Windows
Analysis Report
http://79.141.36.131
Overview
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3220 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 5900 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1972 --fi eld-trial- handle=192 0,i,177824 9242643508 2122,11014 2656289372 19128,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 6432 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://79.141 .36.131" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
Phishing |
---|
Source: | LLM: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
www.google.com | 142.250.186.100 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
79.141.36.131 | unknown | United Kingdom | 6461 | ZAYO-6461US | true |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467817 |
Start date and time: | 2024-07-04 20:19:15 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 2m 57s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://79.141.36.131 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@24/12@2/4 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.195, 142.250.185.174, 74.125.71.84, 34.104.35.123, 172.217.18.3, 52.165.165.26, 199.232.214.172, 192.229.221.95, 20.3.187.198, 13.85.23.206, 20.242.39.171, 20.166.126.56, 131.107.255.255, 40.68.123.157, 142.250.185.131, 40.127.169.103
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: http://79.141.36.131
Input | Output |
---|---|
URL: http://79.141.36.131/ Model: Perplexity: mixtral-8x7b-instruct | {"loginform": true,"urgency": false,"captcha": false,"reasons": ["The text 'please be patient as you are being re-directed to a secure login page' suggests that the webpage contains a login form.","No elements of urgency were found in the text.","No CAPTCHA or anti-robot detection mechanism was mentioned or observed in the provided information."]} |
Title: Document Moved OCR: SONICWALL" Network Security Appliance Please be patient as you are being re- directed to a secure login page | |
URL: http://79.141.36.131 Model: gpt-4o | ```json{ "phishing_score": 8, "brands": "SonicWall", "phishing": true, "suspicious_domain": true, "has_prominent_loginform": false, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "sonicwall.com", "reasons": "The URL 'http://79.141.36.131' is an IP address rather than a domain name, which is often used in phishing attacks to obscure the true destination of the link. The page displays a SonicWall logo, indicating it is attempting to impersonate the SonicWall brand. The message on the page suggests that the user is being redirected to a secure login page, which is a common social engineering technique used in phishing attacks. There is a suspicious link labeled 'secure login page' which could potentially lead to a phishing site. The legitimate domain for SonicWall is 'sonicwall.com', and the use of an IP address instead of the legitimate domain is highly suspicious. Therefore, this site is likely a phishing site."} |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1507 |
Entropy (8bit): | 6.634887007944679 |
Encrypted: | false |
SSDEEP: | 24:o1hJIwWwh82lYSZknisB3yVCNxZyJ3VEvYy3OGNwAGtM5Vx1aYOHB0jSQCs47OF:mkNvn6knislyENuJ3URKAxVxChBTs0A |
MD5: | 60FA7ED2309D77DE1F9DC5E7C741AC48 |
SHA1: | 0AA56A01CCCCC051F615737EAD979EA4ADFB4EA9 |
SHA-256: | 6BB6F64ADAA6A7ED4DA10A2FE4EDF4CB4D9914AA742C7AD607CA4CA678DCD3F1 |
SHA-512: | FEA52FAAF5E0C12606931BA4A203B7D3AF6E590A987385FD1CAC0084E81F72891F5C03D457548F2CE95438781FFC90AA495EA898051DB8AFFC50A6BE7F559CE4 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2794 |
Entropy (8bit): | 5.408928913757861 |
Encrypted: | false |
SSDEEP: | 48:IopdVARMfNUyrk+xQIzlb2IWBdKay1KJT+SSmrbZ8a/joJyB1vLPFX6J/cbHkb0A:/ARsUyrki+cKJT+SJ+a/U8BT6JmkbR |
MD5: | 31A14B8AF8467C9872FF10FCCA600783 |
SHA1: | 0C056C37FB7B5A8A25EB49B8CFD9B6427DDD31E4 |
SHA-256: | C6E0F494A52B89B867EC62070DE6A00BC8A2724802CF83A00EC0D5A10D6C4085 |
SHA-512: | 2C7C57A450FF9DD120BEB1590561A116D9D7AFD71E7ECD677872D9232CC39195643170A439BB869E1732A8C95C677A547DDEADE105963FC97B2829B86AC8BD5C |
Malicious: | false |
Reputation: | low |
URL: | http://79.141.36.131/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3240 |
Entropy (8bit): | 7.731041847221727 |
Encrypted: | false |
SSDEEP: | 48:aANn2eqykxJ3qk3P30GzJbf9D0AgKZ8t7m3VpUmXV+D15uL0dfwTU2IFuGB4Jx9T:r25Iw300D0Fmg7UDL8x5uwQmFs9mk |
MD5: | 4860590C734F8DC5EE585DE2BD00B0FE |
SHA1: | 159EBC3218C1094B37384266D13319F25E133B2F |
SHA-256: | 7DD2BF5891D67347182CAC9DD160071FDA93F65D6F11B9BAC5EBF138D8899424 |
SHA-512: | 2E8B4666022D08E2E303ECD2E1CBAC707319A1ABA9CC075B53123A4632238948E7A909587D8A0D00FD554656186F401002DA05A82DEB775645306FCB681921A4 |
Malicious: | false |
Reputation: | low |
URL: | http://79.141.36.131/logo_sw.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9105 |
Entropy (8bit): | 5.1528882014230755 |
Encrypted: | false |
SSDEEP: | 96:eJIToLvd2JG7JhJaIIwe6gcFUPuQJ0JawPeiF9xBTpahrcdAwyv5gfqgOjNaKYvK:WfLIGNfA6o7dFv50q1tYv/y |
MD5: | A5120F98132BBE7EE4C8DD8F68A0AA25 |
SHA1: | 7E4997C0BE9B6ACF8BB7A17508C97525836B7357 |
SHA-256: | 32690112F62FCA9620801914A610056C9E9273AA4A3075FA4294874451726C3E |
SHA-512: | 0D75C910A25F62A643470902726E77C65688DE57BBC639867DF5FC72919915FBB6374BEA6ACB9EFAFB20B107D76B9CDAB78C2038995F33A52E45C505EE37650A |
Malicious: | false |
Reputation: | low |
URL: | http://79.141.36.131/swl_login-6.2.5-2193764341.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1507 |
Entropy (8bit): | 6.634887007944679 |
Encrypted: | false |
SSDEEP: | 24:o1hJIwWwh82lYSZknisB3yVCNxZyJ3VEvYy3OGNwAGtM5Vx1aYOHB0jSQCs47OF:mkNvn6knislyENuJ3URKAxVxChBTs0A |
MD5: | 60FA7ED2309D77DE1F9DC5E7C741AC48 |
SHA1: | 0AA56A01CCCCC051F615737EAD979EA4ADFB4EA9 |
SHA-256: | 6BB6F64ADAA6A7ED4DA10A2FE4EDF4CB4D9914AA742C7AD607CA4CA678DCD3F1 |
SHA-512: | FEA52FAAF5E0C12606931BA4A203B7D3AF6E590A987385FD1CAC0084E81F72891F5C03D457548F2CE95438781FFC90AA495EA898051DB8AFFC50A6BE7F559CE4 |
Malicious: | false |
Reputation: | low |
URL: | http://79.141.36.131/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3240 |
Entropy (8bit): | 7.731041847221727 |
Encrypted: | false |
SSDEEP: | 48:aANn2eqykxJ3qk3P30GzJbf9D0AgKZ8t7m3VpUmXV+D15uL0dfwTU2IFuGB4Jx9T:r25Iw300D0Fmg7UDL8x5uwQmFs9mk |
MD5: | 4860590C734F8DC5EE585DE2BD00B0FE |
SHA1: | 159EBC3218C1094B37384266D13319F25E133B2F |
SHA-256: | 7DD2BF5891D67347182CAC9DD160071FDA93F65D6F11B9BAC5EBF138D8899424 |
SHA-512: | 2E8B4666022D08E2E303ECD2E1CBAC707319A1ABA9CC075B53123A4632238948E7A909587D8A0D00FD554656186F401002DA05A82DEB775645306FCB681921A4 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 58596 |
Entropy (8bit): | 5.277892516538721 |
Encrypted: | false |
SSDEEP: | 768:RS6Ah/jl6A3cYqgZt80YUwNIl6Eur2+GIaZO4Qgfe1j3PMsNL/Oz:RS6Ah/jlF3twmIaZOVbNa |
MD5: | 452609EC8A98B6BE298516E61160A52D |
SHA1: | BD664B235846769CCA5A3A9253A4D002994699F3 |
SHA-256: | D2A1ECC6529E220532403FEA863A0C201D9F52904D3935E9C0CB10D6EEA70532 |
SHA-512: | 8058EF9E3F11030DF15A59D8AD6B35AB0C4CEA7BD3FC339A111E3567CCC6095260DE4CE140451AA536D8A595FE8D541D32217E4DF58737AEA00FE19BDE6D82B6 |
Malicious: | false |
Reputation: | low |
URL: | http://79.141.36.131/swl_styles-6.2.5-4184726327.css |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 4, 2024 20:19:57.875118971 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Jul 4, 2024 20:19:59.812727928 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 4, 2024 20:20:07.100270033 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:07.100429058 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:07.105063915 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:07.105138063 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:07.105185032 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:07.105597973 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:07.111138105 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:07.115880966 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567265034 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567291975 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567303896 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567414045 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.567419052 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567476988 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567491055 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567519903 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.567533016 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.567614079 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.567657948 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.568341017 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.568397999 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.571259975 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.574165106 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.574177980 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.574189901 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.574222088 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.574245930 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.574245930 CEST | 49737 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.576034069 CEST | 80 | 49737 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.588238001 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.588641882 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.588725090 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.593502045 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.593622923 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.593688011 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.593765020 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.593765020 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.593822956 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.593966007 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.598536968 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.598645926 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.779198885 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.779213905 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.779227018 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.779272079 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.864660025 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.864697933 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.864710093 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.864722013 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.864763975 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.864798069 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.950733900 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.950766087 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.950778961 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.950825930 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.950839043 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:08.950843096 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:08.950881958 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.037365913 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037395954 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037425995 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037441969 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037457943 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.037486076 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.037580013 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037620068 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037631035 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.037661076 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.083770990 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.124413013 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.124473095 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.124497890 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.124517918 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.124526978 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.124531031 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.124713898 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.124845028 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.124906063 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.124942064 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.131058931 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:09.131129026 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:09.420424938 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 4, 2024 20:20:10.192678928 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192692995 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192707062 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192738056 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.192816973 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192826986 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192835093 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192845106 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192852974 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.192856073 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192883015 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.192897081 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192907095 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192912102 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.192915916 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192925930 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.192934990 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193012953 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193031073 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193041086 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193049908 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193094969 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193099976 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193136930 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193149090 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193156958 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193175077 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193186998 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193205118 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193217993 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193224907 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193243980 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193265915 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193341970 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193366051 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193389893 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193401098 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193428040 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193506956 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193516016 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193526030 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193558931 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193623066 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193633080 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193643093 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193674088 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193763971 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193777084 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193785906 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193795919 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193797112 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193806887 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193821907 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193845987 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193906069 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193916082 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193924904 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193942070 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193964958 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.193973064 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.193975925 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194019079 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194086075 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194103956 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194113970 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194147110 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194170952 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194180012 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194189072 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194209099 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194221020 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194235086 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194243908 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194252968 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194281101 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194302082 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194318056 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194361925 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194384098 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194418907 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.194422007 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.194461107 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.195574999 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.195996046 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.196006060 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.196016073 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.196033955 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.196050882 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.196113110 CEST | 49738 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.204741001 CEST | 80 | 49738 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.207142115 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.207175970 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.207222939 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.207678080 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.207695007 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.212852955 CEST | 49741 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.215574026 CEST | 49742 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.217662096 CEST | 80 | 49741 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.220339060 CEST | 80 | 49742 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.520656109 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:10.520689964 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:10.520759106 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:10.522497892 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:10.522509098 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:10.774306059 CEST | 49745 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.779314995 CEST | 80 | 49745 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.779382944 CEST | 49745 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.780008078 CEST | 49745 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.785284996 CEST | 80 | 49745 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.872097015 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.888324976 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.888361931 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.889492035 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.889545918 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.891535997 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.891603947 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.928977966 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.932734013 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:10.932804108 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:10.934863091 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.934986115 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.937582970 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:10.943454981 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:10.987071991 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:11.171926975 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.172102928 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.356518984 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.356520891 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.356564045 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.356571913 CEST | 443 | 49748 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.356642008 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.356647968 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.356880903 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.356894970 CEST | 443 | 49748 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.357580900 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.357598066 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.402169943 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.402198076 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.402558088 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.421245098 CEST | 80 | 49745 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.421998024 CEST | 80 | 49745 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.422030926 CEST | 80 | 49745 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.422070026 CEST | 49745 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.425014973 CEST | 49745 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.452275038 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.502310991 CEST | 49745 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.507287025 CEST | 80 | 49745 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.553359985 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.596529007 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.596560955 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.596596956 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.596643925 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.596647024 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.596993923 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.600497961 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.683073997 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.683542967 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.684025049 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.699043036 CEST | 49746 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:11.703963995 CEST | 80 | 49746 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:11.730607033 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.730683088 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.730781078 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.731775045 CEST | 49744 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.731796026 CEST | 443 | 49744 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.822232962 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.822261095 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:11.822431087 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.823771954 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:11.823784113 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.267426014 CEST | 49750 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.331933975 CEST | 80 | 49750 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.332005978 CEST | 49750 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.332350969 CEST | 49750 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.335685015 CEST | 443 | 49748 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.335997105 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.336047888 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.336074114 CEST | 443 | 49748 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.336432934 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.336447001 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.337060928 CEST | 443 | 49748 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.337120056 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.337213039 CEST | 80 | 49750 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.337521076 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.337651014 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.343344927 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.343517065 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.343533039 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.343539953 CEST | 443 | 49747 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.343573093 CEST | 49747 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.343983889 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.344022989 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.344106913 CEST | 443 | 49748 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.344144106 CEST | 49748 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.468764067 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.468832016 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:12.490844011 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:12.490863085 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.491075993 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.492783070 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:12.540499926 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.727083921 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.727157116 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.727210999 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:12.742032051 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:12.742065907 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.742078066 CEST | 49749 | 443 | 192.168.2.4 | 23.211.8.90 |
Jul 4, 2024 20:20:12.742084980 CEST | 443 | 49749 | 23.211.8.90 | 192.168.2.4 |
Jul 4, 2024 20:20:12.962723017 CEST | 80 | 49750 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.962788105 CEST | 80 | 49750 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.962822914 CEST | 80 | 49750 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:12.962909937 CEST | 49750 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.962910891 CEST | 49750 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.967401028 CEST | 49750 | 80 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:12.972368956 CEST | 80 | 49750 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:20.345829964 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:20.345860004 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:20.345923901 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:20.346435070 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:20.346476078 CEST | 443 | 49753 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:20.346704006 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:20.347526073 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:20.347541094 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:20.347740889 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:20.347754002 CEST | 443 | 49753 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:20.773914099 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:20.773972034 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:20.774051905 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:21.001585960 CEST | 443 | 49753 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.002521038 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.045552015 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.046289921 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.055562973 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.055574894 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.055742025 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.055752993 CEST | 443 | 49753 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.056727886 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.056792974 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.056822062 CEST | 443 | 49753 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.056869030 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.057468891 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.057622910 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.058149099 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.058173895 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.058195114 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.058295012 CEST | 443 | 49753 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.058335066 CEST | 49753 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.058418036 CEST | 49752 | 443 | 192.168.2.4 | 79.141.36.131 |
Jul 4, 2024 20:20:21.058429003 CEST | 443 | 49752 | 79.141.36.131 | 192.168.2.4 |
Jul 4, 2024 20:20:21.082307100 CEST | 49743 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:20:21.082334995 CEST | 443 | 49743 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:20:26.211406946 CEST | 61600 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:20:26.216238022 CEST | 53 | 61600 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:26.216339111 CEST | 61600 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:20:26.216375113 CEST | 61600 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:20:26.221244097 CEST | 53 | 61600 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:26.680773973 CEST | 53 | 61600 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:26.681269884 CEST | 61600 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:20:26.686501026 CEST | 53 | 61600 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:26.686582088 CEST | 61600 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:06.928538084 CEST | 61603 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:06.933399916 CEST | 53 | 61603 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:06.933516979 CEST | 61603 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:06.933516979 CEST | 61603 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:06.933552980 CEST | 61603 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:06.938606977 CEST | 53 | 61603 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:06.938627005 CEST | 53 | 61603 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:07.412554026 CEST | 53 | 61603 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:07.413085938 CEST | 61603 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:07.418086052 CEST | 53 | 61603 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:07.418193102 CEST | 61603 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:21:09.857453108 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:09.857500076 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:09.857568026 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:09.858437061 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:09.858453035 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:10.691358089 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:10.691657066 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:10.691685915 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:10.692014933 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:10.692440033 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:10.692544937 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:10.738053083 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:16.816235065 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 20:21:16.816333055 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 20:21:16.821351051 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Jul 4, 2024 20:21:16.821492910 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 20:21:16.821932077 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Jul 4, 2024 20:21:16.822407007 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 20:21:20.624272108 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:20.624334097 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Jul 4, 2024 20:21:20.624476910 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:22.302264929 CEST | 61605 | 443 | 192.168.2.4 | 142.250.186.100 |
Jul 4, 2024 20:21:22.302294016 CEST | 443 | 61605 | 142.250.186.100 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 4, 2024 20:20:05.707003117 CEST | 53 | 53474 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:05.782115936 CEST | 53 | 65406 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:07.067441940 CEST | 53 | 62915 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:09.809380054 CEST | 56900 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:20:09.809931040 CEST | 50114 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 20:20:10.201268911 CEST | 53 | 50114 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:10.201410055 CEST | 53 | 56900 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:12.563678980 CEST | 53 | 61683 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:24.304713964 CEST | 53 | 58747 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:26.210993052 CEST | 53 | 64307 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:20:28.426598072 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jul 4, 2024 20:20:43.353718042 CEST | 53 | 60579 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:05.292815924 CEST | 53 | 63080 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:05.914664030 CEST | 53 | 63587 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 20:21:06.928184032 CEST | 53 | 59528 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 4, 2024 20:20:09.809380054 CEST | 192.168.2.4 | 1.1.1.1 | 0x81fb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 4, 2024 20:20:09.809931040 CEST | 192.168.2.4 | 1.1.1.1 | 0xb0f6 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 4, 2024 20:20:10.201268911 CEST | 1.1.1.1 | 192.168.2.4 | 0xb0f6 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 4, 2024 20:20:10.201410055 CEST | 1.1.1.1 | 192.168.2.4 | 0x81fb | No error (0) | 142.250.186.100 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 20:20:22.693980932 CEST | 1.1.1.1 | 192.168.2.4 | 0x1bd5 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 20:20:22.693980932 CEST | 1.1.1.1 | 192.168.2.4 | 0x1bd5 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 20:20:23.231895924 CEST | 1.1.1.1 | 192.168.2.4 | 0x9852 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 4, 2024 20:20:23.231895924 CEST | 1.1.1.1 | 192.168.2.4 | 0x9852 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49737 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:07.111138105 CEST | 428 | OUT | |
Jul 4, 2024 20:20:08.567265034 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.567291975 CEST | 264 | IN | |
Jul 4, 2024 20:20:08.567303896 CEST | 264 | IN | |
Jul 4, 2024 20:20:08.567419052 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.567476988 CEST | 397 | IN | |
Jul 4, 2024 20:20:08.567614079 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.568341017 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.574165106 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.574177980 CEST | 397 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49738 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:08.588725090 CEST | 344 | OUT | |
Jul 4, 2024 20:20:08.779198885 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.779213905 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.779227018 CEST | 376 | IN | |
Jul 4, 2024 20:20:08.864660025 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.864697933 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.864710093 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.864722013 CEST | 564 | IN | |
Jul 4, 2024 20:20:08.950733900 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.950766087 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.950778961 CEST | 1236 | IN | |
Jul 4, 2024 20:20:08.950825930 CEST | 1236 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49741 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:08.593765020 CEST | 343 | OUT | |
Jul 4, 2024 20:20:10.193031073 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193041086 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193049908 CEST | 376 | IN | |
Jul 4, 2024 20:20:10.193217993 CEST | 376 | IN | |
Jul 4, 2024 20:20:10.193797112 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193806887 CEST | 224 | IN | |
Jul 4, 2024 20:20:10.193906069 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193916082 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193924904 CEST | 340 | IN | |
Jul 4, 2024 20:20:10.194235086 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.194243908 CEST | 986 | IN | |
Jul 4, 2024 20:20:10.194384098 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.196006060 CEST | 1236 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49742 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:08.593822956 CEST | 370 | OUT | |
Jul 4, 2024 20:20:10.193094969 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193136930 CEST | 224 | IN | |
Jul 4, 2024 20:20:10.193149090 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.193156958 CEST | 152 | IN | |
Jul 4, 2024 20:20:10.193224907 CEST | 152 | IN | |
Jul 4, 2024 20:20:10.193964958 CEST | 586 | IN | |
Jul 4, 2024 20:20:10.194422007 CEST | 1236 | IN | |
Jul 4, 2024 20:20:10.195996046 CEST | 1236 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49745 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:10.780008078 CEST | 370 | OUT | |
Jul 4, 2024 20:20:11.421245098 CEST | 1236 | IN | |
Jul 4, 2024 20:20:11.421998024 CEST | 440 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49746 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:10.937582970 CEST | 277 | OUT | |
Jul 4, 2024 20:20:11.596529007 CEST | 1236 | IN | |
Jul 4, 2024 20:20:11.596560955 CEST | 224 | IN | |
Jul 4, 2024 20:20:11.596596956 CEST | 1236 | IN | |
Jul 4, 2024 20:20:11.596647024 CEST | 152 | IN | |
Jul 4, 2024 20:20:11.683073997 CEST | 586 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49750 | 79.141.36.131 | 80 | 5900 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 4, 2024 20:20:12.332350969 CEST | 277 | OUT | |
Jul 4, 2024 20:20:12.962723017 CEST | 1236 | IN | |
Jul 4, 2024 20:20:12.962788105 CEST | 440 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49744 | 23.211.8.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 18:20:11 UTC | 161 | OUT | |
2024-07-04 18:20:11 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49749 | 23.211.8.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 18:20:12 UTC | 239 | OUT | |
2024-07-04 18:20:12 UTC | 535 | IN | |
2024-07-04 18:20:12 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 14:20:02 |
Start date: | 04/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 14:20:04 |
Start date: | 04/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 14:20:06 |
Start date: | 04/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |