Windows
Analysis Report
https://quijotefoods-my.sharepoint.com/:o:/g/personal/nuria_vega_palacios_us/EvjUhubtVKJCgLuhY5Chp6MBgkkDAMsjXwhocdtqWkK-Bg?e=5%3aKcxBR3&at=9
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3496 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 932 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2336 --fi eld-trial- handle=223 6,i,131858 2559094227 9148,63427 4572440114 7017,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 6452 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://quijo tefoods-my .sharepoin t.com/:o:/ g/personal /nuria_veg a_palacios _us/EvjUhu btVKJCgLuh Y5Chp6MBgk kDAMsjXwho cdtqWkK-Bg ?e=5%3aKcx BR3&at=9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security | ||
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dual-spo-0005.spo-msedge.net | 13.107.136.10 | true | false | unknown | |
mira-ssc.tm-4.office.com | 52.107.243.199 | true | false | unknown | |
www.google.com | 142.250.185.100 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
quijotefoods-my.sharepoint.com | unknown | unknown | false | unknown | |
m365cdn.nel.measure.office.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
13.107.136.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
142.250.185.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
52.107.243.199 | mira-ssc.tm-4.office.com | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1466534 |
Start date and time: | 2024-07-03 02:53:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 2m 56s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://quijotefoods-my.sharepoint.com/:o:/g/personal/nuria_vega_palacios_us/EvjUhubtVKJCgLuhY5Chp6MBgkkDAMsjXwhocdtqWkK-Bg?e=5%3aKcxBR3&at=9 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@16/24@8/5 |
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.181.227, 142.250.185.174, 108.177.15.84, 34.104.35.123, 2.23.209.37, 2.23.209.42, 142.250.186.170, 142.250.185.202, 142.250.185.106, 142.250.185.170, 142.250.184.202, 142.250.181.234, 172.217.16.202, 142.250.185.74, 142.250.185.234, 142.250.185.138, 172.217.18.106, 142.250.186.42, 172.217.18.10, 142.250.184.234, 142.250.186.106, 172.217.16.138, 95.101.54.225, 95.101.54.226, 52.165.165.26, 93.184.221.240, 192.229.221.95, 13.85.23.206, 52.165.164.15, 142.250.184.195
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, wu.azureedge.net, clients2.google.com, 191768-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Input | Output |
---|---|
URL: https://quijotefoods-my.sharepoint.com/:o:/g/personal/nuria_vega_palacios_us/EvjUhubtVKJCgLuhY5Chp6MBgkkDAMsjXwhocdtqWkK-Bg?e=5%3aKcxBR3&at=9 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": false, |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: Invoice from Elore Enterprises, LLC Palacios USA To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next By clicking Next you allow Elore Enterprises, Inc. to use your email address in accordance with their privacy statement. Elore Enterprises, Inc. has not provided links to their terms for you to review. 2017 Microsoft Privacy & Cookies | |
URL: https://quijotefoods-my.sharepoint.com/:o:/g/personal/nuria_vega_palacios_us/EvjUhubtVKJCgLuhY5Chp6MBgkkDAMsjXwhocdtqWkK-Bg?e=5%3aKcxBR3&at=9 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": false, |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: Invoice from Elore Enterprises, LLC Palacios USA To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Your email address is required Next By clicking Next you allow Elore Enterprises, Inc. to use your email address in accordance with their privacy statement. Elore Enterprises, Inc. has not provided links to their terms for you to review. 2017 Microsoft Privacy & Cookies |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 102801 |
Entropy (8bit): | 5.336080509196147 |
Encrypted: | false |
SSDEEP: | 1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE |
MD5: | C89EAA5B28DF1E17376BE71D71649173 |
SHA1: | 2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD |
SHA-256: | 66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C |
SHA-512: | B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0 |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/ScriptResource.axd?d=PQdiZcrYS84uY1LXoMLvjkarI7Fy-yxP2od-UnqaBKohOmE2848d7AeZIug1TnfdwjbsPbTeSzDrQWe5fTOEoKQF8eRjTQX9N-xNL5pnbyT81w3KObGR4QjsxC39UQYIGhe-RJEBrqzmbgJ8hMraYA9mop5ByXH-L3xOnNw1mVp9QaWtFhpSWGiuj05E1Hzj0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 69211 |
Entropy (8bit): | 5.666340427307656 |
Encrypted: | false |
SSDEEP: | 1536:PlgguXaGh21WXBOxSPSW8N6fGNNKRQLdJs2wVXwGH3T:PLuvCGeTKRQLeVXwc |
MD5: | B00DDEDBA974BF0868100BF2E7CECCE6 |
SHA1: | 99DBA82854C1992F69EBF2AA150AE636E5F8186C |
SHA-256: | 46A5F1749948B093F605B50FF4B00AD19EC8C63A8BD009570ECA9D4BB1F8EA8F |
SHA-512: | 7A5245FB652ACC1634E1928AF52154883713D0D212EF6384AB23F6916D9F40E85A269281E7A4A05628692951D14047BDF9BF093EECD61BED7698D2CE1049852B |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/:o:/g/personal/nuria_vega_palacios_us/EvjUhubtVKJCgLuhY5Chp6MBgkkDAMsjXwhocdtqWkK-Bg?e=5%3aKcxBR3&at=9 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17672 |
Entropy (8bit): | 5.233316811547578 |
Encrypted: | false |
SSDEEP: | 384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM |
MD5: | 6EFDDF589864D2E146A55C01C6764A35 |
SHA1: | EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F |
SHA-256: | 2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999 |
SHA-512: | 1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/_layouts/15/images/microsoft-logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 215 |
Entropy (8bit): | 5.312465846508973 |
Encrypted: | false |
SSDEEP: | 6:JiMVBdgqZjZWtMfgRTH1KH0V4TZMRIOGqRIJ8g6n:MMHdVBZWyUTCs4SLCv6 |
MD5: | D635FCE47327D3293E6D307FA9241170 |
SHA1: | 11E33994535FE14D6832191E3199D88C0D8DEFD1 |
SHA-256: | 6BFBF53CCA307AC4733C6F3D559DF1FD3FF8048B0E254EB27998E6D66842B4A4 |
SHA-512: | 815F82270E43649B1A6670BCE9BA0B43C363A5D55F9E6338172EF9E905064013ED7D4D73E5AD6848A82778AA97F32BC680CE49924431B6ACF3FBD49C0E53E336 |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-21.012/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26951 |
Entropy (8bit): | 4.514992390210281 |
Encrypted: | false |
SSDEEP: | 384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v |
MD5: | B3D7A123BE5203A1A3F0F10233ED373F |
SHA1: | F4C61F321D8F79A805B356C6EC94090C0D96215C |
SHA-256: | EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192 |
SHA-512: | A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/ScriptResource.axd?d=deZZZp0hdMqIflvKGfW1jsumsSAUPiOIAVH428ThZnVCjHAK5Ep1jq9VytE0O-A5-t0Iw_YXl1ohnW3XRFJH_wNVBMUcnrZTXCLohMHzoEv2KXdgVA5UPzM_wGOAYrle5or4ZXF1nmk-jCS7Q_I0tZ6m6xXyEEgMjQFaAJ-o1XA1&t=ffffffffa8ad04d3 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40512 |
Entropy (8bit): | 5.386921349191213 |
Encrypted: | false |
SSDEEP: | 768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9 |
MD5: | 8DCE60169BA666CA03A31D123DB49908 |
SHA1: | 956C46BB6058C23D35440DCC656CE61C7B151399 |
SHA-256: | F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75 |
SHA-512: | 26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-21.012/spoguestaccesswebpack/spoguestaccess.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.702819531114783 |
Encrypted: | false |
SSDEEP: | 3:H6xhkY:aQY |
MD5: | 858372DD32511CB4DD08E48A93B4F175 |
SHA1: | CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43 |
SHA-256: | 3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359 |
SHA-512: | 6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0 |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAnhqVEEXTSFpRIFDfSCVyI=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40326 |
Entropy (8bit): | 5.245555585297941 |
Encrypted: | false |
SSDEEP: | 384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE |
MD5: | DA9DC1C32E89C02FC1E9EEB7E5AAB91E |
SHA1: | 3EFB110EFA6068CE6B586A67F87DA5125310BC30 |
SHA-256: | 398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1 |
SHA-512: | D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/ScriptResource.axd?d=pdu2AA1W_JESlMFegug_1MbXypFREmSwjI56aIogXwq_jz2F6hsxyPVckWwwoA_KAUrjoSnC4hKXYCEGkHbtGVTJR1vYhAU_7Aix7mgRI8Aiyoli1Bv1BaP_NbgqT31PT-vsPoXb1KvMHML2RdNKhDO8lMJ-VL8G7hLXuvKbusfaEu-C5_n6Lop7aeA-Yy7D0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23063 |
Entropy (8bit): | 4.7535440881548165 |
Encrypted: | false |
SSDEEP: | 384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG |
MD5: | 90EA7274F19755002360945D54C2A0D7 |
SHA1: | 647B5D8BF7D119A2C97895363A07A0C6EB8CD284 |
SHA-256: | 40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB |
SHA-512: | 7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07 |
Malicious: | false |
Reputation: | low |
URL: | https://quijotefoods-my.sharepoint.com/WebResource.axd?d=5BGtvGP8bbfKgwztZIIk-gYGm27nV0w_sIVRXxEISWziwytbyZ7eKMxouTPYDRgjVxz5riUYJIThJp_QDuRPtkoMrm_6lri23AVdrPxLXfY1&t=638533172441064469 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 02:54:11.843971014 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Jul 3, 2024 02:54:13.907666922 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 02:54:22.583894968 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:22.583935022 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:22.584045887 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:22.584207058 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:22.584218025 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:22.584379911 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:22.584397078 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:22.584424973 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:22.584603071 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:22.584614992 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.400181055 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.400183916 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.402867079 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.402892113 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.403038979 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.403049946 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.403953075 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.404037952 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.404089928 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.404144049 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.409365892 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.409436941 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.409878016 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.409941912 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.410100937 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.410118103 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.452939034 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.452950001 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:23.452997923 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.498557091 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:23.514843941 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 02:54:24.098041058 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.098069906 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.098102093 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.098114014 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.098124027 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.098129988 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.098150969 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.098198891 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.098212004 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.182560921 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.182617903 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.185211897 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.185226917 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.185269117 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.185281992 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.185309887 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.185324907 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.187612057 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.187629938 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.187659979 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.187669039 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.187699080 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.187715054 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.271960020 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.271975994 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.272011042 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.272018909 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.272030115 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.272063971 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.272423029 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.272464037 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.293381929 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.293405056 CEST | 443 | 49736 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.293415070 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.293456078 CEST | 49736 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.316040039 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.316061020 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.316113949 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.316333055 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.317739964 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.317750931 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.318747997 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.318758011 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.318811893 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.321341991 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.321367025 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.321422100 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.323899031 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.323909998 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.324498892 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.324512959 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.360507011 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886698961 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886720896 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886729002 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886759996 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886776924 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886804104 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886836052 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.886859894 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.886873007 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.886965036 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.887954950 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.887963057 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.888156891 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.888703108 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.888747931 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:24.888811111 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.912633896 CEST | 49735 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:24.912648916 CEST | 443 | 49735 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.151185989 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.153661966 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.158751965 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.195338964 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.205157995 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.205162048 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.271905899 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.271924973 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.272423029 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.272461891 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.272470951 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.273614883 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.273736000 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.275382042 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.275383949 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.275389910 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.275460958 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.275801897 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.276427984 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.276508093 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.277343988 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.277344942 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.277353048 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.277407885 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.277681112 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.277935982 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.281253099 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:25.281290054 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:25.281382084 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:25.283535004 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:25.283550978 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:25.320499897 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.320502043 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.328516006 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.633090973 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:25.633125067 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:25.633260965 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:25.636121988 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:25.636135101 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844309092 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844335079 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844341993 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844372988 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844391108 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844412088 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844413996 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.844428062 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.844504118 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.844504118 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.845973015 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.846009016 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.846087933 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.846087933 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.846097946 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.846467018 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.846880913 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.854039907 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854063034 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854089022 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854100943 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854129076 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.854135990 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854142904 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854217052 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.854217052 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.854633093 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854655981 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854671001 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854695082 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.854749918 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.854749918 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.854760885 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.855048895 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.856236935 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.856252909 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.856336117 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.856336117 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.856344938 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.856884003 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.856976032 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.856981993 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.857554913 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.857716084 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.859282970 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.859301090 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.859366894 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.859373093 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.906883001 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.907458067 CEST | 49743 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.907471895 CEST | 443 | 49743 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.914706945 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:25.917846918 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:25.917860031 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:25.918720007 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:25.918776035 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:25.929672956 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.929688931 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.929752111 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.932733059 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.932746887 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.936713934 CEST | 49742 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.936734915 CEST | 443 | 49742 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.940745115 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.940762997 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.940815926 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.940830946 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.940867901 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.949620008 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.949635029 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.949671984 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.949680090 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.949707031 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.949723959 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.950601101 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.950618029 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.950650930 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.950656891 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:25.950683117 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:25.950753927 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.028027058 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.028045893 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.028078079 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.028089046 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.028099060 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.028131008 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.028310061 CEST | 443 | 49741 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.028445959 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.028445959 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.028467894 CEST | 49741 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.267940044 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.268012047 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.270780087 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.270787001 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.271018982 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.313457966 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.360507011 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.448046923 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:26.448147058 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:26.501903057 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:26.501912117 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:26.528085947 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.528137922 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.528192997 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.545070887 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:26.571757078 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.571772099 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.571799994 CEST | 49745 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.571805954 CEST | 443 | 49745 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.718420982 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.718437910 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.718502998 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.719996929 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:26.720005035 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:26.796616077 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.796962976 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.796981096 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.797329903 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.839695930 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.839818001 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:26.879328966 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:26.920502901 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:27.352657080 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.352740049 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:27.367088079 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:27.367116928 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:27.367214918 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:27.367249966 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:27.367798090 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:27.540529013 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:27.540544033 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.540760040 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.576087952 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:27.591065884 CEST | 49746 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:27.591080904 CEST | 443 | 49746 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:27.616503000 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.757431984 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.757529974 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.758409023 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:27.758476019 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:27.758476019 CEST | 49748 | 443 | 192.168.2.4 | 2.19.104.72 |
Jul 3, 2024 02:54:27.758485079 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:27.758491993 CEST | 443 | 49748 | 2.19.104.72 | 192.168.2.4 |
Jul 3, 2024 02:54:28.042983055 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:28.043016911 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.043080091 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:28.043672085 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:28.043685913 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.191241026 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.191288948 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.191350937 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.195256948 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.195270061 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.758471012 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.759613991 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.759644985 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.760646105 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.760704994 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.832777023 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.832906008 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.836868048 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.836884022 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.851352930 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.852042913 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:28.852051973 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.852381945 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.853272915 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:28.853334904 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.853539944 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:28.889518976 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.900512934 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959480047 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959498882 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959547997 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.959561110 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959671974 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959717989 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.959723949 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959741116 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:28.959781885 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.980082035 CEST | 49751 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:28.980097055 CEST | 443 | 49751 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.217618942 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:29.217642069 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:29.217683077 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:29.217704058 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:29.217721939 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:29.217732906 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:29.217741013 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:29.217771053 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:29.218990088 CEST | 49750 | 443 | 192.168.2.4 | 52.107.243.199 |
Jul 3, 2024 02:54:29.219007015 CEST | 443 | 49750 | 52.107.243.199 | 192.168.2.4 |
Jul 3, 2024 02:54:29.223974943 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.223997116 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.224064112 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.224298000 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.224309921 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.851563931 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.851946115 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.851963997 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.852312088 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.852920055 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.852983952 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.853429079 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.896555901 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.993568897 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.993588924 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.993637085 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.993650913 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.993693113 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.993886948 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.993932962 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.994142056 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.994193077 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:29.994231939 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.995126963 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 02:54:29.995141029 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 02:54:35.835859060 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:35.835928917 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:54:35.835978031 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:37.299643040 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:54:37.299664021 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.082248926 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:25.082303047 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.082395077 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:25.082803965 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:25.082823992 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.730581045 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.731312990 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:25.731375933 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.731688976 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.734689951 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:25.734765053 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:25.780375957 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:35.656862974 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:35.656917095 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Jul 3, 2024 02:55:35.659375906 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:37.340790033 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 3, 2024 02:55:37.340862989 CEST | 443 | 49763 | 142.250.185.100 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 02:54:20.778353930 CEST | 53 | 50321 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:20.843997955 CEST | 53 | 51405 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:21.804516077 CEST | 53 | 58317 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:22.522758961 CEST | 53403 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:22.522934914 CEST | 54030 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:25.271240950 CEST | 57302 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:25.271240950 CEST | 57855 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:25.279181957 CEST | 53 | 57302 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:25.279200077 CEST | 53 | 57855 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:26.668123007 CEST | 53 | 49663 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:28.059086084 CEST | 57445 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:28.059390068 CEST | 57558 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:29.265947104 CEST | 50248 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:29.266279936 CEST | 58649 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 02:54:38.929291964 CEST | 53 | 50109 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:54:42.364583015 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jul 3, 2024 02:54:57.826420069 CEST | 53 | 63577 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:55:20.455699921 CEST | 53 | 64032 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 02:55:20.961132050 CEST | 53 | 59571 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 3, 2024 02:54:28.383882046 CEST | 192.168.2.4 | 1.1.1.1 | c368 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 02:54:22.522758961 CEST | 192.168.2.4 | 1.1.1.1 | 0xd4f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 02:54:22.522934914 CEST | 192.168.2.4 | 1.1.1.1 | 0x45be | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 02:54:25.271240950 CEST | 192.168.2.4 | 1.1.1.1 | 0x5049 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 02:54:25.271240950 CEST | 192.168.2.4 | 1.1.1.1 | 0x4b05 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 02:54:28.059086084 CEST | 192.168.2.4 | 1.1.1.1 | 0x1b3c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 02:54:28.059390068 CEST | 192.168.2.4 | 1.1.1.1 | 0xc365 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 02:54:29.265947104 CEST | 192.168.2.4 | 1.1.1.1 | 0xa098 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 02:54:29.266279936 CEST | 192.168.2.4 | 1.1.1.1 | 0x98fb | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | quijotefoods.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 12307-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 191768-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 191768-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.199 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.210 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.91 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.198 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.68 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.82 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.225.1 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.569097996 CEST | 1.1.1.1 | 192.168.2.4 | 0xd4f | No error (0) | 52.107.243.76 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.580897093 CEST | 1.1.1.1 | 192.168.2.4 | 0x45be | No error (0) | quijotefoods.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.580897093 CEST | 1.1.1.1 | 192.168.2.4 | 0x45be | No error (0) | 12307-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.580897093 CEST | 1.1.1.1 | 192.168.2.4 | 0x45be | No error (0) | 191768-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:22.580897093 CEST | 1.1.1.1 | 192.168.2.4 | 0x45be | No error (0) | 191768-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:25.279181957 CEST | 1.1.1.1 | 192.168.2.4 | 0x5049 | No error (0) | 142.250.185.100 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:25.279200077 CEST | 1.1.1.1 | 192.168.2.4 | 0x4b05 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | quijotefoods.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | 12307-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | 191768-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | 191768-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.119684935 CEST | 1.1.1.1 | 192.168.2.4 | 0x1b3c | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.383816004 CEST | 1.1.1.1 | 192.168.2.4 | 0xc365 | No error (0) | quijotefoods.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.383816004 CEST | 1.1.1.1 | 192.168.2.4 | 0xc365 | No error (0) | 12307-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.383816004 CEST | 1.1.1.1 | 192.168.2.4 | 0xc365 | No error (0) | 191768-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:28.383816004 CEST | 1.1.1.1 | 192.168.2.4 | 0xc365 | No error (0) | 191768-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:29.272770882 CEST | 1.1.1.1 | 192.168.2.4 | 0xa098 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:29.273313046 CEST | 1.1.1.1 | 192.168.2.4 | 0x98fb | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:36.890527964 CEST | 1.1.1.1 | 192.168.2.4 | 0xdce7 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:36.890527964 CEST | 1.1.1.1 | 192.168.2.4 | 0xdce7 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:49.991767883 CEST | 1.1.1.1 | 192.168.2.4 | 0x1101 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:54:49.991767883 CEST | 1.1.1.1 | 192.168.2.4 | 0x1101 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:55:12.961044073 CEST | 1.1.1.1 | 192.168.2.4 | 0x10ba | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:55:12.961044073 CEST | 1.1.1.1 | 192.168.2.4 | 0x10ba | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 02:55:33.538770914 CEST | 1.1.1.1 | 192.168.2.4 | 0xceff | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 02:55:33.538770914 CEST | 1.1.1.1 | 192.168.2.4 | 0xceff | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:23 UTC | 775 | OUT | |
2024-07-03 00:54:24 UTC | 2232 | IN | |
2024-07-03 00:54:24 UTC | 14152 | IN | |
2024-07-03 00:54:24 UTC | 2232 | IN | |
2024-07-03 00:54:24 UTC | 16375 | IN | |
2024-07-03 00:54:24 UTC | 16384 | IN | |
2024-07-03 00:54:24 UTC | 16384 | IN | |
2024-07-03 00:54:24 UTC | 3684 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:24 UTC | 794 | OUT | |
2024-07-03 00:54:24 UTC | 1071 | IN | |
2024-07-03 00:54:24 UTC | 15313 | IN | |
2024-07-03 00:54:24 UTC | 7750 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49743 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:25 UTC | 859 | OUT | |
2024-07-03 00:54:25 UTC | 1081 | IN | |
2024-07-03 00:54:25 UTC | 15303 | IN | |
2024-07-03 00:54:25 UTC | 1081 | IN | |
2024-07-03 00:54:25 UTC | 10567 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49741 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:25 UTC | 872 | OUT | |
2024-07-03 00:54:25 UTC | 1082 | IN | |
2024-07-03 00:54:25 UTC | 15302 | IN | |
2024-07-03 00:54:25 UTC | 1082 | IN | |
2024-07-03 00:54:25 UTC | 16375 | IN | |
2024-07-03 00:54:25 UTC | 16384 | IN | |
2024-07-03 00:54:25 UTC | 16384 | IN | |
2024-07-03 00:54:25 UTC | 9 | IN | |
2024-07-03 00:54:25 UTC | 16375 | IN | |
2024-07-03 00:54:26 UTC | 16384 | IN | |
2024-07-03 00:54:26 UTC | 4506 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49742 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:25 UTC | 872 | OUT | |
2024-07-03 00:54:25 UTC | 1080 | IN | |
2024-07-03 00:54:25 UTC | 15304 | IN | |
2024-07-03 00:54:25 UTC | 1080 | IN | |
2024-07-03 00:54:25 UTC | 16375 | IN | |
2024-07-03 00:54:25 UTC | 7567 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49745 | 2.19.104.72 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:26 UTC | 161 | OUT | |
2024-07-03 00:54:26 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49746 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:26 UTC | 744 | OUT | |
2024-07-03 00:54:27 UTC | 1039 | IN | |
2024-07-03 00:54:27 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49748 | 2.19.104.72 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:27 UTC | 239 | OUT | |
2024-07-03 00:54:27 UTC | 535 | IN | |
2024-07-03 00:54:27 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49751 | 13.107.136.10 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:28 UTC | 391 | OUT | |
2024-07-03 00:54:28 UTC | 726 | IN | |
2024-07-03 00:54:28 UTC | 1502 | IN | |
2024-07-03 00:54:28 UTC | 1829 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 49750 | 52.107.243.199 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:28 UTC | 744 | OUT | |
2024-07-03 00:54:29 UTC | 1044 | IN | |
2024-07-03 00:54:29 UTC | 7886 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.4 | 49752 | 13.107.136.10 | 443 | 932 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 00:54:29 UTC | 391 | OUT | |
2024-07-03 00:54:29 UTC | 732 | IN | |
2024-07-03 00:54:29 UTC | 3416 | IN | |
2024-07-03 00:54:29 UTC | 4470 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 20:54:16 |
Start date: | 02/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 20:54:19 |
Start date: | 02/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 20:54:21 |
Start date: | 02/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |