Windows
Analysis Report
https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2472 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3484 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2088 --fi eld-trial- handle=193 6,i,114902 8377168276 6342,43158 2211709935 5531,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6408 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://eplog isticademe xico-my.sh arepoint.c om/persona l/natalyar _eplogisti cs_com1/_l ayouts/15/ guestacces s.aspx?e=5 %3aIF7Pg7& at=9&share =ElyrWNLgm PNHoLatr5C K5xABy6AUz d-VUKQ5lFH -DHWgkA" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dual-spo-0005.spo-msedge.net | 13.107.136.10 | true | false | unknown | |
www.google.com | 216.58.206.68 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
eplogisticademexico-my.sharepoint.com | unknown | unknown | false | unknown | |
m365cdn.nel.measure.office.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
13.107.136.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467128 |
Start date and time: | 2024-07-03 18:24:24 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 7s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@21/24@8/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.186.174, 64.233.167.84, 34.104.35.123, 2.23.209.32, 2.23.209.26, 2.23.209.39, 2.23.209.35, 2.23.209.37, 2.23.209.36, 2.23.209.29, 2.23.209.24, 2.23.209.34, 216.58.206.74, 142.250.185.202, 142.250.185.138, 142.250.186.42, 172.217.23.106, 142.250.184.202, 142.250.185.170, 216.58.212.170, 172.217.18.106, 142.250.185.74, 142.250.185.234, 142.250.181.234, 142.250.185.106, 142.250.184.234, 142.250.186.74, 216.58.206.42, 95.101.54.121, 95.101.54.113, 13.85.23.86, 2.19.126.137, 2.19.126.163, 192.229.221.95, 20.3.187.198, 13.95.31.18, 20.242.39.171, 142.250.186.163
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a767.dspw65.akamai.net, a1894.dscb.akamai.net, clients2.google.com, ocsp.digicert.com, 201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, d.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.8.0.4.0.0.3.0.1.3.0.6.2.ip6.arpa
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA
Input | Output |
---|---|
URL: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Model: Perplexity: mixtral-8x7b-instruct | {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form explicitly requesting sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV).","The text does not create a sense of urgency or interest by using phrases such as 'Click here to view document', 'To view secured document click here', or 'Open the link to see your invoice'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]} |
Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: ORDER No.93439 - stats To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next ay clicking Next you allow EPLOGISTICA DE MEXICO S DE RL DE CV to use your email address in accordance with their privacy statement. EPLOGISTICA DE MEXICO S DE RL DE CV has not prcwided links to their terms for you to review. e 2017 Microsoft Privacy & Cookies |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23063 |
Entropy (8bit): | 4.7535440881548165 |
Encrypted: | false |
SSDEEP: | 384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG |
MD5: | 90EA7274F19755002360945D54C2A0D7 |
SHA1: | 647B5D8BF7D119A2C97895363A07A0C6EB8CD284 |
SHA-256: | 40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB |
SHA-512: | 7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07 |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/WebResource.axd?d=gYhtUdTxoXhtw-KxJrZaPU-L1VVzyMRiFAG3_YgDmtOMb9U-YBQ5_M-QIbkIOMQQuoHmFdfkJMBU6emMwcD_OLoppDSK1LUliULbeka_Ccc1&t=638533172441064469 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/microsoft-logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 68995 |
Entropy (8bit): | 5.664523824177227 |
Encrypted: | false |
SSDEEP: | 1536:PlgguXKWhKlWXBOxSPSW8N6fGNNKJJxoJs2wVXUaH3k:PLuDCGeTKJLVXUJ |
MD5: | 5FC05DD5FEE75F047D937EA92527A27B |
SHA1: | 17A067E94429BB902C74756660556059AA08FF60 |
SHA-256: | 728CA21699421C153D925F429F876EAF87615152E25E53D66AFA47A0C4E347AE |
SHA-512: | A1ACD96738D44D5921CC0BF93A17FD49712FFB860407475E67909DC2D82275E7E543FCA563941920F167EFE10B40A1804787F7DDAE98A493DB75BB48FFB48A78 |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17672 |
Entropy (8bit): | 5.233316811547578 |
Encrypted: | false |
SSDEEP: | 384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM |
MD5: | 6EFDDF589864D2E146A55C01C6764A35 |
SHA1: | EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F |
SHA-256: | 2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999 |
SHA-512: | 1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/require.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3331 |
Entropy (8bit): | 7.927896166439245 |
Encrypted: | false |
SSDEEP: | 96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq |
MD5: | EF884BDEDEF280DF97A4C5604058D8DB |
SHA1: | 6F04244B51AD2409659E267D308B97E09CE9062B |
SHA-256: | 825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB |
SHA-512: | A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.702819531114783 |
Encrypted: | false |
SSDEEP: | 3:H6xhkY:aQY |
MD5: | 858372DD32511CB4DD08E48A93B4F175 |
SHA1: | CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43 |
SHA-256: | 3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359 |
SHA-512: | 6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0 |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAme0p2EaRWnvBIFDfSCVyI=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26951 |
Entropy (8bit): | 4.514992390210281 |
Encrypted: | false |
SSDEEP: | 384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v |
MD5: | B3D7A123BE5203A1A3F0F10233ED373F |
SHA1: | F4C61F321D8F79A805B356C6EC94090C0D96215C |
SHA-256: | EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192 |
SHA-512: | A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=vJyeF_G_zhTOis-uIci226CSQc3yswl8BafXJ2er74-j6lmz96G8GKwFy0HtwoXgXxfBBYeXLKo6GKlx2_QsUIFAJBf2dSvQENsLBJ82KlJRkySiMJiisNmWsJ2_-ScAqpInb_li2W56J59t5xWE3UodFKTlcOKnP7eWf88puJ41&t=ffffffffa8ad04d3 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40512 |
Entropy (8bit): | 5.386921349191213 |
Encrypted: | false |
SSDEEP: | 768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9 |
MD5: | 8DCE60169BA666CA03A31D123DB49908 |
SHA1: | 956C46BB6058C23D35440DCC656CE61C7B151399 |
SHA-256: | F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75 |
SHA-512: | 26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 215 |
Entropy (8bit): | 5.303558467083159 |
Encrypted: | false |
SSDEEP: | 6:JiMVBdgqZjZWtMfgRTH1wdcvyERIOgtg6n:MMHdVBZWyUTidkPt6 |
MD5: | 384AE7406DE0A6E7D376A2B2929F82E8 |
SHA1: | E29734DEEFA88A9118F29481D6631D566DDEDC5F |
SHA-256: | 318168A145C248970D99BF87C4B57D8DF5C2AC5A7200D69E6F024E2D910BACC6 |
SHA-512: | 59F8C070D7FE400E6721510AA1C9A1CCD8E7B4E6C1A30FE5CA4C9DA0CFCDB33ACCAA68B601904E5BAEE50D7E013864373C3AE85C5BCC312956AFBD75A4E76B04 |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | 48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40326 |
Entropy (8bit): | 5.245555585297941 |
Encrypted: | false |
SSDEEP: | 384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE |
MD5: | DA9DC1C32E89C02FC1E9EEB7E5AAB91E |
SHA1: | 3EFB110EFA6068CE6B586A67F87DA5125310BC30 |
SHA-256: | 398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1 |
SHA-512: | D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=gFO1aIFRjlyygLxe6DWiwbFNcUyyfGMmsx5XP-c0xoUfV_pvczwgTnE1b8Aq94UIqIVnnO6r3Moyf_Yl-X5rtpeBYASmRNJYKeF8ePYt05Tz7qkKdjShVK-uEybJUFRe4ZP3txcsEN27l9aNGYnb8LZt3anacaI6Y6dD3V3-NWlas3_HG5tIp3rK-0gYfS_60&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 102801 |
Entropy (8bit): | 5.336080509196147 |
Encrypted: | false |
SSDEEP: | 1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE |
MD5: | C89EAA5B28DF1E17376BE71D71649173 |
SHA1: | 2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD |
SHA-256: | 66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C |
SHA-512: | B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0 |
Malicious: | false |
Reputation: | low |
URL: | https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=QriPSNnIO6opnZEP8lII4aiVjyTyjlacWrXPRydx3VU1W8I-1Fgirzt-PeHyUHQV7_n9l6X_Lq1MxIM1Jde0IPfDHnNtGMYlU53eTNs9T3YscIO65M4gkgHkF-zmJe2FnHkkMMz5vuQV0wJJZZU2KFyfVIL0eBEC5B-WmF5-4FU5uLKi7IUPEeLRecz3ShgU0&t=74258c30 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 18:25:08.436217070 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 18:25:17.262748957 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.262783051 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.262862921 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.263282061 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.263289928 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.263345957 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.263513088 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.263525963 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.263945103 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.263955116 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.856654882 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.856952906 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.856981993 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.858105898 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.858208895 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.860083103 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.860208035 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.860565901 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.860585928 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.860806942 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.861068010 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.861082077 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.862199068 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.862447023 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.863637924 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.863745928 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.905625105 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.905625105 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:17.905656099 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:17.949163914 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.045985937 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 3, 2024 18:25:18.429965019 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.429991961 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.430068970 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.430098057 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.430150032 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.430820942 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.430824041 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.430921078 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.430938005 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.431593895 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.431668043 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.431683064 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.431723118 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.517398119 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.517503977 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.517529011 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.517870903 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.517932892 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.517941952 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.518764973 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.518840075 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.518847942 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.518964052 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.519025087 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.519032955 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.562279940 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.604254961 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604268074 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604332924 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604379892 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.604379892 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604398966 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604430914 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.604446888 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.604815960 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604886055 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.604892969 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604943991 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.604990959 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.621718884 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.621731997 CEST | 443 | 49736 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.621757984 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.621782064 CEST | 49736 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.629340887 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.630989075 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.631010056 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.631072044 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.631650925 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.631660938 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.632225037 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.632231951 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.632337093 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.633244038 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.633280039 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.633356094 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.633945942 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.633959055 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.634278059 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.634288073 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.635938883 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.635972023 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.636035919 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.636193991 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.636207104 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.676497936 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.815423965 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.815449953 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.815515995 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.815529108 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.815573931 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.816698074 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.816705942 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.816735029 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.816755056 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.816821098 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.816823959 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.816833973 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.816871881 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.904118061 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.904130936 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.904191971 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.904678106 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.904736996 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.904799938 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.906451941 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.906466961 CEST | 443 | 49735 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:18.906497955 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:18.906534910 CEST | 49735 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.222603083 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:19.222645044 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:19.222718000 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:19.223556995 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:19.223571062 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:19.319602013 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.319819927 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.319834948 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.320154905 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.320748091 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.320807934 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.320904016 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.322236061 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.322576046 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.322592020 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.322597027 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.323004007 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.323020935 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.323373079 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.323575974 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.323625088 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.324282885 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.324347019 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.325222015 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.325278997 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.325850964 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.326168060 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.326174974 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.330001116 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.330348969 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.330355883 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.331701994 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.331760883 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.332278967 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.332341909 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.332539082 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.332545042 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.364492893 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.372504950 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.374799013 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.374946117 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.476053953 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.476326942 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.476382971 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.476404905 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.477402925 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.477454901 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.477464914 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.477516890 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.487438917 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.487462997 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.487533092 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.487552881 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.487687111 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.487694025 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.487726927 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.487735033 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.487755060 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.488537073 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.488595963 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.488600969 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.488650084 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.505894899 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.505916119 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.505970001 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.505985975 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.506027937 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.506223917 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.506293058 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.506331921 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.509649992 CEST | 49742 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.509661913 CEST | 443 | 49742 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.564991951 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.565072060 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.565088034 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.565896034 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.565947056 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.565956116 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.566982031 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.567040920 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.567049980 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.568028927 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.568089962 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.568098068 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.569554090 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.569597960 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.569654942 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.570192099 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.570211887 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.572516918 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.572535992 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.572572947 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.572583914 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.572629929 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.573550940 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.573559046 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.573601961 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.573609114 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.574089050 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.574130058 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.574136019 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.574177027 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.576734066 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.576801062 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.576813936 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.577187061 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.577225924 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.577230930 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.578222990 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.578274012 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.578279018 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.578871012 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.578913927 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.580662012 CEST | 49744 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.580673933 CEST | 443 | 49744 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.608963013 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.659039021 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.659068108 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.659112930 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.659148932 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.659157991 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.659245968 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.659301996 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.659311056 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.659579039 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.659667969 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.659682989 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.660399914 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.660468102 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.660475969 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.661271095 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.661334038 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.661344051 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662226915 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662273884 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662292004 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662301064 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662321091 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662337065 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662348032 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662364960 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662384033 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662426949 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662434101 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662581921 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662589073 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662612915 CEST | 443 | 49743 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662640095 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662672043 CEST | 49743 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.662730932 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.662772894 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.663189888 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.663198948 CEST | 443 | 49741 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:19.663208008 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.663242102 CEST | 49741 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:19.872241974 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:19.872493029 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:19.872517109 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:19.873611927 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:19.873666048 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:19.944964886 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:19.945004940 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:19.945097923 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:19.946837902 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:19.946849108 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:20.082586050 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:20.082741022 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:20.136502981 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:20.136531115 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:20.183365107 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:20.184230089 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.198976994 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.199052095 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.200150967 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.200313091 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.201280117 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.201353073 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.205271959 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.205290079 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.233685017 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.233722925 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.233791113 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.241049051 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.241061926 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.251444101 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.377477884 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.377497911 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.377660036 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.377695084 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.377895117 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.378016949 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.378068924 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.378175974 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.540152073 CEST | 49746 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.540188074 CEST | 443 | 49746 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.601373911 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:20.601628065 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:20.644988060 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:20.645015001 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:20.645294905 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:20.700174093 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:20.831820965 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.832313061 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.832339048 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.832690954 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.833163977 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.833235025 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.833647966 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.871750116 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:20.880496025 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:20.888473988 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:20.912492990 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.005263090 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.007191896 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.007203102 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.007226944 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.007278919 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.007292986 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.007292986 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.007678986 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.008924007 CEST | 49749 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.008940935 CEST | 443 | 49749 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.067950964 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.068022013 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.068072081 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.068913937 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.068958998 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.069039106 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.069828987 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.069842100 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.070952892 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.070980072 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.160283089 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.160327911 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.160393000 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.160706997 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.160716057 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.658562899 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.667148113 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.667180061 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.667660952 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.671865940 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.671962023 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.672254086 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.716505051 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.799324989 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.799446106 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.819597006 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.819617033 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.819885015 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:21.823446035 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:21.837666988 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.837721109 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.837759018 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.837769985 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.837783098 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.837825060 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.838013887 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.838052034 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.838076115 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.838116884 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.839977980 CEST | 49752 | 443 | 192.168.2.4 | 13.107.136.10 |
Jul 3, 2024 18:25:21.840014935 CEST | 443 | 49752 | 13.107.136.10 | 192.168.2.4 |
Jul 3, 2024 18:25:21.868498087 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:22.161335945 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:22.161393881 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:22.161561012 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:22.163136005 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:22.163136005 CEST | 49753 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 3, 2024 18:25:22.163162947 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:22.163175106 CEST | 443 | 49753 | 184.28.90.27 | 192.168.2.4 |
Jul 3, 2024 18:25:29.777226925 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:29.777292013 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:29.777405977 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:31.694907904 CEST | 49745 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:25:31.694987059 CEST | 443 | 49745 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:25:58.396609068 CEST | 55552 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:58.401520967 CEST | 53 | 55552 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:58.401598930 CEST | 55552 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:58.401623011 CEST | 55552 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:58.406445026 CEST | 53 | 55552 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:58.820230007 CEST | 61361 | 53 | 192.168.2.4 | 162.159.36.2 |
Jul 3, 2024 18:25:58.825139046 CEST | 53 | 61361 | 162.159.36.2 | 192.168.2.4 |
Jul 3, 2024 18:25:58.825218916 CEST | 61361 | 53 | 192.168.2.4 | 162.159.36.2 |
Jul 3, 2024 18:25:58.825381041 CEST | 61361 | 53 | 192.168.2.4 | 162.159.36.2 |
Jul 3, 2024 18:25:58.830203056 CEST | 53 | 61361 | 162.159.36.2 | 192.168.2.4 |
Jul 3, 2024 18:25:58.856630087 CEST | 53 | 55552 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:58.857613087 CEST | 55552 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:58.862808943 CEST | 53 | 55552 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:58.862867117 CEST | 55552 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:59.270286083 CEST | 53 | 61361 | 162.159.36.2 | 192.168.2.4 |
Jul 3, 2024 18:25:59.274933100 CEST | 61361 | 53 | 192.168.2.4 | 162.159.36.2 |
Jul 3, 2024 18:25:59.279994011 CEST | 53 | 61361 | 162.159.36.2 | 192.168.2.4 |
Jul 3, 2024 18:25:59.280086994 CEST | 61361 | 53 | 192.168.2.4 | 162.159.36.2 |
Jul 3, 2024 18:26:19.265093088 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:19.265153885 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:19.265264988 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:19.265675068 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:19.265691996 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:19.938432932 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:19.938726902 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:19.938762903 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:19.939104080 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:19.939528942 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:19.939623117 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:19.982393980 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:25.937129021 CEST | 49723 | 80 | 192.168.2.4 | 199.232.210.172 |
Jul 3, 2024 18:26:25.937297106 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 3, 2024 18:26:25.944370985 CEST | 80 | 49723 | 199.232.210.172 | 192.168.2.4 |
Jul 3, 2024 18:26:25.944434881 CEST | 49723 | 80 | 192.168.2.4 | 199.232.210.172 |
Jul 3, 2024 18:26:25.944438934 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Jul 3, 2024 18:26:25.944502115 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 3, 2024 18:26:29.833404064 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:29.833470106 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Jul 3, 2024 18:26:29.833534002 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:31.706043005 CEST | 61367 | 443 | 192.168.2.4 | 216.58.206.68 |
Jul 3, 2024 18:26:31.706090927 CEST | 443 | 61367 | 216.58.206.68 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 18:25:15.437030077 CEST | 53 | 60556 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:15.514096022 CEST | 53 | 63595 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:16.902653933 CEST | 59379 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:16.902795076 CEST | 65397 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:17.426902056 CEST | 53 | 50018 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:19.204189062 CEST | 63941 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:19.204595089 CEST | 58197 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:19.219676018 CEST | 53 | 58197 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:19.220478058 CEST | 53 | 63941 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:19.523976088 CEST | 50271 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:19.524506092 CEST | 52013 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:20.240417957 CEST | 53 | 54593 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:21.522877932 CEST | 53336 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:21.523278952 CEST | 62473 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 3, 2024 18:25:34.570564032 CEST | 53 | 60352 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:37.502604008 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jul 3, 2024 18:25:53.351250887 CEST | 53 | 54882 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:58.395921946 CEST | 53 | 62836 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:25:58.818943024 CEST | 53 | 54760 | 162.159.36.2 | 192.168.2.4 |
Jul 3, 2024 18:25:59.283858061 CEST | 53 | 60780 | 1.1.1.1 | 192.168.2.4 |
Jul 3, 2024 18:26:14.932867050 CEST | 53 | 63205 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 3, 2024 18:25:17.501830101 CEST | 192.168.2.4 | 1.1.1.1 | c374 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 18:25:16.902653933 CEST | 192.168.2.4 | 1.1.1.1 | 0xefab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 18:25:16.902795076 CEST | 192.168.2.4 | 1.1.1.1 | 0xcee7 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 18:25:19.204189062 CEST | 192.168.2.4 | 1.1.1.1 | 0xfee1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 18:25:19.204595089 CEST | 192.168.2.4 | 1.1.1.1 | 0x4849 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 18:25:19.523976088 CEST | 192.168.2.4 | 1.1.1.1 | 0x4f71 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 18:25:19.524506092 CEST | 192.168.2.4 | 1.1.1.1 | 0x8d78 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 18:25:21.522877932 CEST | 192.168.2.4 | 1.1.1.1 | 0x2f95 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 18:25:21.523278952 CEST | 192.168.2.4 | 1.1.1.1 | 0x21b2 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | eplogisticademexico.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | 763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | 201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | 201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.206607103 CEST | 1.1.1.1 | 192.168.2.4 | 0xefab | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.501755953 CEST | 1.1.1.1 | 192.168.2.4 | 0xcee7 | No error (0) | eplogisticademexico.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.501755953 CEST | 1.1.1.1 | 192.168.2.4 | 0xcee7 | No error (0) | 763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.501755953 CEST | 1.1.1.1 | 192.168.2.4 | 0xcee7 | No error (0) | 201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:17.501755953 CEST | 1.1.1.1 | 192.168.2.4 | 0xcee7 | No error (0) | 201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.219676018 CEST | 1.1.1.1 | 192.168.2.4 | 0x4849 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 3, 2024 18:25:19.220478058 CEST | 1.1.1.1 | 192.168.2.4 | 0xfee1 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.567080021 CEST | 1.1.1.1 | 192.168.2.4 | 0x8d78 | No error (0) | eplogisticademexico.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.567080021 CEST | 1.1.1.1 | 192.168.2.4 | 0x8d78 | No error (0) | 763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.567080021 CEST | 1.1.1.1 | 192.168.2.4 | 0x8d78 | No error (0) | 201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.567080021 CEST | 1.1.1.1 | 192.168.2.4 | 0x8d78 | No error (0) | 201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | eplogisticademexico.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | 763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | 201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | 201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:19.568037033 CEST | 1.1.1.1 | 192.168.2.4 | 0x4f71 | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:21.532005072 CEST | 1.1.1.1 | 192.168.2.4 | 0x2f95 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:21.533262014 CEST | 1.1.1.1 | 192.168.2.4 | 0x21b2 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:32.516904116 CEST | 1.1.1.1 | 192.168.2.4 | 0xf94c | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:32.516904116 CEST | 1.1.1.1 | 192.168.2.4 | 0xf94c | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:45.787970066 CEST | 1.1.1.1 | 192.168.2.4 | 0xd92f | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:25:45.787970066 CEST | 1.1.1.1 | 192.168.2.4 | 0xd92f | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 18:26:40.819608927 CEST | 1.1.1.1 | 192.168.2.4 | 0xecff | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 18:26:40.819608927 CEST | 1.1.1.1 | 192.168.2.4 | 0xecff | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:17 UTC | 814 | OUT | |
2024-07-03 16:25:18 UTC | 2033 | IN | |
2024-07-03 16:25:18 UTC | 2137 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 4144 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 5370 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:18 UTC | 840 | OUT | |
2024-07-03 16:25:18 UTC | 755 | IN | |
2024-07-03 16:25:18 UTC | 3391 | IN | |
2024-07-03 16:25:18 UTC | 8192 | IN | |
2024-07-03 16:25:18 UTC | 4168 | IN | |
2024-07-03 16:25:18 UTC | 7312 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49741 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:19 UTC | 905 | OUT | |
2024-07-03 16:25:19 UTC | 768 | IN | |
2024-07-03 16:25:19 UTC | 3378 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 4168 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 3021 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49743 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:19 UTC | 918 | OUT | |
2024-07-03 16:25:19 UTC | 769 | IN | |
2024-07-03 16:25:19 UTC | 291 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 7254 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49744 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:19 UTC | 918 | OUT | |
2024-07-03 16:25:19 UTC | 767 | IN | |
2024-07-03 16:25:19 UTC | 1703 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 5844 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 8192 | IN | |
2024-07-03 16:25:19 UTC | 11 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49742 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:19 UTC | 790 | OUT | |
2024-07-03 16:25:19 UTC | 738 | IN | |
2024-07-03 16:25:19 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49746 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:20 UTC | 398 | OUT | |
2024-07-03 16:25:20 UTC | 732 | IN | |
2024-07-03 16:25:20 UTC | 3331 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49749 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:20 UTC | 790 | OUT | |
2024-07-03 16:25:21 UTC | 732 | IN | |
2024-07-03 16:25:21 UTC | 155 | IN | |
2024-07-03 16:25:21 UTC | 7731 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49747 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:20 UTC | 161 | OUT | |
2024-07-03 16:25:21 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 49752 | 13.107.136.10 | 443 | 3484 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:21 UTC | 398 | OUT | |
2024-07-03 16:25:21 UTC | 735 | IN | |
2024-07-03 16:25:21 UTC | 1494 | IN | |
2024-07-03 16:25:21 UTC | 6392 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.4 | 49753 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 16:25:21 UTC | 239 | OUT | |
2024-07-03 16:25:22 UTC | 514 | IN | |
2024-07-03 16:25:22 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 12:25:11 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 12:25:13 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 12:25:16 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |