Windows
Analysis Report
https://myssc.tnb.com.my
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 5632 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5888 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1976 --fi eld-trial- handle=200 8,i,923045 5310476517 208,103445 8902263744 0039,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6480 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://myssc .tnb.com.m y" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 142.250.74.196 | true | false | unknown | |
myssc.tnb.com.my | 202.190.48.233 | true | false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
202.190.48.233 | myssc.tnb.com.my | Malaysia | 9930 | TTNET-MYTIMEdotComBerhadMY | false | |
142.250.74.196 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.16 |
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1544376 |
Start date and time: | 2024-10-29 10:46:09 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 12s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://myssc.tnb.com.my |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@20/6@4/5 |
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.67, 142.250.185.238, 74.125.133.84, 34.104.35.123, 199.232.210.172, 216.58.206.67, 142.250.186.67, 172.217.23.99, 199.232.214.172, 142.250.74.206
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, www.gstatic.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: https://myssc.tnb.com.my
Input | Output |
---|---|
URL: Model: claude-3-5-sonnet-latest | { "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false } |
URL: URL: https://myssc.tnb.com.my |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.9916553123460217 |
Encrypted: | false |
SSDEEP: | 48:8xd0T4UJHFidAKZdA1FehwiZUklqehly+3:8QfFqy |
MD5: | 54A759FF05568C61FED2F8B479CA831B |
SHA1: | A0B938A722D59E9A7DBFF7EC5F905E2DFDB8B5AD |
SHA-256: | CAEB58BE7080B96A73430EE954384A59C12E6F68F8E59709988A32B250F9C604 |
SHA-512: | FC808D2F7D26DC9E81F360A7F39B2596BBB0CAA5D2D044394162E58DCFC2FABF2656A584453F6BF02F65F5DF7193E93B44C1B845C94044F27AB355DD40818B2B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 4.005774428093555 |
Encrypted: | false |
SSDEEP: | 48:8XFd0T4UJHFidAKZdA1seh/iZUkAQkqehay+2:88fb9Qny |
MD5: | B704B0CB427161DB20128CCDA4D69298 |
SHA1: | 55EA416D149CF02F8B6C10B4B2BD8A9F7E7F9365 |
SHA-256: | D8A21DEA36C7551CD7A14FE13E938FC90E058337445DEA57379A3531D3333E1D |
SHA-512: | 6B9B853E8858B074CD01E43C3BB2A737C899574F872C67831A40EF32F98675F6291BD6822AD78CED42F1F1FF626A737298CA3CA1F49036641CB500AA08F8A31C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.014967533871171 |
Encrypted: | false |
SSDEEP: | 48:8xd0T4UAHFidAKZdA14meh7sFiZUkmgqeh7sMy+BX:8QfQnmy |
MD5: | 69051508299DD546087FF0A73EE7D4A3 |
SHA1: | 2984EE48D36AADB4F0A3BE38C7BD992455C5E2A1 |
SHA-256: | 40FED49C3119CA818B673DFAC465080AE3FFCD3F44732FB3F32E166FF5EBCAAA |
SHA-512: | A8D14A65FBA576EBA3F46EC869244005331B04E39BE74CA96B2E484941068FD222D4D6EF119333EB2ACA5BB16E8C178A52B20B46D4429CE3F6679895F8773DCE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 4.003361774341766 |
Encrypted: | false |
SSDEEP: | 48:8Ad0T4UJHFidAKZdA1TehDiZUkwqehey+R:83fIky |
MD5: | 37C057E9DF526F4731CB3A10DD1DE53D |
SHA1: | E5760AE2EEAF047AAF5CB5D44EB283E5681FDB38 |
SHA-256: | BA65F1C30A66E5928FC39C56A39ADE8E9D6796390E31A130D7284A0CB8A96DD1 |
SHA-512: | 539B43688C9F868587D5314202AD3C655168B7DE03ABECFB01AFBA21A9901763802CC230A48DBC5C4B363402A4E18F8F4C3A87D66A15275C2F401DD6FC50672C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.993899921621655 |
Encrypted: | false |
SSDEEP: | 48:8bKd0T4UJHFidAKZdA1dehBiZUk1W1qehoy+C:8Vf49Iy |
MD5: | 3153672234095766CDF0A12531E78345 |
SHA1: | 92D2E69914AB4F6B02CD2A24CB746351E948571D |
SHA-256: | 1E8FC965C4E67F9ABAE35846FB4E93FE6489F6FB067A945786F96D9EB0AF9C21 |
SHA-512: | 30683CB9468C451D5CCB965DE6C9B8B88E66AE9D3B6B35D8D3C6973CF92AF874B4D80EC401B81EF16D74A74F5CDE19CCB6F6D6F6BB24D224E7DD2AFED2639C4C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.000556402580414 |
Encrypted: | false |
SSDEEP: | 48:8xd0T4UJHFidAKZdA1duTeehOuTbbiZUk5OjqehOuTbmy+yT+:8QfKTfTbxWOvTbmy7T |
MD5: | 49A5FA3EA41EFD0BA59A285F6A00C5F3 |
SHA1: | 5DFA6ACB0409E20C7E8650DE625BA4AE76465FEB |
SHA-256: | 167DFAD91CA6771C0FC8DC580CDF431EECA8C465EBF3A48ED1882427D19342CC |
SHA-512: | 26D962AEB1877AE116527D6C096F849B61F0D2F8C9B5C198A2D58C2A50FD938DF6E6C008771CF2F0AFAA3D6AA06E6C99C78E28D955E020D0BE78DB29DB911997 |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 29, 2024 10:46:40.878112078 CET | 49699 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:40.878160954 CET | 443 | 49699 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:40.878278017 CET | 49699 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:40.878973007 CET | 49699 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:40.878988981 CET | 443 | 49699 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:40.879734039 CET | 49700 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:40.879774094 CET | 443 | 49700 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:40.879848957 CET | 49700 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:40.880033970 CET | 49700 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:40.880064964 CET | 443 | 49700 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:41.737895012 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:46:42.037592888 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:46:42.638468981 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:46:43.843914986 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:46:44.591711044 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:44.591732979 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:44.591803074 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:44.592072964 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:44.592092991 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:44.735008001 CET | 49689 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:46:45.453723907 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:45.454015017 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:45.454046965 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:45.455091953 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:45.455173016 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:45.456290007 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:45.456362963 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:45.511528969 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:45.511552095 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:45.558475971 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:46.245656013 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:46:48.023803949 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:48.023847103 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:48.023989916 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:48.025988102 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:48.026001930 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:48.871284008 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:48.871381998 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:48.877291918 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:48.877301931 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:48.877556086 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:48.920778036 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:48.967338085 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.163424969 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.163505077 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.163615942 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:49.163675070 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:49.163675070 CET | 49708 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:49.163693905 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.163703918 CET | 443 | 49708 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.204161882 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:49.204201937 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.204704046 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:49.205028057 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:49.205046892 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:49.915186882 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:46:50.049731016 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.049813032 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:50.051449060 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:50.051462889 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.051703930 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.052848101 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:50.099329948 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.216550112 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:46:50.300584078 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.300659895 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.300720930 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:50.301511049 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:50.301532030 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.301547050 CET | 49709 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 29, 2024 10:46:50.301553965 CET | 443 | 49709 | 184.28.90.27 | 192.168.2.16 |
Oct 29, 2024 10:46:50.824506998 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:46:51.047529936 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:46:52.034531116 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:46:52.104317904 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:52.104365110 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:52.104455948 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:52.105485916 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:52.105498075 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:52.914892912 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:52.915126085 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:52.917818069 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:52.917828083 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:52.918148994 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:52.970599890 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:52.978513002 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.023329020 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243124008 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243180990 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243201971 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243220091 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243268013 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.243275881 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243299007 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243309975 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.243343115 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.243347883 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243388891 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.243405104 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.243447065 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243506908 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.243519068 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243760109 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.243825912 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.255007982 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.255055904 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:53.255074024 CET | 49710 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:46:53.255084038 CET | 443 | 49710 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:46:54.370743036 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:46:54.449548960 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:46:54.673548937 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:46:55.276200056 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:46:55.443145037 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:55.443233013 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:55.443300962 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:55.992873907 CET | 49704 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:46:55.992919922 CET | 443 | 49704 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:46:56.484569073 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:46:57.845735073 CET | 443 | 49699 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.845828056 CET | 49699 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.846100092 CET | 49699 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.846121073 CET | 443 | 49699 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.846781969 CET | 49711 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.846826077 CET | 443 | 49711 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.846906900 CET | 49711 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.847174883 CET | 49711 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.847193003 CET | 443 | 49711 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.880662918 CET | 443 | 49700 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.880779982 CET | 49700 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.880960941 CET | 49700 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.880975008 CET | 443 | 49700 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.881483078 CET | 49712 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.881526947 CET | 443 | 49712 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:57.881599903 CET | 49712 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.881901026 CET | 49712 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:46:57.881915092 CET | 443 | 49712 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:46:58.888592958 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:46:59.255552053 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:47:00.658659935 CET | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 29, 2024 10:47:03.696574926 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:47:08.860717058 CET | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 29, 2024 10:47:13.311611891 CET | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 29, 2024 10:47:14.819247007 CET | 443 | 49711 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:14.819384098 CET | 49711 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:14.819574118 CET | 49711 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:14.819591999 CET | 443 | 49711 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:14.863030910 CET | 443 | 49712 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:14.863178015 CET | 49712 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:14.863332033 CET | 49712 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:14.863349915 CET | 443 | 49712 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:15.856414080 CET | 49714 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:15.856461048 CET | 443 | 49714 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:15.856587887 CET | 49714 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:15.856844902 CET | 49714 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:15.856856108 CET | 443 | 49714 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:15.857480049 CET | 49715 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:15.857569933 CET | 443 | 49715 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:15.857673883 CET | 49715 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:15.857866049 CET | 49715 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:15.857902050 CET | 443 | 49715 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:29.627851963 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:29.627882957 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:29.628012896 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:29.628431082 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:29.628446102 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.667474031 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.667572021 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.668998003 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.669006109 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.669451952 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.671021938 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.711374044 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.947197914 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.947253942 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.947297096 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.947329044 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.947340965 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.947402954 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.949044943 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.949095964 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.949139118 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.949153900 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.949174881 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.949269056 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.949315071 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.950218916 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.950228930 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:30.950242043 CET | 49716 | 443 | 192.168.2.16 | 20.109.210.53 |
Oct 29, 2024 10:47:30.950248957 CET | 443 | 49716 | 20.109.210.53 | 192.168.2.16 |
Oct 29, 2024 10:47:32.851531982 CET | 443 | 49715 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.851663113 CET | 49715 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.851814985 CET | 49715 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.851851940 CET | 443 | 49715 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.852257967 CET | 49717 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.852317095 CET | 443 | 49717 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.852632046 CET | 49717 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.853204966 CET | 443 | 49714 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.853283882 CET | 49714 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.855094910 CET | 49717 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.855124950 CET | 443 | 49717 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.855170965 CET | 49714 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.855214119 CET | 443 | 49714 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.855403900 CET | 49718 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.855504036 CET | 443 | 49718 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:32.855588913 CET | 49718 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.855755091 CET | 49718 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:32.855782986 CET | 443 | 49718 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:44.635684967 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:44.635806084 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:44.635924101 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:44.636164904 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:44.636188984 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:45.491112947 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:45.491486073 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:45.491558075 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:45.492712975 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:45.493046999 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:45.493240118 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:45.541686058 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:49.850430965 CET | 443 | 49717 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:49.850572109 CET | 49717 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:49.850783110 CET | 49717 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:49.850825071 CET | 443 | 49717 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:49.865190029 CET | 443 | 49718 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:49.865309000 CET | 49718 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:49.865473032 CET | 49718 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:49.865488052 CET | 443 | 49718 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:54.876133919 CET | 49723 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:54.876220942 CET | 443 | 49723 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:54.876311064 CET | 49723 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:54.876419067 CET | 49724 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:54.876451969 CET | 443 | 49724 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:54.876514912 CET | 49724 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:54.876593113 CET | 49723 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:54.876643896 CET | 443 | 49723 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:54.876748085 CET | 49724 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:47:54.876761913 CET | 443 | 49724 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:47:55.486814022 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:55.486963034 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:47:55.487042904 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:55.988029957 CET | 49720 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:47:55.988065958 CET | 443 | 49720 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:48:11.857475042 CET | 443 | 49723 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.857651949 CET | 49723 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.857819080 CET | 49723 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.857858896 CET | 443 | 49723 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.858346939 CET | 49726 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.858393908 CET | 443 | 49726 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.858489037 CET | 49726 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.858709097 CET | 49726 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.858722925 CET | 443 | 49726 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.862442970 CET | 443 | 49724 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.862555981 CET | 49724 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.862812996 CET | 49724 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.862828016 CET | 443 | 49724 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.862848997 CET | 49727 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.862895012 CET | 443 | 49727 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:11.862977028 CET | 49727 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.863142014 CET | 49727 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:11.863158941 CET | 443 | 49727 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:28.843863964 CET | 443 | 49726 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:28.843997002 CET | 49726 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:28.844245911 CET | 49726 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:28.844263077 CET | 443 | 49726 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:28.848571062 CET | 443 | 49727 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:28.848683119 CET | 49727 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:28.848810911 CET | 49727 | 443 | 192.168.2.16 | 202.190.48.233 |
Oct 29, 2024 10:48:28.848825932 CET | 443 | 49727 | 202.190.48.233 | 192.168.2.16 |
Oct 29, 2024 10:48:44.698046923 CET | 49728 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:48:44.698091030 CET | 443 | 49728 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:48:44.698201895 CET | 49728 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:48:44.698496103 CET | 49728 | 443 | 192.168.2.16 | 142.250.74.196 |
Oct 29, 2024 10:48:44.698524952 CET | 443 | 49728 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:48:45.561332941 CET | 443 | 49728 | 142.250.74.196 | 192.168.2.16 |
Oct 29, 2024 10:48:45.606862068 CET | 49728 | 443 | 192.168.2.16 | 142.250.74.196 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 29, 2024 10:46:39.749412060 CET | 53 | 61693 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:39.817250013 CET | 53 | 63574 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:40.663647890 CET | 58797 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 29, 2024 10:46:40.663985014 CET | 58886 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 29, 2024 10:46:40.832070112 CET | 53 | 58797 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:41.029284000 CET | 53 | 60459 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:44.582823992 CET | 62636 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 29, 2024 10:46:44.583090067 CET | 49215 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 29, 2024 10:46:44.590466976 CET | 53 | 49215 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:44.590797901 CET | 53 | 62636 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:44.623544931 CET | 53 | 58886 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:46:57.918234110 CET | 53 | 59668 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:47:16.731214046 CET | 53 | 65455 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:47:39.714612961 CET | 53 | 54663 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:47:39.732465982 CET | 53 | 57830 | 1.1.1.1 | 192.168.2.16 |
Oct 29, 2024 10:47:46.076606989 CET | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
Oct 29, 2024 10:48:09.049969912 CET | 53 | 61596 | 1.1.1.1 | 192.168.2.16 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 29, 2024 10:46:44.623620033 CET | 192.168.2.16 | 1.1.1.1 | c1f2 | (Port unreachable) | Destination Unreachable |
Oct 29, 2024 10:47:10.820739031 CET | 192.168.2.16 | 1.1.1.1 | c201 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 29, 2024 10:46:40.663647890 CET | 192.168.2.16 | 1.1.1.1 | 0x7c9c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 29, 2024 10:46:40.663985014 CET | 192.168.2.16 | 1.1.1.1 | 0x6794 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 29, 2024 10:46:44.582823992 CET | 192.168.2.16 | 1.1.1.1 | 0xc4b8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 29, 2024 10:46:44.583090067 CET | 192.168.2.16 | 1.1.1.1 | 0x1248 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 29, 2024 10:46:40.832070112 CET | 1.1.1.1 | 192.168.2.16 | 0x7c9c | No error (0) | 202.190.48.233 | A (IP address) | IN (0x0001) | false | ||
Oct 29, 2024 10:46:44.590466976 CET | 1.1.1.1 | 192.168.2.16 | 0x1248 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 29, 2024 10:46:44.590797901 CET | 1.1.1.1 | 192.168.2.16 | 0xc4b8 | No error (0) | 142.250.74.196 | A (IP address) | IN (0x0001) | false | ||
Oct 29, 2024 10:46:44.623544931 CET | 1.1.1.1 | 192.168.2.16 | 0x6794 | Server failure (2) | none | none | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49708 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-29 09:46:48 UTC | 161 | OUT | |
2024-10-29 09:46:49 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49709 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-29 09:46:50 UTC | 239 | OUT | |
2024-10-29 09:46:50 UTC | 514 | IN | |
2024-10-29 09:46:50 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.16 | 49710 | 20.109.210.53 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-29 09:46:52 UTC | 306 | OUT | |
2024-10-29 09:46:53 UTC | 560 | IN | |
2024-10-29 09:46:53 UTC | 15824 | IN | |
2024-10-29 09:46:53 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49716 | 20.109.210.53 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-29 09:47:30 UTC | 306 | OUT | |
2024-10-29 09:47:30 UTC | 560 | IN | |
2024-10-29 09:47:30 UTC | 15824 | IN | |
2024-10-29 09:47:30 UTC | 14181 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 05:46:38 |
Start date: | 29/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 05:46:38 |
Start date: | 29/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 05:46:39 |
Start date: | 29/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |