Windows
Analysis Report
https://rules-pear-kft5d2.mystrikingly.com/
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3496 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 6020 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2232 --fi eld-trial- handle=216 4,i,106441 1730335409 1039,25185 2241226778 5527,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 6448 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://rules -pear-kft5 d2.mystrik ingly.com/ " MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: | ||
Source: | SlashNext: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | malware | ||
100% | SlashNext | Credential Stealing type: Phishing & Social Engineering |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
d1zzi8yv54jueq.cloudfront.net | 13.32.27.122 | true | false | unknown | |
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
dy7t0zkjx7o42.cloudfront.net | 18.164.68.71 | true | false | unknown | |
dukt9g6vj8lpb.cloudfront.net | 52.84.150.43 | true | false | unknown | |
www.google.com | 142.250.185.100 | true | false | unknown | |
d29twgdo50231s.cloudfront.net | 143.204.176.115 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
rules-pear-kft5d2.mystrikingly.com | unknown | unknown | false | unknown | |
static-assets.strikinglycdn.com | unknown | unknown | false | unknown | |
custom-images.strikinglycdn.com | unknown | unknown | false | unknown | |
static-fonts-css.strikinglycdn.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown | ||
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
18.239.69.60 | unknown | United States | 16509 | AMAZON-02US | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
52.84.150.43 | dukt9g6vj8lpb.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
13.32.27.122 | d1zzi8yv54jueq.cloudfront.net | United States | 7018 | ATT-INTERNET4US | false | |
18.164.68.71 | dy7t0zkjx7o42.cloudfront.net | United States | 3 | MIT-GATEWAYSUS | false | |
143.204.176.115 | d29twgdo50231s.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
142.250.185.100 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467915 |
Start date and time: | 2024-07-05 00:59:45 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 1m 52s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://rules-pear-kft5d2.mystrikingly.com/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 5 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@16/12@14/8 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- URL not reachable
- Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.99, 64.233.184.84, 142.250.184.238, 34.104.35.123, 23.211.4.90, 20.12.23.50, 199.232.214.172, 192.229.221.95, 13.85.23.206
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://rules-pear-kft5d2.mystrikingly.com/
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6992 |
Entropy (8bit): | 7.632584464217112 |
Encrypted: | false |
SSDEEP: | 192:nG7iWtsh4Pl6VW8EkCzDwMkBBYZAhBVDszf9mJu:nAiAFl6UwYDw3cehYf9ou |
MD5: | 6A4CE874C3BCAD1CF569CD7C3A6EEA1A |
SHA1: | FE96F1D6059FD7F232CBCAE3C75D13A91288FCE0 |
SHA-256: | 98A0CACCA0D1FB08B998161B9E8262F857A6C9D5B2797B05F2AD1682D95CE158 |
SHA-512: | 18AF829F4346B6447451D980B45C6B35D08E9700A905D92B7C318388E2C62A46742B62AF506C481AC1E5A471FE64DDA7682F0E3A442C2A449E20F4F1BEBF1254 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2532 |
Entropy (8bit): | 7.915826601149609 |
Encrypted: | false |
SSDEEP: | 48:sdo8A+WEUYUq1WqnFbjarH7l0zleHseQF1wo9FtgqzMnkJxJNdZaoax5+994QAlo:setYU5qnVmrHqRlF1woztgsDJxJ1aZxa |
MD5: | 5A2BBDC097843D685D21CEF0882853D3 |
SHA1: | 3654A08FBD51D88F46A20EC5EF23169DC939DB59 |
SHA-256: | 924C957FEDE7AB38037FCCE36841F4FB984A53CCCCB6D11B3C31743EF5FB78CF |
SHA-512: | 9144502163ED28E38916A4CF4DE8F30502A30F0B6810DDA3044EDCCF36CA915CFA09E4F110D81A50C126687F07E31F615C9AD94A6D7F8B895FFD79F8A43420F4 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13572 |
Entropy (8bit): | 5.445799048469965 |
Encrypted: | false |
SSDEEP: | 384:3vHOkdp3vuOhgM1gbOCgb1gbzgbnngbLgbsgbOMbTRCMbQMb2MbqnMb0MbxMbpb7:3fpdp3GMgMebMbebcbgbEb9bjbThb1bu |
MD5: | 279D972A69392461120AC4B085E5CED9 |
SHA1: | 8D3EF7BAA8622620DCA965CC6EA580EC5C03D0E0 |
SHA-256: | DBDB4C16D25F8DA64D6C9E9E12FA798962E14F6FB29E485950418D62853120C2 |
SHA-512: | 5662ADC3793BD786C36B46F680E6EF05424FEBD0428FF00FD37BEE169C4CB3838A066EC034C2279D52D0BCBC9BB653027F1DFD7782A68DA3F9261F4932D646C4 |
Malicious: | false |
Reputation: | low |
URL: | "https://static-fonts-css.strikinglycdn.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic&subset=latin,latin-ext&display=swap" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 120458 |
Entropy (8bit): | 7.997521191802403 |
Encrypted: | true |
SSDEEP: | 3072:dyClvuShTh92/4wRluUq541uYi71Hj83fO/fh6MzXj5vOqx:d9lvJRhoQ44U5u/ZD83W/IMzjcqx |
MD5: | C459F393D681752D8D4115AAAA5ED7F7 |
SHA1: | E01C75B32B82CCFF81620206C2A559493153D843 |
SHA-256: | A06F8A527512ECBDA680626061E35DC2016641F32B1F6ADCA9115BBA34025DAB |
SHA-512: | 29E8F2C3DBEDD3440CA4284E5A4F1325BCFC5542D0FF42B2CD6718FDEE8436FF3F23B4B9F8EDE840390C4217A0FA760DEE98D9676E03EC58DF76270F875A01CA |
Malicious: | false |
Reputation: | low |
URL: | https://static-assets.strikinglycdn.com/themes/glow/main_v4.21abecd37ebeca3fbae1.bundle.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6992 |
Entropy (8bit): | 7.632584464217112 |
Encrypted: | false |
SSDEEP: | 192:nG7iWtsh4Pl6VW8EkCzDwMkBBYZAhBVDszf9mJu:nAiAFl6UwYDw3cehYf9ou |
MD5: | 6A4CE874C3BCAD1CF569CD7C3A6EEA1A |
SHA1: | FE96F1D6059FD7F232CBCAE3C75D13A91288FCE0 |
SHA-256: | 98A0CACCA0D1FB08B998161B9E8262F857A6C9D5B2797B05F2AD1682D95CE158 |
SHA-512: | 18AF829F4346B6447451D980B45C6B35D08E9700A905D92B7C318388E2C62A46742B62AF506C481AC1E5A471FE64DDA7682F0E3A442C2A449E20F4F1BEBF1254 |
Malicious: | false |
Reputation: | low |
URL: | https://static-assets.strikinglycdn.com/images/fb_images/default.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2532 |
Entropy (8bit): | 7.915826601149609 |
Encrypted: | false |
SSDEEP: | 48:sdo8A+WEUYUq1WqnFbjarH7l0zleHseQF1wo9FtgqzMnkJxJNdZaoax5+994QAlo:setYU5qnVmrHqRlF1woztgsDJxJ1aZxa |
MD5: | 5A2BBDC097843D685D21CEF0882853D3 |
SHA1: | 3654A08FBD51D88F46A20EC5EF23169DC939DB59 |
SHA-256: | 924C957FEDE7AB38037FCCE36841F4FB984A53CCCCB6D11B3C31743EF5FB78CF |
SHA-512: | 9144502163ED28E38916A4CF4DE8F30502A30F0B6810DDA3044EDCCF36CA915CFA09E4F110D81A50C126687F07E31F615C9AD94A6D7F8B895FFD79F8A43420F4 |
Malicious: | false |
Reputation: | low |
URL: | "https://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1094 |
Entropy (8bit): | 7.8547577495232686 |
Encrypted: | false |
SSDEEP: | 24:XQnnE1CkL9+KNe/ZAtWHl3tidXHSvk7eVCLolxOjTQopl1j:XQnEV+KNe/uUUHSsTcxOXB |
MD5: | 1A1CCB664791DD666F6F567C685DCC6C |
SHA1: | F84B457C4725BFE17A4D390CD3D6191993B2C83A |
SHA-256: | 97D27ACF3F28AC1DCDEEFC731A237A7B7C437A930D8D9DB5620DC10552C06A68 |
SHA-512: | B0BAB714F0E16855C93B76293B92BD18D42A51BD0289AD1CE140E1D419364BFFA88EFA72FCB027777D380587EDED83E874F7DA930990D57640CFC42E2EFC12A4 |
Malicious: | false |
Reputation: | low |
URL: | https://static-assets.strikinglycdn.com/detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 5, 2024 01:00:27.583317041 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Jul 5, 2024 01:00:28.130306005 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 5, 2024 01:00:39.406439066 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:39.406483889 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:39.406557083 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:39.406737089 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:39.406744003 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:39.406800032 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:39.406913042 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:39.406924963 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:39.407128096 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:39.407135963 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.007950068 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.008765936 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.008793116 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.009772062 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.009854078 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.010335922 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.010536909 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.010545015 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.010777950 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.010837078 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.010941029 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.010946989 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.011557102 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.011616945 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.012478113 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.012542009 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.051942110 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.058238983 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:40.058245897 CEST | 443 | 49736 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:40.103277922 CEST | 49736 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.268738985 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.268767118 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.268774986 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.268807888 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.268836975 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.268851995 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.268872976 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.268892050 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.268914938 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.280035019 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.280052900 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.280080080 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.280124903 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.280139923 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.280282021 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.284974098 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.284992933 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.285049915 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.285062075 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.285078049 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.289302111 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.289344072 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.289382935 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.289393902 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.289424896 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.289921999 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.289975882 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.289983034 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.290029049 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.291311979 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.291379929 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.291387081 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.291457891 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.291501045 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.297684908 CEST | 49735 | 443 | 192.168.2.4 | 52.84.150.43 |
Jul 5, 2024 01:00:41.297708988 CEST | 443 | 49735 | 52.84.150.43 | 192.168.2.4 |
Jul 5, 2024 01:00:41.349649906 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:41.349678040 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:41.349742889 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:41.349843979 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:41.349941969 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:41.350029945 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:41.350275993 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:41.350287914 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:41.356093884 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:41.356123924 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:41.356190920 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:41.356889963 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:41.356931925 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:41.357180119 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:41.357206106 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:41.357680082 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:41.357713938 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:41.357762098 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:41.359837055 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:41.359867096 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:41.359918118 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:41.360415936 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:41.360431910 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:41.360934019 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:41.360948086 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:41.682693005 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:41.682737112 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:41.682811022 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:41.683208942 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:41.683231115 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:42.062120914 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.062361002 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.062407017 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.062431097 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.062568903 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.062582970 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.063452005 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.063508034 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.063641071 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.063689947 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.064285994 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.064460993 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.064486027 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.065558910 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.065612078 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.083146095 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.083581924 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.083648920 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.084723949 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.084796906 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.135683060 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.135905027 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.135946989 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.136945009 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.137010098 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.289474964 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.289568901 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.289633989 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.289649963 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.291014910 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.291169882 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.291194916 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.291426897 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.291569948 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.292213917 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.292335987 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.292351007 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.292468071 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.292536020 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.292711020 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.292764902 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.332503080 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.332523108 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.333077908 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.333082914 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.333089113 CEST | 443 | 49743 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.333127022 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.333137035 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:42.333137989 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.333137989 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.333164930 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.341773033 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:42.372143984 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:42.372200966 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:42.373191118 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:42.373260021 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:42.374412060 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:42.374474049 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:42.379990101 CEST | 49743 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.379998922 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:42.380017996 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.426836014 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:42.426870108 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:42.465240955 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.468224049 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.468233109 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.468296051 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.468303919 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.468350887 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.473706961 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:42.511384964 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.511406898 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.511451960 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.511478901 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.511508942 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.511558056 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.526380062 CEST | 49741 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.526431084 CEST | 443 | 49741 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.532659054 CEST | 49740 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:42.532679081 CEST | 443 | 49740 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:42.599124908 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.599170923 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.599330902 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.599800110 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:42.599816084 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:42.608417034 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:42.608444929 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:42.608761072 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:42.610649109 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:42.610661983 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.357544899 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.357784033 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.357805967 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.358679056 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.358742952 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.359091997 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.359149933 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.359239101 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.366689920 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.366885900 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.366903067 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.367889881 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.368010044 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.368351936 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.368351936 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.368407011 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.368895054 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.368917942 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.368925095 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.368954897 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.368994951 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.369019985 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.369046926 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.370929003 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.371090889 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.371098042 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.400501013 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.411209106 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.411212921 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.411220074 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.411226034 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.411231995 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.428113937 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.428137064 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.428271055 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:43.428280115 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.428535938 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:43.429487944 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.429496050 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.429537058 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.429549932 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.429570913 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:43.429574013 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.429604053 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:43.429749966 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:43.429754972 CEST | 443 | 49742 | 143.204.176.115 | 192.168.2.4 |
Jul 5, 2024 01:00:43.429781914 CEST | 49742 | 443 | 192.168.2.4 | 143.204.176.115 |
Jul 5, 2024 01:00:43.458095074 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.458098888 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.542052984 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.574573040 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.574599028 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.574651957 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.574665070 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.574676991 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.574847937 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.575611115 CEST | 49745 | 443 | 192.168.2.4 | 13.32.27.122 |
Jul 5, 2024 01:00:43.575627089 CEST | 443 | 49745 | 13.32.27.122 | 192.168.2.4 |
Jul 5, 2024 01:00:43.580311060 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.580319881 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.580331087 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.580355883 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.580399036 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.580418110 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.580447912 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.592273951 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.592282057 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.592314959 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.592344999 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.592350960 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.592360020 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.592370987 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.592386007 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.628314972 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.631659031 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.631666899 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.631717920 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.631726027 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.631783009 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.631968021 CEST | 49746 | 443 | 192.168.2.4 | 18.239.69.60 |
Jul 5, 2024 01:00:43.631983042 CEST | 443 | 49746 | 18.239.69.60 | 192.168.2.4 |
Jul 5, 2024 01:00:43.645580053 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.645590067 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.692457914 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.743146896 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.743187904 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.743259907 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.743916988 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.743937016 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789473057 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789489031 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789526939 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789544106 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789555073 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789566040 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.789586067 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.789645910 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.801373959 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.801382065 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.801403999 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.801417112 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.801433086 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.801547050 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.801554918 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.801691055 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.813534975 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.813544035 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.813571930 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.813585997 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.813632011 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.813637972 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.813678026 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.871123075 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.871144056 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.871187925 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.871191978 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.871201992 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.871244907 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.871251106 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.871294975 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:43.871299982 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:43.871335030 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:44.059639931 CEST | 49739 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:44.059653997 CEST | 443 | 49739 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:44.442953110 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:44.445787907 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:44.445806980 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:44.446096897 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:44.446932077 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:44.446988106 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:44.447387934 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:44.488507986 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:45.560173988 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:45.560283899 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:45.566659927 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:45.659995079 CEST | 49748 | 443 | 192.168.2.4 | 18.164.68.71 |
Jul 5, 2024 01:00:45.660013914 CEST | 443 | 49748 | 18.164.68.71 | 192.168.2.4 |
Jul 5, 2024 01:00:52.250262976 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:52.250312090 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Jul 5, 2024 01:00:52.250358105 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:54.087496042 CEST | 49744 | 443 | 192.168.2.4 | 142.250.185.100 |
Jul 5, 2024 01:00:54.087522030 CEST | 443 | 49744 | 142.250.185.100 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 5, 2024 01:00:37.932207108 CEST | 53 | 50493 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:37.932665110 CEST | 53 | 59953 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:38.918304920 CEST | 53 | 56860 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:39.385476112 CEST | 49318 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:39.385631084 CEST | 55223 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:39.405363083 CEST | 53 | 49318 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:39.405778885 CEST | 53 | 55223 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.309890985 CEST | 54336 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.310209036 CEST | 61904 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.313625097 CEST | 63373 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.313867092 CEST | 60740 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.314532042 CEST | 59390 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.314867020 CEST | 50999 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.338709116 CEST | 53 | 63373 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.347515106 CEST | 53 | 60740 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.348757029 CEST | 53 | 59390 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.350585938 CEST | 53 | 61904 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.350697041 CEST | 53 | 50999 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.355634928 CEST | 53 | 54336 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.672077894 CEST | 63493 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.672600031 CEST | 61253 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:41.678940058 CEST | 53 | 63493 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:41.679570913 CEST | 53 | 61253 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:42.571655989 CEST | 54307 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:42.572191954 CEST | 54976 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:42.573383093 CEST | 55034 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:42.574101925 CEST | 56186 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 5, 2024 01:00:42.591097116 CEST | 53 | 54307 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:42.597714901 CEST | 53 | 56186 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:42.600708008 CEST | 53 | 54976 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:42.607417107 CEST | 53 | 55034 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:55.923573017 CEST | 53 | 62112 | 1.1.1.1 | 192.168.2.4 |
Jul 5, 2024 01:00:58.104572058 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 5, 2024 01:00:41.347572088 CEST | 192.168.2.4 | 1.1.1.1 | c26d | (Port unreachable) | Destination Unreachable |
Jul 5, 2024 01:00:42.600939989 CEST | 192.168.2.4 | 1.1.1.1 | c26e | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 5, 2024 01:00:39.385476112 CEST | 192.168.2.4 | 1.1.1.1 | 0xe0f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:39.385631084 CEST | 192.168.2.4 | 1.1.1.1 | 0xa683 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.309890985 CEST | 192.168.2.4 | 1.1.1.1 | 0x5bcf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.310209036 CEST | 192.168.2.4 | 1.1.1.1 | 0x1554 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.313625097 CEST | 192.168.2.4 | 1.1.1.1 | 0x94eb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.313867092 CEST | 192.168.2.4 | 1.1.1.1 | 0x11b1 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.314532042 CEST | 192.168.2.4 | 1.1.1.1 | 0xacad | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.314867020 CEST | 192.168.2.4 | 1.1.1.1 | 0x5ef2 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.672077894 CEST | 192.168.2.4 | 1.1.1.1 | 0x291 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:41.672600031 CEST | 192.168.2.4 | 1.1.1.1 | 0x280a | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 5, 2024 01:00:42.571655989 CEST | 192.168.2.4 | 1.1.1.1 | 0x33ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:42.572191954 CEST | 192.168.2.4 | 1.1.1.1 | 0x1a81 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 5, 2024 01:00:42.573383093 CEST | 192.168.2.4 | 1.1.1.1 | 0xef30 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 5, 2024 01:00:42.574101925 CEST | 192.168.2.4 | 1.1.1.1 | 0x3118 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 5, 2024 01:00:39.405363083 CEST | 1.1.1.1 | 192.168.2.4 | 0xe0f3 | No error (0) | dukt9g6vj8lpb.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:39.405363083 CEST | 1.1.1.1 | 192.168.2.4 | 0xe0f3 | No error (0) | 52.84.150.43 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:39.405363083 CEST | 1.1.1.1 | 192.168.2.4 | 0xe0f3 | No error (0) | 52.84.150.39 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:39.405363083 CEST | 1.1.1.1 | 192.168.2.4 | 0xe0f3 | No error (0) | 52.84.150.63 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:39.405363083 CEST | 1.1.1.1 | 192.168.2.4 | 0xe0f3 | No error (0) | 52.84.150.45 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:39.405778885 CEST | 1.1.1.1 | 192.168.2.4 | 0xa683 | No error (0) | dukt9g6vj8lpb.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.338709116 CEST | 1.1.1.1 | 192.168.2.4 | 0x94eb | No error (0) | dy7t0zkjx7o42.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.338709116 CEST | 1.1.1.1 | 192.168.2.4 | 0x94eb | No error (0) | 18.164.68.71 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.338709116 CEST | 1.1.1.1 | 192.168.2.4 | 0x94eb | No error (0) | 18.164.68.56 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.338709116 CEST | 1.1.1.1 | 192.168.2.4 | 0x94eb | No error (0) | 18.164.68.91 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.338709116 CEST | 1.1.1.1 | 192.168.2.4 | 0x94eb | No error (0) | 18.164.68.129 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.347515106 CEST | 1.1.1.1 | 192.168.2.4 | 0x11b1 | No error (0) | dy7t0zkjx7o42.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.348757029 CEST | 1.1.1.1 | 192.168.2.4 | 0xacad | No error (0) | d1zzi8yv54jueq.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.348757029 CEST | 1.1.1.1 | 192.168.2.4 | 0xacad | No error (0) | 13.32.27.122 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.348757029 CEST | 1.1.1.1 | 192.168.2.4 | 0xacad | No error (0) | 13.32.27.37 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.348757029 CEST | 1.1.1.1 | 192.168.2.4 | 0xacad | No error (0) | 13.32.27.59 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.348757029 CEST | 1.1.1.1 | 192.168.2.4 | 0xacad | No error (0) | 13.32.27.18 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.350585938 CEST | 1.1.1.1 | 192.168.2.4 | 0x1554 | No error (0) | d29twgdo50231s.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.350697041 CEST | 1.1.1.1 | 192.168.2.4 | 0x5ef2 | No error (0) | d1zzi8yv54jueq.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.355634928 CEST | 1.1.1.1 | 192.168.2.4 | 0x5bcf | No error (0) | d29twgdo50231s.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.355634928 CEST | 1.1.1.1 | 192.168.2.4 | 0x5bcf | No error (0) | 143.204.176.115 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.355634928 CEST | 1.1.1.1 | 192.168.2.4 | 0x5bcf | No error (0) | 143.204.176.118 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.355634928 CEST | 1.1.1.1 | 192.168.2.4 | 0x5bcf | No error (0) | 143.204.176.110 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.355634928 CEST | 1.1.1.1 | 192.168.2.4 | 0x5bcf | No error (0) | 143.204.176.32 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.678940058 CEST | 1.1.1.1 | 192.168.2.4 | 0x291 | No error (0) | 142.250.185.100 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:41.679570913 CEST | 1.1.1.1 | 192.168.2.4 | 0x280a | No error (0) | 65 | IN (0x0001) | false | |||
Jul 5, 2024 01:00:42.591097116 CEST | 1.1.1.1 | 192.168.2.4 | 0x33ed | No error (0) | d1zzi8yv54jueq.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.591097116 CEST | 1.1.1.1 | 192.168.2.4 | 0x33ed | No error (0) | 13.32.27.122 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.591097116 CEST | 1.1.1.1 | 192.168.2.4 | 0x33ed | No error (0) | 13.32.27.59 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.591097116 CEST | 1.1.1.1 | 192.168.2.4 | 0x33ed | No error (0) | 13.32.27.37 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.591097116 CEST | 1.1.1.1 | 192.168.2.4 | 0x33ed | No error (0) | 13.32.27.18 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.597714901 CEST | 1.1.1.1 | 192.168.2.4 | 0x3118 | No error (0) | dy7t0zkjx7o42.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.600708008 CEST | 1.1.1.1 | 192.168.2.4 | 0x1a81 | No error (0) | d1zzi8yv54jueq.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.607417107 CEST | 1.1.1.1 | 192.168.2.4 | 0xef30 | No error (0) | dy7t0zkjx7o42.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.607417107 CEST | 1.1.1.1 | 192.168.2.4 | 0xef30 | No error (0) | 18.239.69.60 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.607417107 CEST | 1.1.1.1 | 192.168.2.4 | 0xef30 | No error (0) | 18.239.69.54 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.607417107 CEST | 1.1.1.1 | 192.168.2.4 | 0xef30 | No error (0) | 18.239.69.21 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:42.607417107 CEST | 1.1.1.1 | 192.168.2.4 | 0xef30 | No error (0) | 18.239.69.108 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:51.435678959 CEST | 1.1.1.1 | 192.168.2.4 | 0x902c | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:51.435678959 CEST | 1.1.1.1 | 192.168.2.4 | 0x902c | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:52.086525917 CEST | 1.1.1.1 | 192.168.2.4 | 0x47fe | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 5, 2024 01:00:52.086525917 CEST | 1.1.1.1 | 192.168.2.4 | 0x47fe | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49735 | 52.84.150.43 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:40 UTC | 677 | OUT | |
2024-07-04 23:00:41 UTC | 855 | IN | |
2024-07-04 23:00:41 UTC | 15529 | IN | |
2024-07-04 23:00:41 UTC | 16384 | IN | |
2024-07-04 23:00:41 UTC | 590 | IN | |
2024-07-04 23:00:41 UTC | 16384 | IN | |
2024-07-04 23:00:41 UTC | 1024 | IN | |
2024-07-04 23:00:41 UTC | 15360 | IN | |
2024-07-04 23:00:41 UTC | 4096 | IN | |
2024-07-04 23:00:41 UTC | 8192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49739 | 18.164.68.71 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:42 UTC | 614 | OUT | |
2024-07-04 23:00:43 UTC | 801 | IN | |
2024-07-04 23:00:43 UTC | 10411 | IN | |
2024-07-04 23:00:43 UTC | 7435 | IN | |
2024-07-04 23:00:43 UTC | 1024 | IN | |
2024-07-04 23:00:43 UTC | 16384 | IN | |
2024-07-04 23:00:43 UTC | 1024 | IN | |
2024-07-04 23:00:43 UTC | 16384 | IN | |
2024-07-04 23:00:43 UTC | 1024 | IN | |
2024-07-04 23:00:43 UTC | 16384 | IN | |
2024-07-04 23:00:43 UTC | 15990 | IN | |
2024-07-04 23:00:43 UTC | 394 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49742 | 143.204.176.115 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:42 UTC | 650 | OUT | |
2024-07-04 23:00:43 UTC | 463 | IN | |
2024-07-04 23:00:43 UTC | 3943 | IN | |
2024-07-04 23:00:43 UTC | 9629 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49740 | 18.164.68.71 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:42 UTC | 637 | OUT | |
2024-07-04 23:00:42 UTC | 737 | IN | |
2024-07-04 23:00:42 UTC | 6992 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49741 | 13.32.27.122 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:42 UTC | 705 | OUT | |
2024-07-04 23:00:42 UTC | 739 | IN | |
2024-07-04 23:00:42 UTC | 2532 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49745 | 13.32.27.122 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:43 UTC | 451 | OUT | |
2024-07-04 23:00:43 UTC | 739 | IN | |
2024-07-04 23:00:43 UTC | 2532 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49746 | 18.239.69.60 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:43 UTC | 383 | OUT | |
2024-07-04 23:00:43 UTC | 737 | IN | |
2024-07-04 23:00:43 UTC | 6992 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49748 | 18.164.68.71 | 443 | 6020 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 23:00:44 UTC | 625 | OUT | |
2024-07-04 23:00:45 UTC | 775 | IN | |
2024-07-04 23:00:45 UTC | 1094 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 19:00:31 |
Start date: | 04/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 19:00:35 |
Start date: | 04/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 19:00:38 |
Start date: | 04/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |