Windows
Analysis Report
https://eastwestseed-my.sharepoint.com/:o:/p/nannaphat_phansuk/Eidgp0Qg-HFArs_bxgJSxjYBoQDW3HefgIxqLzXf3wb6MA?e=5%3aUVSLsG&at=9
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3720 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 4500 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2244 --fi eld-trial- handle=198 0,i,456032 9446981615 15,8173837 6037201712 04,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 6500 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://eastw estseed-my .sharepoin t.com/:o:/ p/nannapha t_phansuk/ Eidgp0Qg-H FArs_bxgJS xjYBoQDW3H efgIxqLzXf 3wb6MA?e=5 %3aUVSLsG& at=9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
dual-spo-0005.spo-msedge.net | 13.107.136.10 | true | false | unknown | |
www.google.com | 216.58.206.68 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
eastwestseed-my.sharepoint.com | unknown | unknown | false | unknown | |
m365cdn.nel.measure.office.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
13.107.136.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1466590 |
Start date and time: | 2024-07-03 07:41:32 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://eastwestseed-my.sharepoint.com/:o:/p/nannaphat_phansuk/Eidgp0Qg-HFArs_bxgJSxjYBoQDW3HefgIxqLzXf3wb6MA?e=5%3aUVSLsG&at=9 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@16/22@8/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.131, 74.125.71.84, 172.217.16.206, 34.104.35.123, 2.23.209.54, 2.23.209.59, 2.23.209.56, 2.23.209.55, 2.23.209.53, 2.23.209.8, 2.23.209.9, 2.23.209.57, 2.23.209.58, 142.250.185.234, 142.250.185.74, 172.217.18.10, 142.250.186.42, 142.250.186.74, 172.217.23.106, 216.58.212.138, 142.250.185.170, 142.250.184.202, 142.250.185.138, 142.250.185.202, 142.250.185.106, 142.250.186.138, 216.58.206.74, 142.250.181.234, 216.58.206.42, 2.16.238.152, 2.16.238.149, 40.68.123.157, 199.232.214.172, 192.229.221.95, 13.95.31.18, 20.166.126.56, 142.250.184.195
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, 195888-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Input | Output |
---|---|
URL: https://eastwestseed-my.sharepoint.com/:o:/p/nannaphat_phansuk/Eidgp0Qg-HFArs_bxgJSxjYBoQDW3HefgIxqLzXf3wb6MA?e=5%3aUVSLsG&at=9 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": true, |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: Final Closing Documents To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next ay clicking Next you allow East-West Seed Company Limited to use your email address in accordance with their privacy statement. East-West Seed Company Limited has not prNided links to their terms for you to review. e 2017 Microsoft Privacy & Cookies |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.702819531114783 |
Encrypted: | false |
SSDEEP: | 3:H6xhkY:aQY |
MD5: | 858372DD32511CB4DD08E48A93B4F175 |
SHA1: | CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43 |
SHA-256: | 3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359 |
SHA-512: | 6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0 |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAktKYwfkVP-SRIFDfSCVyI=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23063 |
Entropy (8bit): | 4.7535440881548165 |
Encrypted: | false |
SSDEEP: | 384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG |
MD5: | 90EA7274F19755002360945D54C2A0D7 |
SHA1: | 647B5D8BF7D119A2C97895363A07A0C6EB8CD284 |
SHA-256: | 40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB |
SHA-512: | 7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07 |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/WebResource.axd?d=MRQVr0sCYQeFRZDlmuVhgl_WH2BtcdRFKn3KLSWGQq2AO5ongGm3TYumvKySFZe2jiMPxLAOD2q9JGYktPh3aS5L2gdcrWFPCuLPwOww-uY1&t=638533172441064469 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17672 |
Entropy (8bit): | 5.233316811547578 |
Encrypted: | false |
SSDEEP: | 384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM |
MD5: | 6EFDDF589864D2E146A55C01C6764A35 |
SHA1: | EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F |
SHA-256: | 2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999 |
SHA-512: | 1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26951 |
Entropy (8bit): | 4.514992390210281 |
Encrypted: | false |
SSDEEP: | 384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v |
MD5: | B3D7A123BE5203A1A3F0F10233ED373F |
SHA1: | F4C61F321D8F79A805B356C6EC94090C0D96215C |
SHA-256: | EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192 |
SHA-512: | A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/ScriptResource.axd?d=QM62FoVp8bO_VxEs62AS1SGG0pugyBdam5sP_osi62Y12zwBc_aG6lUkgVY_5sxTegshesRKY5FxBAew9yBjh7mv2yxEfGoC4Z3v9ZqRLyS8FyFTZ3CgH8mdIeL_TiiSqaqhhblvicMXIek1PsRIjJU6--PqEGbORyR6LIphGkE1&t=ffffffffa8ad04d3 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40326 |
Entropy (8bit): | 5.245555585297941 |
Encrypted: | false |
SSDEEP: | 384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE |
MD5: | DA9DC1C32E89C02FC1E9EEB7E5AAB91E |
SHA1: | 3EFB110EFA6068CE6B586A67F87DA5125310BC30 |
SHA-256: | 398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1 |
SHA-512: | D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/ScriptResource.axd?d=-4lq_X4hHAt2kvPZlvW5tRWqwfITh9FVtuvhLUqc_R5ZGXvhxFJbZuPY30RKqRxKlNK1DY0vJKZZpY0Z6ouQcxSc8ChAwUnIH2wmA9Y7QK4aCiu7Cf__BJ1EDKlryhEHjkXZ8cvAFAegCB4oiPhU1t875xK2ro-HQ08wUU_0GHfvQHmzyTAen7s4wIYrBMm30&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40512 |
Entropy (8bit): | 5.386921349191213 |
Encrypted: | false |
SSDEEP: | 768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9 |
MD5: | 8DCE60169BA666CA03A31D123DB49908 |
SHA1: | 956C46BB6058C23D35440DCC656CE61C7B151399 |
SHA-256: | F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75 |
SHA-512: | 26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/_layouts/15/images/microsoft-logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 69236 |
Entropy (8bit): | 5.669437846632591 |
Encrypted: | false |
SSDEEP: | 1536:PlgguXZthlMWXBOxSPSW8N6fGNNKSM5Js2wVXUaH3p:PLuPCGeTKSVVXUC |
MD5: | A78A847FFD9AF5B722D5AEC4C133C9FF |
SHA1: | 7A2B14CE5A04ADC3F940D1E84B92650FF9598BBE |
SHA-256: | 9978E157DFEDF1A92F6227B806A5050C647E275F2FD40D458CD317C238CBBC85 |
SHA-512: | 7BA80DE31E802774C7101B4E17EFD38D01C758C49244C9857B941E6EF6BE6EB93CF08DEFBA89AFC0773CC4BD462335DEFE4504EDC52FA54E876F292D443EEF09 |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/:o:/p/nannaphat_phansuk/Eidgp0Qg-HFArs_bxgJSxjYBoQDW3HefgIxqLzXf3wb6MA?e=5%3aUVSLsG&at=9 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 102801 |
Entropy (8bit): | 5.336080509196147 |
Encrypted: | false |
SSDEEP: | 1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE |
MD5: | C89EAA5B28DF1E17376BE71D71649173 |
SHA1: | 2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD |
SHA-256: | 66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C |
SHA-512: | B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0 |
Malicious: | false |
Reputation: | low |
URL: | https://eastwestseed-my.sharepoint.com/ScriptResource.axd?d=ie2Nnm_MCcBgk2RkJ-5P-S_7McEkBM8CrYvKsi73W5p5q_zr3BTiNetdjd5l5qY_GgBwxc4kilSZlHrFC_Pw4DzAO2EDijSKvgj8jdYhOPtzBLJSZq_KiYVyNQpf5Qf2WJF388eKCmMlslE9LQTcOcbKhND9tOfxbM-eMJMf6u0kY1Fz3HKF6BVK9ZmRr7vV0&t=74258c30 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 07:42:14.345652103 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Jul 3, 2024 07:42:15.470556021 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 07:42:23.940989017 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:23.941020012 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:23.941127062 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:23.941612005 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:23.941618919 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:23.941713095 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:23.942030907 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:23.942044973 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:23.942790031 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:23.942800045 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.501049042 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.502177954 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.502187967 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.503041983 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.503133059 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.506931067 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.506987095 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.507180929 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.507186890 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.517960072 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.521158934 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.521166086 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.522053003 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.522126913 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.524307966 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.524358034 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.550239086 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.565383911 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:24.565390110 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:24.606672049 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.084081888 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 07:42:25.284554005 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.284579992 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.284673929 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.284702063 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.284750938 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.285568953 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.285577059 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.285640001 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.285645008 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.285654068 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.285689116 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.329241991 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.458080053 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.458090067 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.458209991 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.458228111 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.459389925 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.459420919 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.459450960 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.459460974 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.459479094 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.460279942 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.460340977 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.460347891 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.499560118 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.546421051 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.546428919 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.546540022 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.546550035 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.593801022 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.632200003 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.632210016 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.632239103 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.632283926 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.632323980 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.632635117 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.632642031 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.632688999 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.632700920 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.633558035 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.633618116 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.633620024 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.633665085 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.644495964 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.644512892 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.651139975 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.651166916 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.651231050 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.651359081 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.651916027 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.651926041 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.651982069 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.652910948 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.652918100 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.652975082 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.653359890 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.653388977 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.653446913 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.653763056 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.653779984 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.654031038 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.654045105 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.654274940 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.654288054 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.654484034 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.654499054 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.692512989 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.960946083 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.960964918 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.961025953 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.961044073 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.961087942 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.961796999 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.961805105 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.961833954 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.961853981 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.961909056 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:25.962560892 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:25.962614059 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.051532984 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.051543951 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.051594973 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.051600933 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.051645994 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.053256989 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.053271055 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.216121912 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.216362953 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.216375113 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.216753006 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.217283010 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.217351913 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.217534065 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.217668056 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.217833996 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.217848063 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.218843937 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.218897104 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.219435930 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.219494104 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.222062111 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.237449884 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.237463951 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.237740993 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.237751007 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.238245010 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.241293907 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.255680084 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.255695105 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.256815910 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.256881952 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.260505915 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.261681080 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.261845112 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.261852026 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.261919022 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.271327019 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.271418095 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.271584034 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.271594048 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.284946918 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.314954996 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.314954996 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.513731003 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.513748884 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.513804913 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.513814926 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.514704943 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.514761925 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.514776945 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.515374899 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.515425920 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.515435934 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.565684080 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.565705061 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.565762043 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.565771103 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.565828085 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.566935062 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.566948891 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.566975117 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.566986084 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.566989899 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.567023993 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.567034006 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.567048073 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.569226980 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.601146936 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.601155043 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.601202011 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.601214886 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.601224899 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.601253033 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.601274014 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.601346970 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.601696968 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.601703882 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.608575106 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.654386997 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.654396057 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.654473066 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.654488087 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.654889107 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.654897928 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.654947996 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.654957056 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.655863047 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.655900955 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.655915976 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.655922890 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.655949116 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.656008959 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.656055927 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.670161009 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:26.670181036 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:26.670351982 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:26.670728922 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:26.670741081 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:26.685641050 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.685647964 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.907006025 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.907030106 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.907103062 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.907115936 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.907166004 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.907780886 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.907788992 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.907882929 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.907891035 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.908516884 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.908576012 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.908581972 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.908631086 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.950934887 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.950959921 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.951029062 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.951047897 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.951092958 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.951100111 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.951111078 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:26.951189995 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.968004942 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:26.968014002 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.117108107 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.117214918 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.117223978 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.117898941 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.117971897 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.117979050 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.118697882 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.118751049 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.118765116 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.119636059 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.119699955 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.119713068 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.172168970 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.257926941 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.257939100 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.257965088 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.257987976 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.258025885 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.258466959 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.258476019 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.258524895 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.258559942 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.258565903 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.259287119 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.259324074 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.259365082 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.259365082 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.259375095 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.260123968 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.260181904 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.260191917 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.260421038 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.260488033 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.260493994 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.261111021 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.261169910 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.261178017 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.261246920 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.261290073 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.261295080 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.261322021 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.261389971 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.277573109 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.277589083 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.327688932 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:27.371529102 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:27.377888918 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:27.377895117 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:27.378834009 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:27.378897905 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:27.385782957 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:27.385840893 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:27.426120996 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:27.426130056 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:27.468816042 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:27.519725084 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.519742012 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.519793034 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.520412922 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:27.520426035 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:27.720011950 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:27.720041990 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:27.720139027 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:27.721895933 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:27.721910954 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:28.093872070 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.094146967 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.094161034 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.094492912 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.094917059 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.094981909 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.095056057 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.136522055 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.227247953 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.227266073 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.227324963 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.240252018 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.240267992 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.360934019 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:28.361008883 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:28.617970943 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:28.618030071 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:28.618359089 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:28.672581911 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:28.762573004 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.762598038 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.762650013 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.762667894 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.762779951 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.763101101 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.763148069 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.763278961 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.763328075 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.763572931 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.793992043 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.844440937 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.881882906 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.881890059 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.882985115 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.883066893 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.894136906 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.894212008 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.897435904 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.897443056 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.932930946 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:28.938198090 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.972902060 CEST | 49747 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:28.972910881 CEST | 443 | 49747 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:28.976510048 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.002266884 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.002306938 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.002397060 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.002778053 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.002790928 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.121388912 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.121449947 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.121620893 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.121788979 CEST | 49749 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.121828079 CEST | 443 | 49749 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.183476925 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.183525085 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.183619022 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.184572935 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.184604883 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.577832937 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.578125000 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.578141928 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.578480959 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.578986883 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.579046011 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.579278946 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.620496035 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.745114088 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.745146036 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.745198011 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.745208979 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.745249987 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.745259047 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.745306969 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.745347023 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.747545004 CEST | 49750 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.747550011 CEST | 443 | 49750 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.823955059 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.824031115 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.826905012 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.826917887 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.827167034 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:29.828988075 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:29.864329100 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.864351034 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.864408970 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.864425898 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.864466906 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.865027905 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.865089893 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.865098953 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.865127087 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.865722895 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 07:42:29.865736008 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 07:42:29.872499943 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:30.102452040 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:30.102516890 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:30.102612972 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:30.103940010 CEST | 49754 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 07:42:30.103954077 CEST | 443 | 49754 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 07:42:37.246197939 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:37.246253967 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:42:37.246396065 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:38.853833914 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:42:38.853857040 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:26.719413042 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:26.719506025 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:26.719638109 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:26.719799995 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:26.719825029 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:27.376156092 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:27.376425982 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:27.376466036 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:27.376761913 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:27.377073050 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:27.377140045 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:27.420166969 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:33.301357985 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 3, 2024 07:43:33.301496983 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 3, 2024 07:43:33.307535887 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Jul 3, 2024 07:43:33.307549000 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Jul 3, 2024 07:43:33.307615995 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 3, 2024 07:43:33.307616949 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 3, 2024 07:43:37.279539108 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:37.279598951 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 07:43:37.279839993 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:38.731364012 CEST | 49764 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 07:43:38.731395960 CEST | 443 | 49764 | 216.58.206.68 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 07:42:22.352756023 CEST | 53 | 61498 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:22.406330109 CEST | 53 | 63895 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:23.506669998 CEST | 53 | 56553 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:23.894882917 CEST | 57440 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:23.897310019 CEST | 56164 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:26.660662889 CEST | 59720 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:26.661389112 CEST | 50075 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:26.668725014 CEST | 53 | 59720 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:26.668736935 CEST | 53 | 50075 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:27.525707006 CEST | 53 | 54161 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:28.184622049 CEST | 62609 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:28.185003042 CEST | 60775 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:29.105945110 CEST | 61198 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:29.106220007 CEST | 62253 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 07:42:40.570816040 CEST | 53 | 56328 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:42:44.866235018 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jul 3, 2024 07:42:59.589379072 CEST | 53 | 56818 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:43:21.973064899 CEST | 53 | 57142 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 07:43:22.249273062 CEST | 53 | 62709 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 07:42:23.894882917 CEST | 192.168.2.4 | 1.1.1.1 | 0x28d7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 07:42:23.897310019 CEST | 192.168.2.4 | 1.1.1.1 | 0x404a | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 07:42:26.660662889 CEST | 192.168.2.4 | 1.1.1.1 | 0x2e18 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 07:42:26.661389112 CEST | 192.168.2.4 | 1.1.1.1 | 0x2d85 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 07:42:28.184622049 CEST | 192.168.2.4 | 1.1.1.1 | 0x83a9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 07:42:28.185003042 CEST | 192.168.2.4 | 1.1.1.1 | 0x18e9 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 07:42:29.105945110 CEST | 192.168.2.4 | 1.1.1.1 | 0x4cc4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 07:42:29.106220007 CEST | 192.168.2.4 | 1.1.1.1 | 0xea3b | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 07:42:23.932099104 CEST | 1.1.1.1 | 192.168.2.4 | 0x404a | No error (0) | eastwestseed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.932099104 CEST | 1.1.1.1 | 192.168.2.4 | 0x404a | No error (0) | 197-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.932099104 CEST | 1.1.1.1 | 192.168.2.4 | 0x404a | No error (0) | 195888-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.932099104 CEST | 1.1.1.1 | 192.168.2.4 | 0x404a | No error (0) | 195888-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | eastwestseed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | 197-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | 195888-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | 195888-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:23.939889908 CEST | 1.1.1.1 | 192.168.2.4 | 0x28d7 | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:26.668725014 CEST | 1.1.1.1 | 192.168.2.4 | 0x2e18 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:26.668736935 CEST | 1.1.1.1 | 192.168.2.4 | 0x2d85 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | eastwestseed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | 197-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | 195888-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | 195888-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.222760916 CEST | 1.1.1.1 | 192.168.2.4 | 0x83a9 | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.224159956 CEST | 1.1.1.1 | 192.168.2.4 | 0x18e9 | No error (0) | eastwestseed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.224159956 CEST | 1.1.1.1 | 192.168.2.4 | 0x18e9 | No error (0) | 197-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.224159956 CEST | 1.1.1.1 | 192.168.2.4 | 0x18e9 | No error (0) | 195888-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:28.224159956 CEST | 1.1.1.1 | 192.168.2.4 | 0x18e9 | No error (0) | 195888-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:29.113466024 CEST | 1.1.1.1 | 192.168.2.4 | 0xea3b | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:29.113774061 CEST | 1.1.1.1 | 192.168.2.4 | 0x4cc4 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:38.910655022 CEST | 1.1.1.1 | 192.168.2.4 | 0xc0ea | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:38.910655022 CEST | 1.1.1.1 | 192.168.2.4 | 0xc0ea | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:39.433528900 CEST | 1.1.1.1 | 192.168.2.4 | 0x2c07 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:39.433528900 CEST | 1.1.1.1 | 192.168.2.4 | 0x2c07 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:52.510935068 CEST | 1.1.1.1 | 192.168.2.4 | 0xcb27 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:42:52.510935068 CEST | 1.1.1.1 | 192.168.2.4 | 0xcb27 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:43:14.665761948 CEST | 1.1.1.1 | 192.168.2.4 | 0x68e9 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:43:14.665761948 CEST | 1.1.1.1 | 192.168.2.4 | 0x68e9 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 07:43:35.384701967 CEST | 1.1.1.1 | 192.168.2.4 | 0xb619 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 07:43:35.384701967 CEST | 1.1.1.1 | 192.168.2.4 | 0xb619 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49735 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:24 UTC | 761 | OUT | |
2024-07-03 05:42:25 UTC | 1974 | IN | |
2024-07-03 05:42:25 UTC | 2196 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 4144 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 5552 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:25 UTC | 780 | OUT | |
2024-07-03 05:42:25 UTC | 753 | IN | |
2024-07-03 05:42:25 UTC | 3394 | IN | |
2024-07-03 05:42:25 UTC | 8192 | IN | |
2024-07-03 05:42:25 UTC | 4167 | IN | |
2024-07-03 05:42:26 UTC | 7310 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49742 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:26 UTC | 845 | OUT | |
2024-07-03 05:42:26 UTC | 768 | IN | |
2024-07-03 05:42:26 UTC | 1775 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 5771 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 3021 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49743 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:26 UTC | 858 | OUT | |
2024-07-03 05:42:26 UTC | 768 | IN | |
2024-07-03 05:42:26 UTC | 3402 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 4144 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN | |
2024-07-03 05:42:27 UTC | 8192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49741 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:26 UTC | 858 | OUT | |
2024-07-03 05:42:26 UTC | 768 | IN | |
2024-07-03 05:42:26 UTC | 3402 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 4144 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 8192 | IN | |
2024-07-03 05:42:26 UTC | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49744 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:26 UTC | 730 | OUT | |
2024-07-03 05:42:26 UTC | 727 | IN | |
2024-07-03 05:42:26 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49747 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:28 UTC | 730 | OUT | |
2024-07-03 05:42:28 UTC | 730 | IN | |
2024-07-03 05:42:28 UTC | 3440 | IN | |
2024-07-03 05:42:28 UTC | 4446 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49750 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:28 UTC | 391 | OUT | |
2024-07-03 05:42:29 UTC | 727 | IN | |
2024-07-03 05:42:29 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49749 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:28 UTC | 161 | OUT | |
2024-07-03 05:42:29 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 49752 | 13.107.136.10 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:29 UTC | 391 | OUT | |
2024-07-03 05:42:29 UTC | 733 | IN | |
2024-07-03 05:42:29 UTC | 3437 | IN | |
2024-07-03 05:42:29 UTC | 4449 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.4 | 49754 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 05:42:29 UTC | 239 | OUT | |
2024-07-03 05:42:30 UTC | 515 | IN | |
2024-07-03 05:42:30 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 01:42:16 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 01:42:20 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 01:42:22 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |