6CF186ABA58EC6F2F8C13CD157ACA1D0EBA1F40B438831CBE0BE4C5133E0D0675843BA993123A3ABCD25F5DA86A8CA8919C |
Malicious: | false |
Reputation: | low |
URL: | https://ibx2.net/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 24, 2024 14:46:28.765301943 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:28.765301943 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:29.077476025 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:33.153961897 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:33.154006004 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:33.154088974 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:33.154890060 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:33.154905081 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:34.049052000 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:34.049129963 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.229053020 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.229099035 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:36.229427099 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:36.280777931 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.588013887 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.588085890 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.588102102 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:36.588234901 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.630491972 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:36.781492949 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:36.781601906 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:36.781686068 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.823793888 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:36.823820114 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:38.405328989 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:38.466955900 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:38.726387024 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:38.732258081 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:38.732342958 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:38.732430935 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:38.732677937 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:38.732712030 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:38.937319040 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:38.937355042 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:38.937431097 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:38.937599897 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:38.937611103 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:38.937663078 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:38.937798977 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:38.937817097 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:38.938000917 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:38.938014030 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.403779984 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:39.406991959 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:39.407021046 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:39.408210993 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:39.408307076 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:39.409445047 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:39.409542084 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:39.452721119 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:39.452801943 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:39.480612993 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.481288910 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.481309891 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.481314898 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.481564045 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.481573105 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.482474089 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.482554913 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.482805014 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.482867956 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.484731913 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.484807968 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.484890938 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.484972954 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.486150980 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.486160994 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.500328064 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:39.531833887 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.531833887 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.531856060 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.576448917 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.598663092 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.604218006 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.604293108 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.623497009 CEST | 49717 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.623519897 CEST | 443 | 49717 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.661303043 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.702501059 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.791762114 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.791932106 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.792073965 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.793853998 CEST | 49718 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.793873072 CEST | 443 | 49718 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.879237890 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.879327059 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:39.879416943 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.880409956 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:39.880443096 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.407177925 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.407953978 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.408015966 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.409033060 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.409116983 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.419126987 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.419214964 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.419825077 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.419836044 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.466505051 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.503375053 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
May 24, 2024 14:46:40.503472090 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 14:46:40.618352890 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.618601084 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:40.618668079 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.703629017 CEST | 49721 | 443 | 192.168.2.6 | 34.111.8.32 |
May 24, 2024 14:46:40.703668118 CEST | 443 | 49721 | 34.111.8.32 | 192.168.2.6 |
May 24, 2024 14:46:41.021725893 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.021802902 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:41.021877050 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.022780895 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.022816896 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:41.660393000 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:41.660424948 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:41.660501957 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:41.664113045 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:41.664129019 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:41.889702082 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:41.889806032 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.900640011 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.900665998 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:41.900893927 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:41.904485941 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.904563904 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.904572010 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:41.904700994 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:41.946501017 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:42.137017965 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:42.137212992 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:42.137331963 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:42.137705088 CEST | 49722 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:42.137725115 CEST | 443 | 49722 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:42.445547104 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.445635080 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.451766968 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.451776981 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.452105999 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.497828960 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.535964012 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.578501940 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.760376930 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.760477066 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.760524035 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.760672092 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.760688066 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.760700941 CEST | 49724 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.760708094 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.798263073 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.798284054 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:42.798362970 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.798639059 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:42.798650026 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:43.508055925 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:43.508306026 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:43.978759050 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:43.978776932 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:43.979710102 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:43.981829882 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:44.022501945 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:44.487185955 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:44.491767883 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:44.491842985 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:46.047267914 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
May 24, 2024 14:46:46.047283888 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
May 24, 2024 14:46:49.293855906 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:49.293941021 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:49.294001102 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:49.296641111 CEST | 49716 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:46:49.296668053 CEST | 443 | 49716 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:46:52.760708094 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:52.760828972 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:52.761075020 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:52.762008905 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:52.762047052 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.617469072 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.617590904 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.621809959 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.621840000 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.622641087 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.652048111 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.652861118 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.652895927 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.653507948 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.694503069 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.879889965 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.880111933 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:46:53.880332947 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.880495071 CEST | 49730 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:46:53.880541086 CEST | 443 | 49730 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:13.333976984 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:13.334073067 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:13.334254980 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:13.334846973 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:13.334889889 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.168066978 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.168174982 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.172544956 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.172574043 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.173372030 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.175367117 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.175530910 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.175544977 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.175702095 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.218517065 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.397708893 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.398436069 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.398436069 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:14.398499012 CEST | 443 | 49731 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:14.398621082 CEST | 49731 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:15.516114950 CEST | 57034 | 53 | 192.168.2.6 | 162.159.36.2 |
May 24, 2024 14:47:15.524832010 CEST | 53 | 57034 | 162.159.36.2 | 192.168.2.6 |
May 24, 2024 14:47:15.525084019 CEST | 57034 | 53 | 192.168.2.6 | 162.159.36.2 |
May 24, 2024 14:47:15.525084019 CEST | 57034 | 53 | 192.168.2.6 | 162.159.36.2 |
May 24, 2024 14:47:15.585278988 CEST | 53 | 57034 | 162.159.36.2 | 192.168.2.6 |
May 24, 2024 14:47:15.985549927 CEST | 53 | 57034 | 162.159.36.2 | 192.168.2.6 |
May 24, 2024 14:47:16.005652905 CEST | 57034 | 53 | 192.168.2.6 | 162.159.36.2 |
May 24, 2024 14:47:16.011423111 CEST | 53 | 57034 | 162.159.36.2 | 192.168.2.6 |
May 24, 2024 14:47:16.011504889 CEST | 57034 | 53 | 192.168.2.6 | 162.159.36.2 |
May 24, 2024 14:47:38.507905960 CEST | 64953 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:47:38.513132095 CEST | 53 | 64953 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:38.514377117 CEST | 64953 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:47:38.514635086 CEST | 64953 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:47:38.569896936 CEST | 53 | 64953 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:38.755669117 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:38.755731106 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:38.756114006 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:38.756114006 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:38.756160021 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:39.014203072 CEST | 53 | 64953 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:39.015072107 CEST | 64953 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:47:39.025806904 CEST | 53 | 64953 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:39.026160002 CEST | 64953 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:47:39.433795929 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:39.434186935 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:39.434204102 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:39.435348988 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:39.435709000 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:39.435879946 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:39.483740091 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:43.218338013 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:43.218372107 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:43.218508959 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:43.220175982 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:43.220191002 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.062973976 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.063159943 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.066543102 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.066564083 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.066814899 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.069015980 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.069180965 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.069181919 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.069190979 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.114497900 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.291197062 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.291742086 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.291759014 CEST | 443 | 64956 | 40.113.110.67 | 192.168.2.6 |
May 24, 2024 14:47:44.291800022 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:44.291965961 CEST | 64956 | 443 | 192.168.2.6 | 40.113.110.67 |
May 24, 2024 14:47:49.356823921 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:49.356913090 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
May 24, 2024 14:47:49.357034922 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:49.426398993 CEST | 64954 | 443 | 192.168.2.6 | 216.58.206.36 |
May 24, 2024 14:47:49.426435947 CEST | 443 | 64954 | 216.58.206.36 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 24, 2024 14:46:37.033869028 CEST | 53 | 58816 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:37.033886909 CEST | 53 | 55294 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:38.097737074 CEST | 53 | 59703 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:38.686928988 CEST | 57502 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:46:38.687107086 CEST | 64211 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:46:38.731215000 CEST | 53 | 64211 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:38.731230021 CEST | 53 | 57502 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:38.886950970 CEST | 59659 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:46:38.888084888 CEST | 51993 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:46:38.931035995 CEST | 53 | 59659 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:38.935919046 CEST | 53 | 51993 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:39.802798986 CEST | 64059 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:46:39.803248882 CEST | 54032 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 14:46:39.823548079 CEST | 53 | 64059 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:39.876343966 CEST | 53 | 54032 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:46:56.053339958 CEST | 53 | 58463 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:15.465703011 CEST | 53 | 54889 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:15.515496969 CEST | 53 | 65488 | 162.159.36.2 | 192.168.2.6 |
May 24, 2024 14:47:16.065041065 CEST | 53 | 62891 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:36.552720070 CEST | 53 | 64918 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:38.010350943 CEST | 53 | 64409 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 14:47:38.507232904 CEST | 53 | 57321 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
May 24, 2024 14:46:38.686928988 CEST | 192.168.2.6 | 1.1.1.1 | 0xfa3f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 14:46:38.687107086 CEST | 192.168.2.6 | 1.1.1.1 | 0x6f82 | Standard query (0) | 65 | IN (0x0001) | false | |
May 24, 2024 14:46:38.886950970 CEST | 192.168.2.6 | 1.1.1.1 | 0x7e73 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 14:46:38.888084888 CEST | 192.168.2.6 | 1.1.1.1 | 0x3f50 | Standard query (0) | 65 | IN (0x0001) | false | |
May 24, 2024 14:46:39.802798986 CEST | 192.168.2.6 | 1.1.1.1 | 0xc11f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 14:46:39.803248882 CEST | 192.168.2.6 | 1.1.1.1 | 0x7d87 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
May 24, 2024 14:46:38.731215000 CEST | 1.1.1.1 | 192.168.2.6 | 0x6f82 | No error (0) | 65 | IN (0x0001) | false | |||
May 24, 2024 14:46:38.731230021 CEST | 1.1.1.1 | 192.168.2.6 | 0xfa3f | No error (0) | 216.58.206.36 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:46:38.931035995 CEST | 1.1.1.1 | 192.168.2.6 | 0x7e73 | No error (0) | 34.111.8.32 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:46:39.823548079 CEST | 1.1.1.1 | 192.168.2.6 | 0xc11f | No error (0) | 34.111.8.32 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:46:49.431946993 CEST | 1.1.1.1 | 192.168.2.6 | 0x42e3 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 24, 2024 14:46:49.431946993 CEST | 1.1.1.1 | 192.168.2.6 | 0x42e3 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:47:11.255213976 CEST | 1.1.1.1 | 192.168.2.6 | 0xe5d2 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:47:11.255213976 CEST | 1.1.1.1 | 192.168.2.6 | 0xe5d2 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:47:30.523935080 CEST | 1.1.1.1 | 192.168.2.6 | 0xce13 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:47:30.523935080 CEST | 1.1.1.1 | 192.168.2.6 | 0xce13 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:48:05.070981026 CEST | 1.1.1.1 | 192.168.2.6 | 0x9deb | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 14:48:05.070981026 CEST | 1.1.1.1 | 192.168.2.6 | 0x9deb | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
0 | 192.168.2.6 | 49710 | 40.113.110.67 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:36 UTC | 71 | OUT | |
2024-05-24 12:46:36 UTC | 249 | OUT | |
2024-05-24 12:46:36 UTC | 1064 | OUT | |
2024-05-24 12:46:36 UTC | 218 | OUT | |
2024-05-24 12:46:36 UTC | 14 | IN | |
2024-05-24 12:46:36 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49717 | 34.111.8.32 | 443 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:39 UTC | 977 | OUT | |
2024-05-24 12:46:39 UTC | 358 | IN | |
2024-05-24 12:46:39 UTC | 42 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.6 | 49718 | 34.111.8.32 | 443 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:39 UTC | 898 | OUT | |
2024-05-24 12:46:39 UTC | 323 | IN | |
2024-05-24 12:46:39 UTC | 1067 | IN | |
2024-05-24 12:46:39 UTC | 83 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.6 | 49721 | 34.111.8.32 | 443 | 4148 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:40 UTC | 343 | OUT | |
2024-05-24 12:46:40 UTC | 323 | IN | |
2024-05-24 12:46:40 UTC | 1067 | IN | |
2024-05-24 12:46:40 UTC | 83 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
4 | 192.168.2.6 | 49722 | 40.113.110.67 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:41 UTC | 71 | OUT | |
2024-05-24 12:46:41 UTC | 249 | OUT | |
2024-05-24 12:46:41 UTC | 1064 | OUT | |
2024-05-24 12:46:41 UTC | 218 | OUT | |
2024-05-24 12:46:42 UTC | 14 | IN | |
2024-05-24 12:46:42 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.6 | 49724 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:42 UTC | 161 | OUT | |
2024-05-24 12:46:42 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.6 | 49725 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:43 UTC | 239 | OUT | |
2024-05-24 12:46:44 UTC | 515 | IN | |
2024-05-24 12:46:44 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
7 | 192.168.2.6 | 49730 | 40.113.110.67 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:46:53 UTC | 71 | OUT | |
2024-05-24 12:46:53 UTC | 249 | OUT | |
2024-05-24 12:46:53 UTC | 1064 | OUT | |
2024-05-24 12:46:53 UTC | 218 | OUT | |
2024-05-24 12:46:53 UTC | 14 | IN | |
2024-05-24 12:46:53 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
8 | 192.168.2.6 | 49731 | 40.113.110.67 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:47:14 UTC | 71 | OUT | |
2024-05-24 12:47:14 UTC | 249 | OUT | |
2024-05-24 12:47:14 UTC | 1064 | OUT | |
2024-05-24 12:47:14 UTC | 218 | OUT | |
2024-05-24 12:47:14 UTC | 14 | IN | |
2024-05-24 12:47:14 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
9 | 192.168.2.6 | 64956 | 40.113.110.67 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-24 12:47:44 UTC | 71 | OUT | |
2024-05-24 12:47:44 UTC | 249 | OUT | |
2024-05-24 12:47:44 UTC | 1064 | OUT | |
2024-05-24 12:47:44 UTC | 218 | OUT | |
2024-05-24 12:47:44 UTC | 14 | IN | |
2024-05-24 12:47:44 UTC | 58 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 08:46:28 |
Start date: | 24/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 08:46:35 |
Start date: | 24/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 08:46:37 |
Start date: | 24/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |