Windows
Analysis Report
https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 940 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 6384 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2332 --fi eld-trial- handle=201 6,i,157950 4515720050 4094,34726 5669944979 8047,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 1084 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://bombe irosamora- my.sharepo int.com/:o :/g/person al/geral_c omando_bom beirosamor a_pt/EqT53 jeWO6ZGkv1 O_1FowosB2 CSGfrKDmTZ iEPPt31Ds7 g?e=5%3aGF x4a1&at=9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Registry Run Keys / Startup Folder | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dual-spo-0005.spo-msedge.net | 13.107.136.10 | true | false | unknown | |
189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com | 52.105.48.53 | true | false | unknown | |
www.google.com | 142.250.186.100 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
bombeirosamora-my.sharepoint.com | unknown | unknown | false | unknown | |
m365cdn.nel.measure.office.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false | unknown | ||
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
13.107.136.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
52.105.48.53 | 189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.100 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.8 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1466757 |
Start date and time: | 2024-07-03 11:05:09 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 21s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@16/30@8/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.131, 142.250.185.174, 64.233.184.84, 34.104.35.123, 23.38.98.98, 23.38.98.104, 23.38.98.111, 23.38.98.76, 23.38.98.102, 23.38.98.68, 23.38.98.67, 23.38.98.84, 23.38.98.103, 142.250.186.106, 142.250.186.42, 142.250.74.202, 142.250.186.138, 216.58.206.42, 142.250.185.138, 142.250.184.202, 142.250.185.170, 142.250.181.234, 142.250.185.106, 142.250.184.234, 142.250.185.202, 142.250.186.170, 172.217.18.10, 172.217.16.202, 142.250.185.234, 2.19.126.200, 2.19.126.199, 13.85.23.86, 93.184.221.240, 192.229.221.95, 20.3.187.198, 20.166.126.56, 216.58.206.35
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Input | Output |
---|---|
URL: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": true, |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: Urgent Request To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next ay clicking Next you allow Associago HumanitSria 30mbeiros Mistos Amora to use your email address in accordance with their privacy statement. Associa$o HumanitSria Bombeiros Mistas de Amora has not prNided links to their terms for you to review. 2017 Microsoft Privacy & Cookies |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.981503591969161 |
Encrypted: | false |
SSDEEP: | 48:8z4pd3TvfDHpidAKZdA19ehwiZUklqehGy+3:8Ejjfdy |
MD5: | 1FAA1F73D027D441E3B9C486CDD93A5B |
SHA1: | FEC8BA43E48D1FECFF3544F7654F9DC4128D01C1 |
SHA-256: | B4314A08B63215E1E0AC419D90094D3AEA4E9E04F2DACA61EDC4EA0800F406E8 |
SHA-512: | 99C8F4F7F331D6193948D847A51B1577B2CFFCE4D4DBC7083EB4AF0840E0111882B6051A879DB1B18C0091A5EB07A7B2C15ED23BA8540CDBF1CEBD7092B88F11 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9984289440736025 |
Encrypted: | false |
SSDEEP: | 48:8cmpd3TvfDHpidAKZdA1weh/iZUkAQkqehNy+2:8cmjjl9QQy |
MD5: | B07A6A342EDABAD916ECFB50EFBE9BBF |
SHA1: | C6AB9ED371967847FE5D2F2D10D0F5E5A5157B9A |
SHA-256: | 6E77D7F2348D17FB43988AB1DAF0D4FE57AA6FB67E3E4298C9043E931DDF0478 |
SHA-512: | AE888D56A7DF793A522531F16692271730735833088F1C68262B40BF026B35385FC2B53C439F0CD621F3590D7922F79B519C3E7264D14233107321A2786BC220 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.006483303327855 |
Encrypted: | false |
SSDEEP: | 48:8xwd3TvfsHpidAKZdA14tseh7sFiZUkmgqeh7sHy+BX:8xMj4nxy |
MD5: | E680D230362DACCA67FFF654A78703BD |
SHA1: | BC372D03EC01BAC839117281E0E3A1BF3210CFBA |
SHA-256: | 433AB2ECD9F90B730BEDF690CC6437E4265C4D5B378555022336DD73045503C0 |
SHA-512: | 7488899AC2293CD12CB3AF29508A9199A989437607E04864EAF14EE5C2A2B01E6154DE5553AA7CA01522B0C1B6601BE3A6F198DAF1DCBE209511996F83691D21 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.998056393034064 |
Encrypted: | false |
SSDEEP: | 48:8Rpd3TvfDHpidAKZdA1vehDiZUkwqehJy+R:8Rjjmfy |
MD5: | F790DEBCF5F179007B3741841EB60FC4 |
SHA1: | 0CAD16FBD477125E238C79572D3E6B70131DBF36 |
SHA-256: | 99F0589478945F1A8EAF602A2388B730589533E5702FECB5F9DA2FD4018B5F87 |
SHA-512: | 76C369EE4337A3F2C07D8E1DCD56BDC6A047D4B85DE640BBB20E58F512C4A32652E876AC434B122AADBC520AD13CF99AA03C1A1F0CD27C05ABA07718DEA3EE97 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9863748470841096 |
Encrypted: | false |
SSDEEP: | 48:8mpd3TvfDHpidAKZdA1hehBiZUk1W1qehLy+C:8mjjm9ry |
MD5: | 69531B97CB3FABD7EDD08D4CECF8E219 |
SHA1: | 3B218B3041EA5FCAED946481FC1F79AD27C7BDA3 |
SHA-256: | 42D6361FB879E1ABF2A694485A26826AEFB16A0E85CC6C018031620E9BED2067 |
SHA-512: | A1A7554488F26B4C6F445A8AF02280B82BE8BE89DB459984E518C9F875E9FC73FCF83E2BF3CC72941117D03FCDEAD606F985D2A3A5679DE52010373B5FD6A95F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9974332608569982 |
Encrypted: | false |
SSDEEP: | 48:8upd3TvfDHpidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbxy+yT+:8ujj4T/TbxWOvTbxy7T |
MD5: | 51A4B2B14A3EC1EBCBB3F94AF0D3658F |
SHA1: | 1E2492D42226FAD142399FACE51FC1E9B693395A |
SHA-256: | EA39C203E879292AF4EBC99754DCAD45AD8B9BA10143D1D9E0F91FCAA68EEDA9 |
SHA-512: | 0CDC8F218E5A149B1FAA5D6F17969DF4CB489E9AB2272F150BB131D0B34EA5F958EC9892BC3123BCF620A2607D3F3EF8D68B61524DE05B12FF9E18D097F27671 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17672 |
Entropy (8bit): | 5.233316811547578 |
Encrypted: | false |
SSDEEP: | 384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM |
MD5: | 6EFDDF589864D2E146A55C01C6764A35 |
SHA1: | EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F |
SHA-256: | 2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999 |
SHA-512: | 1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25019.12007/require.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26951 |
Entropy (8bit): | 4.514992390210281 |
Encrypted: | false |
SSDEEP: | 384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v |
MD5: | B3D7A123BE5203A1A3F0F10233ED373F |
SHA1: | F4C61F321D8F79A805B356C6EC94090C0D96215C |
SHA-256: | EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192 |
SHA-512: | A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 69309 |
Entropy (8bit): | 5.672493197204774 |
Encrypted: | false |
SSDEEP: | 1536:PlgguXE0hUnWXBOxSPSW8N6fGNNKz0t6Js2wVXUaH3o:PLuDCGeTKz0nVXUN |
MD5: | 563FAC679355CD9FC5214D41051166D1 |
SHA1: | 8316B11EEB38F99BCA37DA10F57AFE5F651FBEE2 |
SHA-256: | 95566890508FE0E2F7F7C12136FC6C35148D69605ACB5AC0451654569D48A1EC |
SHA-512: | 20E263A771106DA9D763FEAA6374F86C29CF12A951AF01F7D47E5C233EF99183C8A1C5BCF12FCAD296F7CB8DD1A8829E7F6083CD8294D399E6202A3F7558B7EF |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.702819531114783 |
Encrypted: | false |
SSDEEP: | 3:H6xhkY:aQY |
MD5: | 858372DD32511CB4DD08E48A93B4F175 |
SHA1: | CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43 |
SHA-256: | 3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359 |
SHA-512: | 6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0 |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAnq3J4hoa5xcRIFDfSCVyI=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40326 |
Entropy (8bit): | 5.245555585297941 |
Encrypted: | false |
SSDEEP: | 384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE |
MD5: | DA9DC1C32E89C02FC1E9EEB7E5AAB91E |
SHA1: | 3EFB110EFA6068CE6B586A67F87DA5125310BC30 |
SHA-256: | 398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1 |
SHA-512: | D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40512 |
Entropy (8bit): | 5.386921349191213 |
Encrypted: | false |
SSDEEP: | 768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9 |
MD5: | 8DCE60169BA666CA03A31D123DB49908 |
SHA1: | 956C46BB6058C23D35440DCC656CE61C7B151399 |
SHA-256: | F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75 |
SHA-512: | 26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 215 |
Entropy (8bit): | 5.292237848254463 |
Encrypted: | false |
SSDEEP: | 6:JiMVBdgqZjZWtMfgRTH1wcG1g/w6RIOOm9H8g6n:MMHdVBZWyUT+cog/N3P6 |
MD5: | C7BCA5070C10AF17A113F836E909607A |
SHA1: | EAC76D86C849BD45AEFE582B2087138636559BD2 |
SHA-256: | CA9E762AD2477D5D0A44B6806FEC5D739156B35547255E7C550E07E801BEE6F6 |
SHA-512: | CB25FE23BB0AC8B2ABE50D64521DA26FCD16990ED9565F4F6A047DCE0B1C7F2701B2E965942BAB8E7A76E9DD184EEBEE65C6FB2808CB64FF793D1B248B54B598 |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 102801 |
Entropy (8bit): | 5.336080509196147 |
Encrypted: | false |
SSDEEP: | 1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE |
MD5: | C89EAA5B28DF1E17376BE71D71649173 |
SHA1: | 2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD |
SHA-256: | 66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C |
SHA-512: | B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0 |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23063 |
Entropy (8bit): | 4.7535440881548165 |
Encrypted: | false |
SSDEEP: | 384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG |
MD5: | 90EA7274F19755002360945D54C2A0D7 |
SHA1: | 647B5D8BF7D119A2C97895363A07A0C6EB8CD284 |
SHA-256: | 40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB |
SHA-512: | 7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07 |
Malicious: | false |
Reputation: | low |
URL: | https://bombeirosamora-my.sharepoint.com/WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 11:06:03.542718887 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:03.545350075 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:03.652101040 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:09.818521976 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:09.818552971 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:09.818629026 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:09.818907022 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:09.818917036 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:09.818970919 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:09.819160938 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:09.819175959 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:09.819324970 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:09.819335938 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.385685921 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.394679070 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.394709110 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.395785093 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.395874977 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.402868032 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.402997971 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.403074980 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.403084040 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.406894922 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.419177055 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.419189930 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.420422077 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.420473099 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.422729015 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.422801971 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.457736969 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.473170042 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:10.473181009 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:10.522075891 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.011348009 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.011375904 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.011488914 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.011517048 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.011564016 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.016382933 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.016391039 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.016499043 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.016505957 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.017092943 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.017148018 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.017154932 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.017189980 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.099455118 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.099603891 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.099633932 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.101393938 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.101479053 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.101486921 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.102540970 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.102602005 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.102608919 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.104625940 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.104690075 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.104696989 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.158427000 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.184138060 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.184149981 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.184230089 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.184245110 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.185636044 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.185643911 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.185719967 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.185728073 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.186820030 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.186882019 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.186887980 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.186919928 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.186955929 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.200949907 CEST | 49709 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.200965881 CEST | 443 | 49709 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.210938931 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.210993052 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.211050987 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.211102009 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.211925030 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.211940050 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.213610888 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.213622093 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.213677883 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.214297056 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.214308977 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.216087103 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.216095924 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.216165066 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.216639996 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.216648102 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.216696024 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.217143059 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.217150927 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.217587948 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.217597961 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.252533913 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.428349972 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.430164099 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.430172920 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.430207014 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.430213928 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.430242062 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.430255890 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.432300091 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.432308912 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.432329893 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.432352066 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.432362080 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.432393074 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.473861933 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.522459984 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.522475004 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.522502899 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.522526979 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.522569895 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.522582054 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.522603989 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.522650003 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.558753967 CEST | 49710 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.558784008 CEST | 443 | 49710 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.768043995 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.768621922 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.768641949 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.769752979 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.769814014 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.772017002 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.772079945 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.772274017 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.772281885 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.777714968 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.778275967 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.778301001 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.778666973 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.779377937 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.779448032 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.780035019 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.795855045 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.796116114 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.796124935 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.796502113 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.797254086 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.797318935 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.797832012 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.812349081 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.812763929 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.812772036 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.813811064 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.813895941 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.815146923 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.815203905 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.815789938 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.815797091 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.816740036 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.820501089 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.844508886 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.861227036 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.981158018 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.982911110 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.982919931 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.982978106 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.983000994 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.983026981 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.984147072 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.984205961 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.984217882 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.984268904 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.987771988 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.987802029 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.987840891 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.987850904 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.989211082 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.989275932 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.989284039 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.990070105 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:11.990139961 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:11.990148067 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.014502048 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.016280890 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.016290903 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.016369104 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.016387939 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.016427994 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.017424107 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.017493963 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.027148962 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.027189016 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.027244091 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.028018951 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.028031111 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.033535957 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.033562899 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.033617020 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.033639908 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.033685923 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.034662008 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.034729004 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.034770012 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.035937071 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.042191029 CEST | 49718 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.042216063 CEST | 443 | 49718 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.068721056 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.068803072 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.068821907 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.069726944 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.069773912 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.069782972 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.069834948 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.069844007 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.069880009 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.071439028 CEST | 49717 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.071458101 CEST | 443 | 49717 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.077876091 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.077887058 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.077944040 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.077961922 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.079655886 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.079726934 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.079736948 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.081368923 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.081428051 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.081435919 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.082998991 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.083066940 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.083074093 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.106962919 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.107039928 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.107064009 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.110488892 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.110553980 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.110563993 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.111777067 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.111917019 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.112029076 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.112068892 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.114218950 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:12.114253044 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:12.114320040 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:12.115360022 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:12.115372896 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:12.117222071 CEST | 49715 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.117238998 CEST | 443 | 49715 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.129328966 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.165365934 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.165376902 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.165448904 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.165473938 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.166917086 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.166924953 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.166975975 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.166982889 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.168654919 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.168693066 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.168711901 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.168719053 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.168770075 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.170120955 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.170129061 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.170185089 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.170190096 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.170228958 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.171845913 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.171920061 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.171926022 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.173484087 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.173553944 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.173559904 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.174372911 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.174441099 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.174444914 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.174463987 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.174506903 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.177982092 CEST | 49716 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.178002119 CEST | 443 | 49716 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.672828913 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.680636883 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.680672884 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.681777000 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.681906939 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.739418030 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.739552021 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.785828114 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:12.785852909 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:12.807008982 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.807019949 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.807399988 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.807811975 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:12.807823896 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:12.831588030 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:13.001811028 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.007617950 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.007631063 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.008825064 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.009013891 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.016433001 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.016541004 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.017132044 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.017143011 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.067616940 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.142380953 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:13.142479897 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:13.261791945 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.261814117 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.262130022 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.262160063 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.267241001 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:13.267307997 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.380290031 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.403634071 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.403676987 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.404489040 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.405163050 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.405342102 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.405654907 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.409043074 CEST | 49720 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:13.409070969 CEST | 443 | 49720 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:13.429017067 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:13.429058075 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:13.429461002 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:13.435170889 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:13.435188055 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:13.448513031 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.454758883 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.603708029 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.603733063 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.603785038 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.603807926 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.603849888 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.604427099 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.604434967 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.604470968 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.604629993 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.604693890 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:13.604727030 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.668936014 CEST | 49722 | 443 | 192.168.2.5 | 13.107.136.10 |
Jul 3, 2024 11:06:13.668962002 CEST | 443 | 49722 | 13.107.136.10 | 192.168.2.5 |
Jul 3, 2024 11:06:14.110183954 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.110270023 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.114455938 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.114470005 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.114715099 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.163001060 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.171530962 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.212516069 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.374691963 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.374761105 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.374804974 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.374922991 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.374948025 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.374958038 CEST | 49724 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.374965906 CEST | 443 | 49724 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.424421072 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:14.424459934 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:14.424526930 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:14.424948931 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:14.424969912 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:14.438997030 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.439039946 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.439099073 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.466252089 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:14.466279030 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:14.907038927 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:14.907238960 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:15.127315998 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.127485037 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:15.138384104 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:15.138413906 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.138720036 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.141232014 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:15.184510946 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.217586994 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.218354940 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:15.218389034 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.218703032 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.220295906 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:15.220376968 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.220566034 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:15.264506102 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.401751041 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.401818991 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.401915073 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:15.445168018 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:15.445204973 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.445240021 CEST | 49728 | 443 | 192.168.2.5 | 23.43.61.160 |
Jul 3, 2024 11:06:15.445247889 CEST | 443 | 49728 | 23.43.61.160 | 192.168.2.5 |
Jul 3, 2024 11:06:15.546807051 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.546837091 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.546931028 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:15.546938896 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:15.547013998 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:15.547894955 CEST | 49726 | 443 | 192.168.2.5 | 52.105.48.53 |
Jul 3, 2024 11:06:15.547919989 CEST | 443 | 49726 | 52.105.48.53 | 192.168.2.5 |
Jul 3, 2024 11:06:22.578334093 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:22.578399897 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:22.578502893 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:24.290069103 CEST | 49719 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:06:24.290106058 CEST | 443 | 49719 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:06:26.151884079 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:26.152007103 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:26.152539968 CEST | 49735 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:26.152636051 CEST | 443 | 49735 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:26.152710915 CEST | 49735 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:26.153018951 CEST | 49735 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:26.153033018 CEST | 443 | 49735 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:26.156774998 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:26.156790018 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:26.774148941 CEST | 443 | 49735 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:26.774245977 CEST | 49735 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:06:45.934643984 CEST | 443 | 49735 | 23.1.237.91 | 192.168.2.5 |
Jul 3, 2024 11:06:45.934741020 CEST | 49735 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 3, 2024 11:07:12.066873074 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:12.066967010 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:12.067063093 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:12.079241037 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:12.079262018 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:12.730182886 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:12.730910063 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:12.730926991 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:12.731255054 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:12.731668949 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:12.731735945 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:12.783796072 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:22.633694887 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:22.633758068 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Jul 3, 2024 11:07:22.633909941 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:24.285620928 CEST | 49740 | 443 | 192.168.2.5 | 142.250.186.100 |
Jul 3, 2024 11:07:24.285655022 CEST | 443 | 49740 | 142.250.186.100 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 11:06:08.079169035 CEST | 53 | 63783 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:08.144959927 CEST | 53 | 50491 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:09.203687906 CEST | 53 | 63632 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:09.762794971 CEST | 62648 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:09.764296055 CEST | 54261 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:12.014867067 CEST | 52215 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:12.015923977 CEST | 64268 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:12.022152901 CEST | 53 | 52215 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:12.024828911 CEST | 53 | 64268 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:12.061254025 CEST | 50641 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:12.061583996 CEST | 57296 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:12.812566042 CEST | 53 | 61635 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:13.882991076 CEST | 53491 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:13.883161068 CEST | 61335 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 3, 2024 11:06:26.136634111 CEST | 53 | 60329 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:06:45.235547066 CEST | 53 | 64432 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:07:07.684607029 CEST | 53 | 60037 | 1.1.1.1 | 192.168.2.5 |
Jul 3, 2024 11:07:08.292119980 CEST | 53 | 51084 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 3, 2024 11:06:09.830682039 CEST | 192.168.2.5 | 1.1.1.1 | c36d | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 11:06:09.762794971 CEST | 192.168.2.5 | 1.1.1.1 | 0x5f7b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 11:06:09.764296055 CEST | 192.168.2.5 | 1.1.1.1 | 0x44db | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 11:06:12.014867067 CEST | 192.168.2.5 | 1.1.1.1 | 0x968b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 11:06:12.015923977 CEST | 192.168.2.5 | 1.1.1.1 | 0xc6e1 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 11:06:12.061254025 CEST | 192.168.2.5 | 1.1.1.1 | 0x6ae1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 11:06:12.061583996 CEST | 192.168.2.5 | 1.1.1.1 | 0x7acb | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 11:06:13.882991076 CEST | 192.168.2.5 | 1.1.1.1 | 0x354d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 11:06:13.883161068 CEST | 192.168.2.5 | 1.1.1.1 | 0x175d | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | bombeirosamora.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | 13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | 189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.806917906 CEST | 1.1.1.1 | 192.168.2.5 | 0x5f7b | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.830563068 CEST | 1.1.1.1 | 192.168.2.5 | 0x44db | No error (0) | bombeirosamora.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.830563068 CEST | 1.1.1.1 | 192.168.2.5 | 0x44db | No error (0) | 13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.830563068 CEST | 1.1.1.1 | 192.168.2.5 | 0x44db | No error (0) | 189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:09.830563068 CEST | 1.1.1.1 | 192.168.2.5 | 0x44db | No error (0) | 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.022152901 CEST | 1.1.1.1 | 192.168.2.5 | 0x968b | No error (0) | 142.250.186.100 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.024828911 CEST | 1.1.1.1 | 192.168.2.5 | 0xc6e1 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 3, 2024 11:06:12.111746073 CEST | 1.1.1.1 | 192.168.2.5 | 0x6ae1 | No error (0) | bombeirosamora.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111746073 CEST | 1.1.1.1 | 192.168.2.5 | 0x6ae1 | No error (0) | 13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111746073 CEST | 1.1.1.1 | 192.168.2.5 | 0x6ae1 | No error (0) | 189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111746073 CEST | 1.1.1.1 | 192.168.2.5 | 0x6ae1 | No error (0) | 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111746073 CEST | 1.1.1.1 | 192.168.2.5 | 0x6ae1 | No error (0) | 189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111746073 CEST | 1.1.1.1 | 192.168.2.5 | 0x6ae1 | No error (0) | 52.105.48.53 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111838102 CEST | 1.1.1.1 | 192.168.2.5 | 0x7acb | No error (0) | bombeirosamora.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111838102 CEST | 1.1.1.1 | 192.168.2.5 | 0x7acb | No error (0) | 13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111838102 CEST | 1.1.1.1 | 192.168.2.5 | 0x7acb | No error (0) | 189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:12.111838102 CEST | 1.1.1.1 | 192.168.2.5 | 0x7acb | No error (0) | 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:13.891762018 CEST | 1.1.1.1 | 192.168.2.5 | 0x354d | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:13.892365932 CEST | 1.1.1.1 | 192.168.2.5 | 0x175d | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:25.480424881 CEST | 1.1.1.1 | 192.168.2.5 | 0xd9c2 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:25.480424881 CEST | 1.1.1.1 | 192.168.2.5 | 0xd9c2 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:39.463249922 CEST | 1.1.1.1 | 192.168.2.5 | 0x331f | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:06:39.463249922 CEST | 1.1.1.1 | 192.168.2.5 | 0x331f | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:07:00.343599081 CEST | 1.1.1.1 | 192.168.2.5 | 0xc59c | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:07:00.343599081 CEST | 1.1.1.1 | 192.168.2.5 | 0xc59c | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 11:07:20.878748894 CEST | 1.1.1.1 | 192.168.2.5 | 0x7803 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 11:07:20.878748894 CEST | 1.1.1.1 | 192.168.2.5 | 0x7803 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49709 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:10 UTC | 786 | OUT | |
2024-07-03 09:06:11 UTC | 1979 | IN | |
2024-07-03 09:06:11 UTC | 2106 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 4151 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 5708 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49710 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:11 UTC | 807 | OUT | |
2024-07-03 09:06:11 UTC | 754 | IN | |
2024-07-03 09:06:11 UTC | 110 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 7450 | IN | |
2024-07-03 09:06:11 UTC | 7311 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49717 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:11 UTC | 872 | OUT | |
2024-07-03 09:06:11 UTC | 767 | IN | |
2024-07-03 09:06:11 UTC | 391 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 7156 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 3020 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49716 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:11 UTC | 885 | OUT | |
2024-07-03 09:06:11 UTC | 769 | IN | |
2024-07-03 09:06:11 UTC | 1807 | IN | |
2024-07-03 09:06:11 UTC | 8192 | IN | |
2024-07-03 09:06:11 UTC | 5738 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49715 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:11 UTC | 885 | OUT | |
2024-07-03 09:06:12 UTC | 770 | IN | |
2024-07-03 09:06:12 UTC | 588 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 6956 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 8192 | IN | |
2024-07-03 09:06:12 UTC | 14 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49718 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:11 UTC | 757 | OUT | |
2024-07-03 09:06:12 UTC | 728 | IN | |
2024-07-03 09:06:12 UTC | 2971 | IN | |
2024-07-03 09:06:12 UTC | 360 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49720 | 52.105.48.53 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:13 UTC | 393 | OUT | |
2024-07-03 09:06:13 UTC | 623 | IN | |
2024-07-03 09:06:13 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49722 | 13.107.136.10 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:13 UTC | 757 | OUT | |
2024-07-03 09:06:13 UTC | 731 | IN | |
2024-07-03 09:06:13 UTC | 3439 | IN | |
2024-07-03 09:06:13 UTC | 4447 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49724 | 23.43.61.160 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:14 UTC | 161 | OUT | |
2024-07-03 09:06:14 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.5 | 49728 | 23.43.61.160 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:15 UTC | 239 | OUT | |
2024-07-03 09:06:15 UTC | 535 | IN | |
2024-07-03 09:06:15 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.5 | 49726 | 52.105.48.53 | 443 | 6384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 09:06:15 UTC | 393 | OUT | |
2024-07-03 09:06:15 UTC | 626 | IN | |
2024-07-03 09:06:15 UTC | 7886 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 05:06:03 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 05:06:06 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 05:06:09 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |