Windows
Analysis Report
https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0OTU0MnxVbmtub
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3468 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 3300 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2052 --fi eld-trial- handle=197 6,i,155019 6865146959 2190,67015 4708803273 1398,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 6496 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://cotto naust-my.s harepoint. com/:o:/g/ personal/a lik_cotton _org_au/Eu LPuwXgoYRM iEqYXs3_rL wB-wXPnDQH 36qdcfGJf3 6wfQ?e=5%3 a5iMFOj&at =9&xsdata= MDV8MDJ8an Jvc2luZ0Bz bi5jb20uYX V8ZTM1ZDk4 Mjc1MTRkND BhYTMzNTEw OGRjOWFlNz VjZmJ8Yzli YTVmZjE1MG ZiNDQzYWFh NTFmOGE5Nz llNmU2ZDF8 MHwwfDYzOD U1NTU2NTcx OTU0OTU0Mn xVbmtub3du fFRXRnBiR1 pzYjNkOGV5 SldJam9pTU M0d0xqQXdN REFpTENKUU lqb2lWMmx1 TXpJaUxDSk JUaUk2SWsx aGFXd2lMQ0 pYVkNJNk1u MD18MHx8fA %3d%3d&sda ta=VE9DZzJ SVTNuaG5vZ E9ZcEhOQlF JanR5NTYvK 1h0NU1kSDl QMTlVb2ZTV T0%3d" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security | ||
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dual-spo-0005.spo-msedge.net | 13.107.136.10 | true | false | unknown | |
www.google.com | 142.250.185.68 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
cottonaust-my.sharepoint.com | unknown | unknown | false | unknown | |
m365cdn.nel.measure.office.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.185.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
13.107.136.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1466527 |
Start date and time: | 2024-07-03 01:50:31 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 7s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0OTU0MnxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=VE9DZzJSVTNuaG5vZE9ZcEhOQlFJanR5NTYvK1h0NU1kSDlQMTlVb2ZTVT0%3d |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@16/22@8/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.250.186.174, 64.233.166.84, 34.104.35.123, 2.22.242.16, 2.22.242.64, 142.250.185.138, 142.250.185.106, 142.250.186.138, 142.250.184.234, 216.58.206.42, 142.250.186.74, 172.217.16.202, 172.217.18.106, 142.250.184.202, 142.250.185.74, 172.217.18.10, 142.250.181.234, 142.250.186.106, 216.58.212.170, 142.250.186.42, 216.58.206.74, 2.16.241.15, 2.16.241.17, 20.114.59.183, 93.184.221.240, 192.229.221.95, 20.242.39.171, 20.3.187.198, 142.250.184.195
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, wu.azureedge.net, clients2.google.com, 196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0OTU0MnxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=VE9DZzJSVTNuaG5vZE9ZcEhOQlFJanR5NTYvK1h0NU1kSDlQMTlVb2ZTVT0%3d
Input | Output |
---|---|
URL: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5Nzll Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": false, |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: BRAND RELATIONS MANAGER COTTON TO MARKET To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next By clicking Next you allow COTTON AUSTRALIA LIMITED to use your email address in accordance with their privacy statement. COTTON AUSTRALIA LIMITED has not provided links to their terms for you to review. 2017 Microsoft Privacy & Cookies | |
URL: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5Nzll Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": false, |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: BRAND RELATIONS MANAGER COTTON TO MARKET To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Your email address is required Next By clicking Next you allow COTTON AUSTRALIA LIMITED to use your email address in accordance with their privacy statement. COTTON AUSTRALIA LIMITED has not provided links to their terms for you to review. 2017 Microsoft Privacy & Cookies |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26951 |
Entropy (8bit): | 4.514992390210281 |
Encrypted: | false |
SSDEEP: | 384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v |
MD5: | B3D7A123BE5203A1A3F0F10233ED373F |
SHA1: | F4C61F321D8F79A805B356C6EC94090C0D96215C |
SHA-256: | EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192 |
SHA-512: | A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=UB81VRIqU8-q--F_Tm8YSrMkmQn_FnAtBEJXqV-fw0a3QLGBGB09uXHhAA-UjRsiG461unCTYAHSok1cTsIvQNF8Civw5DnMopo4lRQi7zwa0ULv-TQjM7LW7pRAaHot14Cy72k2GboVUdRu0Glvj4qJJqD6TziWtjRqK1Wgsmw1&t=ffffffffa8ad04d3 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 102801 |
Entropy (8bit): | 5.336080509196147 |
Encrypted: | false |
SSDEEP: | 1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE |
MD5: | C89EAA5B28DF1E17376BE71D71649173 |
SHA1: | 2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD |
SHA-256: | 66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C |
SHA-512: | B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0 |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=6Qrb1MfQHAYn0ld2KcB-IQagUn10Pz5rZNeeQFR9J31DjkkXSk6Ms-LupgZ2opu0gtlqdkYGjWhk_NfS0G8dmK-4IH4jF-bcKMZVrbzYRMUiqwBvCIUPUgnW_Ep2ufYz580Cqbm_g0V7ziifpquJmJAr0lDt1oViTng0WEBuRFbYE_sGYg6owziEf46s9z-T0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17672 |
Entropy (8bit): | 5.233316811547578 |
Encrypted: | false |
SSDEEP: | 384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM |
MD5: | 6EFDDF589864D2E146A55C01C6764A35 |
SHA1: | EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F |
SHA-256: | 2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999 |
SHA-512: | 1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23063 |
Entropy (8bit): | 4.7535440881548165 |
Encrypted: | false |
SSDEEP: | 384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG |
MD5: | 90EA7274F19755002360945D54C2A0D7 |
SHA1: | 647B5D8BF7D119A2C97895363A07A0C6EB8CD284 |
SHA-256: | 40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB |
SHA-512: | 7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07 |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/WebResource.axd?d=mjf41zbhcy6XSi2MT4IyfXy9eaA_1J2DzcHlChcfmbH9LgiujjrIBFG9F_XiAHLSQtWNSQI2DPkKf39dr0QR5eTTPvtGW770jKStT60E1Ok1&t=638533172441064469 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.702819531114783 |
Encrypted: | false |
SSDEEP: | 3:H6xhkY:aQY |
MD5: | 858372DD32511CB4DD08E48A93B4F175 |
SHA1: | CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43 |
SHA-256: | 3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359 |
SHA-512: | 6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0 |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkG7HtT-LI7ORIFDfSCVyI=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40326 |
Entropy (8bit): | 5.245555585297941 |
Encrypted: | false |
SSDEEP: | 384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE |
MD5: | DA9DC1C32E89C02FC1E9EEB7E5AAB91E |
SHA1: | 3EFB110EFA6068CE6B586A67F87DA5125310BC30 |
SHA-256: | 398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1 |
SHA-512: | D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=SEcewcKlewa2Zn8STa8wutLAB03BeU2Kte1tliaQWUNmEotkU_hQfYWZb8clo440783cWlQAWYOa9gponU1_PssX0i55ojQPo7OvA-g25rlV6707O5-4mlXca5Grx-XbN9odycpgyFYciaRc0LhaRRF_472P6sQ2f587XxWrT61rsrCpsUjgMQrk3x9NSSgB0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/_layouts/15/images/microsoft-logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40512 |
Entropy (8bit): | 5.386921349191213 |
Encrypted: | false |
SSDEEP: | 768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9 |
MD5: | 8DCE60169BA666CA03A31D123DB49908 |
SHA1: | 956C46BB6058C23D35440DCC656CE61C7B151399 |
SHA-256: | F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75 |
SHA-512: | 26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 69195 |
Entropy (8bit): | 5.67023711679871 |
Encrypted: | false |
SSDEEP: | 1536:PlgguXLLh/eWXBOxSPSW8N6fGNNKgKMRJs2wVXUaH33:PLuHCGeTKgtyVXUM |
MD5: | E2C3BC7F923050425F526093E8CCBA0A |
SHA1: | D1846D7DA79E8F997056A7252B99C3187BA4DBB7 |
SHA-256: | 4D343A10ED34FEECEF0B6D4526E2F67E7FA22EAE3E81541A2ACA97B9A9656797 |
SHA-512: | 096F117B77958A91D966DD1C6C3592655A2B4A031C607864DE6543E60B6A3555502290CF2CA2621836E42253DB9B3A0C2DB31D477B0F5574CB9199E77FB2F74C |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0OTU0MnxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=VE9DZzJSVTNuaG5vZE9ZcEhOQlFJanR5NTYvK1h0NU1kSDlQMTlVb2ZTVT0%3d |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
URL: | https://cottonaust-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 01:51:16.294347048 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:27.738173962 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:27.738224030 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:27.738290071 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:27.738589048 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:27.738596916 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:27.738920927 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:27.738935947 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:27.738955021 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:27.739077091 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:27.739084005 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.297270060 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.297528982 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.297558069 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.298546076 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.298619032 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.299583912 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.299643040 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.299959898 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.299967051 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.340526104 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.375725031 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.376138926 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.376157045 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.377135992 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.377196074 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.377600908 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.377655029 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.419449091 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:28.419461966 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:28.465982914 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.681437016 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.682379007 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.682384968 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.682423115 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.682427883 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.682449102 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.682466984 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.682760000 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.768925905 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.768994093 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.769009113 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.769623041 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.769680023 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.769686937 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.815458059 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.894532919 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.894543886 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.894603014 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.894623041 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.895323038 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.895375013 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.895375967 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.895384073 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.895392895 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.895421028 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.895441055 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.895447016 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.895484924 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.896192074 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.896244049 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.896253109 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.896958113 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.897000074 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.897005081 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.897032976 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:29.897077084 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.899068117 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:29.899080992 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.210521936 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.211996078 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.212033033 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.212094069 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.212332010 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.212344885 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.212717056 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.212748051 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.212843895 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.213021994 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.213040113 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.213628054 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.213635921 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.213691950 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.213928938 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.213938951 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.252509117 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.271434069 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.271459103 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:30.271569967 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.272552967 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.272572994 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:30.549384117 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:30.549405098 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:30.553061962 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.553087950 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.553181887 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:30.553189039 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.553215981 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.553563118 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.553993940 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.554001093 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.554053068 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.554088116 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.554105043 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.554135084 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.554142952 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.554163933 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.555315971 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:30.555332899 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:30.606365919 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.639930964 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.639940977 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.640001059 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.640045881 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.640055895 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.640086889 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.640168905 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.640747070 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.640747070 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.640768051 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.642606020 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.766657114 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.767050028 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.767064095 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.768060923 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.768208027 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.768661022 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.768718958 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.768974066 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.768982887 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.787848949 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.788279057 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.788290024 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.788656950 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.788688898 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.788958073 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.788978100 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.789300919 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.789326906 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.789392948 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.789675951 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.790218115 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.790218115 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.790231943 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.790277958 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.825371981 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.832500935 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:30.840611935 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.840620041 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:30.930097103 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:30.930779934 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.930799007 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:30.931664944 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:30.931819916 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.933696032 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.933753014 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:30.981729984 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:30.981738091 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:31.027543068 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:31.120803118 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.120831013 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.120932102 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.120944977 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.121572971 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.121978998 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.121985912 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.122102976 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.122111082 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.122850895 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.123142958 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.123150110 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.123224974 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.139055014 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.139076948 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.139240026 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.139246941 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.139378071 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.140969992 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.140979052 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.141100883 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.141119003 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.141623974 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.141726017 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.141746044 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.141886950 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.143085957 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.143115997 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.143186092 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.143197060 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.143353939 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.144954920 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.144962072 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.145040989 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.145049095 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.145771027 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.146020889 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.146027088 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.146095991 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.207694054 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.207752943 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.207778931 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.207813025 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.207845926 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.208161116 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.208205938 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.208340883 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.208369970 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.208533049 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.213975906 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.214113951 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.219310045 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.219316959 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.219547987 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.229589939 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.229655027 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.229676962 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.230353117 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.230400085 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.230415106 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.230451107 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.232038975 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.232094049 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.232103109 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.232198000 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.232255936 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.233473063 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.233556986 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.233567953 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.234321117 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.234371901 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.234379053 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.235992908 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.236040115 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.236047983 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.236952066 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.237006903 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.237014055 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.237986088 CEST | 49740 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.237999916 CEST | 443 | 49740 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.250279903 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.250370979 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.250442028 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.250855923 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.250891924 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.259732962 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.276078939 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.290857077 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.316513062 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.323815107 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.323826075 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.323894024 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.323908091 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.324434042 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.324471951 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.324496984 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.324528933 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.324537039 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.325079918 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.325125933 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.325131893 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.325697899 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.325754881 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.325761080 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.326633930 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.326683998 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.326690912 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.326817036 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.326859951 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.326867104 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.327594042 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.327649117 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.327653885 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.327671051 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.327719927 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.327842951 CEST | 49739 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.327855110 CEST | 443 | 49739 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.490161896 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.490216970 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.490267992 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.490334988 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.490355968 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.490365982 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.490371943 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.614012957 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.614048004 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.614108086 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.616601944 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:31.616614103 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:31.797352076 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.798015118 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.798048019 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.798397064 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.799412966 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.799479961 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:31.800124884 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:31.840504885 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.128813982 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.128830910 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.128897905 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.128897905 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.128937960 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.131351948 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.131371975 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.153958082 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.153990984 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.154053926 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.154658079 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.154676914 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.200823069 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.200851917 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.200922012 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.201531887 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.201558113 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.365777969 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.365842104 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:32.368937969 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:32.368942022 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.369139910 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.372095108 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:32.416502953 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.644164085 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.644220114 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.644304037 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:32.644923925 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:32.644929886 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.644963980 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 01:51:32.644969940 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 01:51:32.726211071 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.726459026 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.726473093 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.727241993 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.727552891 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.727613926 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.727693081 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.772504091 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.958313942 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.958601952 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.958642960 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.960109949 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:32.960179090 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.960474968 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.960566044 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:32.960582018 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.011940956 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.011962891 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.058032990 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.066977978 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.067004919 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.067066908 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.067087889 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.067131996 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.067321062 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.067377090 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.067658901 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.067709923 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.067759037 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.068706989 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.068718910 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.085437059 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.085494995 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.085572958 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.086339951 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.086369991 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.293209076 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.293235064 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.293318987 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.293328047 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.293396950 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.308177948 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.308223009 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.657202959 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.700057983 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.902363062 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.902399063 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.902847052 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.905112028 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.905309916 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:33.905400991 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:33.952491999 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:34.237855911 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:34.237873077 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:34.237956047 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:34.238004923 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:34.238069057 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:34.238617897 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:34.238677979 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:34.238681078 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:34.238740921 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:34.239270926 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 01:51:34.239306927 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 01:51:37.274233103 CEST | 49672 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:37.274287939 CEST | 443 | 49672 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:37.274606943 CEST | 49672 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:37.274606943 CEST | 49672 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:37.274617910 CEST | 443 | 49672 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:37.274630070 CEST | 443 | 49672 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:37.278338909 CEST | 49756 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:37.278389931 CEST | 443 | 49756 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:37.281553030 CEST | 49756 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:37.281898975 CEST | 49756 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:37.281912088 CEST | 443 | 49756 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:37.879304886 CEST | 443 | 49756 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:37.879409075 CEST | 49756 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:51:40.847513914 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:40.847573996 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:40.847620964 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:42.009959936 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:51:42.009985924 CEST | 443 | 49744 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:51:44.149688005 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Jul 3, 2024 01:51:44.154998064 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Jul 3, 2024 01:51:44.155061007 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Jul 3, 2024 01:51:57.051184893 CEST | 443 | 49756 | 173.222.162.32 | 192.168.2.4 |
Jul 3, 2024 01:51:57.051248074 CEST | 49756 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 01:52:30.308325052 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:30.308373928 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:30.308598995 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:30.309226036 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:30.309237957 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:30.938035011 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:30.938515902 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:30.938529015 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:30.938849926 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:30.939774990 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:30.939826965 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:30.983412981 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:33.121570110 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Jul 3, 2024 01:52:33.127084970 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Jul 3, 2024 01:52:33.127234936 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Jul 3, 2024 01:52:40.848670959 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:40.848737955 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Jul 3, 2024 01:52:40.848872900 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:42.017082930 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.68 |
Jul 3, 2024 01:52:42.017106056 CEST | 443 | 49765 | 142.250.185.68 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 01:51:25.597096920 CEST | 53 | 49332 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:25.663847923 CEST | 53 | 49320 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:26.693094015 CEST | 53 | 49315 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:27.687079906 CEST | 62153 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:27.687855005 CEST | 63210 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:30.260895967 CEST | 61728 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:30.261238098 CEST | 59397 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:30.269465923 CEST | 53 | 61728 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:30.270103931 CEST | 53 | 59397 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:31.701114893 CEST | 53 | 56992 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:32.161470890 CEST | 53380 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:32.161845922 CEST | 62045 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:33.487560987 CEST | 52508 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:33.487994909 CEST | 51363 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 01:51:43.973252058 CEST | 53 | 56548 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:51:44.691098928 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jul 3, 2024 01:52:02.745021105 CEST | 53 | 56636 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:52:25.174829006 CEST | 53 | 60228 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 01:52:25.488920927 CEST | 53 | 53883 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 01:51:27.687079906 CEST | 192.168.2.4 | 1.1.1.1 | 0x614f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 01:51:27.687855005 CEST | 192.168.2.4 | 1.1.1.1 | 0x5eac | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 01:51:30.260895967 CEST | 192.168.2.4 | 1.1.1.1 | 0x4562 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 01:51:30.261238098 CEST | 192.168.2.4 | 1.1.1.1 | 0xb97d | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 01:51:32.161470890 CEST | 192.168.2.4 | 1.1.1.1 | 0x2016 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 01:51:32.161845922 CEST | 192.168.2.4 | 1.1.1.1 | 0xdb57 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 01:51:33.487560987 CEST | 192.168.2.4 | 1.1.1.1 | 0x56f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 01:51:33.487994909 CEST | 192.168.2.4 | 1.1.1.1 | 0x87bc | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 01:51:27.726334095 CEST | 1.1.1.1 | 192.168.2.4 | 0x5eac | No error (0) | cottonaust.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.726334095 CEST | 1.1.1.1 | 192.168.2.4 | 0x5eac | No error (0) | 1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.726334095 CEST | 1.1.1.1 | 192.168.2.4 | 0x5eac | No error (0) | 196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.726334095 CEST | 1.1.1.1 | 192.168.2.4 | 0x5eac | No error (0) | 196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | cottonaust.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | 1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | 196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | 196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:27.736710072 CEST | 1.1.1.1 | 192.168.2.4 | 0x614f | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:30.269465923 CEST | 1.1.1.1 | 192.168.2.4 | 0x4562 | No error (0) | 142.250.185.68 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:30.270103931 CEST | 1.1.1.1 | 192.168.2.4 | 0xb97d | No error (0) | 65 | IN (0x0001) | false | |||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | cottonaust.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | 1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | 196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | 196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.194035053 CEST | 1.1.1.1 | 192.168.2.4 | 0x2016 | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.199589014 CEST | 1.1.1.1 | 192.168.2.4 | 0xdb57 | No error (0) | cottonaust.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.199589014 CEST | 1.1.1.1 | 192.168.2.4 | 0xdb57 | No error (0) | 1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.199589014 CEST | 1.1.1.1 | 192.168.2.4 | 0xdb57 | No error (0) | 196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:32.199589014 CEST | 1.1.1.1 | 192.168.2.4 | 0xdb57 | No error (0) | 196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:33.494854927 CEST | 1.1.1.1 | 192.168.2.4 | 0x56f8 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:33.495378971 CEST | 1.1.1.1 | 192.168.2.4 | 0x87bc | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:41.427148104 CEST | 1.1.1.1 | 192.168.2.4 | 0x5fb9 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:41.427148104 CEST | 1.1.1.1 | 192.168.2.4 | 0x5fb9 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:54.967437029 CEST | 1.1.1.1 | 192.168.2.4 | 0x6f32 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:51:54.967437029 CEST | 1.1.1.1 | 192.168.2.4 | 0x6f32 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:52:17.864250898 CEST | 1.1.1.1 | 192.168.2.4 | 0x3371 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:52:17.864250898 CEST | 1.1.1.1 | 192.168.2.4 | 0x3371 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 01:52:38.584342957 CEST | 1.1.1.1 | 192.168.2.4 | 0x4bd1 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 01:52:38.584342957 CEST | 1.1.1.1 | 192.168.2.4 | 0x4bd1 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49735 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:28 UTC | 1122 | OUT | |
2024-07-02 23:51:29 UTC | 1977 | IN | |
2024-07-02 23:51:29 UTC | 262 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 6075 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 8192 | IN | |
2024-07-02 23:51:29 UTC | 5514 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:30 UTC | 1139 | OUT | |
2024-07-02 23:51:30 UTC | 761 | IN | |
2024-07-02 23:51:30 UTC | 3735 | IN | |
2024-07-02 23:51:30 UTC | 8192 | IN | |
2024-07-02 23:51:30 UTC | 3818 | IN | |
2024-07-02 23:51:30 UTC | 7318 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49741 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:30 UTC | 1204 | OUT | |
2024-07-02 23:51:31 UTC | 768 | IN | |
2024-07-02 23:51:31 UTC | 3402 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 4144 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 3021 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49739 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:30 UTC | 1217 | OUT | |
2024-07-02 23:51:31 UTC | 779 | IN | |
2024-07-02 23:51:31 UTC | 3384 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 4151 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49740 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:30 UTC | 1217 | OUT | |
2024-07-02 23:51:31 UTC | 768 | IN | |
2024-07-02 23:51:31 UTC | 3944 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 3602 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 8192 | IN | |
2024-07-02 23:51:31 UTC | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49745 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:31 UTC | 161 | OUT | |
2024-07-02 23:51:31 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49746 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:31 UTC | 1089 | OUT | |
2024-07-02 23:51:32 UTC | 729 | IN | |
2024-07-02 23:51:32 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49747 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:32 UTC | 239 | OUT | |
2024-07-02 23:51:32 UTC | 515 | IN | |
2024-07-02 23:51:32 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49750 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:32 UTC | 1089 | OUT | |
2024-07-02 23:51:33 UTC | 736 | IN | |
2024-07-02 23:51:33 UTC | 3434 | IN | |
2024-07-02 23:51:33 UTC | 4452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 49751 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:32 UTC | 389 | OUT | |
2024-07-02 23:51:33 UTC | 730 | IN | |
2024-07-02 23:51:33 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.4 | 49752 | 13.107.136.10 | 443 | 3300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-02 23:51:33 UTC | 389 | OUT | |
2024-07-02 23:51:34 UTC | 732 | IN | |
2024-07-02 23:51:34 UTC | 3455 | IN | |
2024-07-02 23:51:34 UTC | 4431 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 19:51:19 |
Start date: | 02/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 19:51:24 |
Start date: | 02/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 19:51:26 |
Start date: | 02/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |