Windows
Analysis Report
http://pub-73e3a990093147c78a55ab4739ef17e5.r2.dev/docu/e_protocol.html
Overview
General Information
Detection
Score: | 92 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2000 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3104 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2512 --fi eld-trial- handle=246 8,i,119739 4569104485 626,480839 4245553301 997,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6584 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://pub-73 e3a9900931 47c78a55ab 4739ef17e5 .r2.dev/do cu/e_proto col.html" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_64 | Yara detected HtmlPhish_64 | Joe Security | ||
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
- • AV Detection
- • Phishing
- • Networking
- • System Summary
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: |
Phishing |
---|
Source: | Joe Sandbox AI: |
Source: | Page Title: | ||
Source: | Page Title: |
Source: | File source: | ||
Source: | File source: |
Source: | File source: |
Source: | Joe Sandbox AI: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Browser Extensions | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Scripting | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | malware |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
pub-73e3a990093147c78a55ab4739ef17e5.r2.dev | 172.66.0.235 | true | true | unknown | |
www.google.com | 142.250.186.100 | true | false | high | |
www.continentalsports.co.uk | 95.154.228.177 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown | ||
false |
| unknown | |
true | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
162.159.140.237 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
95.154.228.177 | www.continentalsports.co.uk | United Kingdom | 20860 | IOMART-ASGB | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.66.0.235 | pub-73e3a990093147c78a55ab4739ef17e5.r2.dev | United States | 13335 | CLOUDFLARENETUS | true |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1591497 |
Start date and time: | 2025-01-15 01:38:01 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://pub-73e3a990093147c78a55ab4739ef17e5.r2.dev/docu/e_protocol.html |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal92.phis.win@17/10@10/7 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, W MIADAP.exe, SIHClient.exe, con host.exe, svchost.exe - Excluded IPs from analysis (wh
itelisted): 216.58.206.46, 64. 233.167.84, 142.250.186.163, 1 42.250.185.238, 172.217.23.110 , 142.250.184.238, 216.58.206. 74, 172.217.18.10, 142.250.185 .234, 142.250.186.170, 142.250 .186.138, 172.217.23.106, 142. 250.186.42, 172.217.16.202, 14 2.250.186.106, 142.250.181.234 , 216.58.206.42, 142.250.185.1 06, 142.250.186.74, 216.58.212 .138, 142.250.185.170, 142.250 .185.202, 142.250.184.202, 142 .250.184.234, 199.232.210.172, 2.17.190.73, 142.250.186.110, 142.250.185.110, 142.250.184. 206, 172.217.18.110, 216.58.20 6.78, 216.58.206.67, 184.28.90 .27, 52.149.20.212, 13.107.246 .45 - Excluded domains from analysis
(whitelisted): fs.microsoft.c om, accounts.google.com, conte nt-autofill.googleapis.com, sl scr.update.microsoft.com, otel rules.azureedge.net, ajax.goog leapis.com, ctldl.windowsupdat e.com, clientservices.googleap is.com, fe3cr.delivery.mp.micr osoft.com, clients2.google.com , ocsp.digicert.com, edgedl.me .gvt1.com, redirector.gvt1.com , update.googleapis.com, clien ts.l.google.com - Not all processes where analyz
ed, report is missing behavior information - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data. - VT rate limit hit for: http:/
/pub-73e3a990093147c78a55ab473 9ef17e5.r2.dev/docu/e_protocol .html
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 85578 |
Entropy (8bit): | 5.366055229017455 |
Encrypted: | false |
SSDEEP: | 1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2 |
MD5: | 2F6B11A7E914718E0290410E85366FE9 |
SHA1: | 69BB69E25CA7D5EF0935317584E6153F3FD9A88C |
SHA-256: | 05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E |
SHA-512: | 0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB |
Malicious: | false |
Reputation: | low |
URL: | https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 85578 |
Entropy (8bit): | 5.366055229017455 |
Encrypted: | false |
SSDEEP: | 1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2 |
MD5: | 2F6B11A7E914718E0290410E85366FE9 |
SHA1: | 69BB69E25CA7D5EF0935317584E6153F3FD9A88C |
SHA-256: | 05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E |
SHA-512: | 0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 252205 |
Entropy (8bit): | 6.083975621579217 |
Encrypted: | false |
SSDEEP: | 6144:8ajpSYt72uB8zd3nuatHiuZ1aYxs7TA7V+se6LOt1Xf54:8a1SYtRc33CMaoQTA7V+se61 |
MD5: | AC9DBD4FD1FB0ADD29A1B8703BCE9406 |
SHA1: | D71E70C8AC03CF68134D5AB68DD2F05AD4B23002 |
SHA-256: | 6316CB80E53A87A277A3CF231119AC5BE5E8DEF905800F583841D36358EDB374 |
SHA-512: | FFDFE6A01976EB9CDF1E289CA03F938952058151440C62925CCC8D1BCFA8E48EEF7A72581461FC35B10AE02853116A27AE5C70D30AF166B10FEF6C3C9F53E5CF |
Malicious: | false |
Reputation: | low |
URL: | https://pub-73e3a990093147c78a55ab4739ef17e5.r2.dev/docu/e_protocol.html |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7494 |
Entropy (8bit): | 7.868668842804636 |
Encrypted: | false |
SSDEEP: | 192:ygdh+IXyP70WVRYaDpmW05te0t5WaEtyWU:yqh870CJDpU5wpU |
MD5: | E27D91CCCC9D333CE4E99262E368053D |
SHA1: | F59234771F6CD9D102FD50527CE1D684E305EDDD |
SHA-256: | 17A7F5E4C9165EF60EB0CBA29D6DC36F32F7FAB0306A6CDC898997141228C5FA |
SHA-512: | 069239A90A49B2848BAD2FE451C6E947E280BA4C93BF8E53C61D00765A532F636F1F733F6427E75ACCF76B432E55A0D5E1BECE8912C3C39F3E4915D2421A9E1F |
Malicious: | false |
Reputation: | low |
URL: | https://www.continentalsports.co.uk/media/catalog/product/cache/7fd38fa62b8fefd3d046b3795a3b5e36/b/l/blurred_invoice.jpg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7494 |
Entropy (8bit): | 7.868668842804636 |
Encrypted: | false |
SSDEEP: | 192:ygdh+IXyP70WVRYaDpmW05te0t5WaEtyWU:yqh870CJDpU5wpU |
MD5: | E27D91CCCC9D333CE4E99262E368053D |
SHA1: | F59234771F6CD9D102FD50527CE1D684E305EDDD |
SHA-256: | 17A7F5E4C9165EF60EB0CBA29D6DC36F32F7FAB0306A6CDC898997141228C5FA |
SHA-512: | 069239A90A49B2848BAD2FE451C6E947E280BA4C93BF8E53C61D00765A532F636F1F733F6427E75ACCF76B432E55A0D5E1BECE8912C3C39F3E4915D2421A9E1F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.875 |
Encrypted: | false |
SSDEEP: | 3:HwT:QT |
MD5: | 344EB8D19F5C0A3435EF32FD9601F1FB |
SHA1: | E082EB1D89D91CC1A25A1D510268E576109DA07E |
SHA-256: | B44289B54959639FCA6A742F7CC2E2A5AF9C6E7B73C1B3E25227CA9790F3A587 |
SHA-512: | EB9F1CD4A566192160371F4B182EE00180F6912333FFB79C537BD80635A6AFE6379FBE7BB74043D635BA65C9F4F956D9E97E516E24E516F2591192A36F866EAE |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAl6DH3I5QBasxIFDc5BTHo=?alt=proto |
Preview: |
Download Network PCAP: filtered – full
- Total Packets: 149
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 15, 2025 01:38:56.153240919 CET | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jan 15, 2025 01:39:00.724024057 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:00.724044085 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:00.724133015 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:00.724323034 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:00.724335909 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:01.419454098 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:01.420460939 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:01.420488119 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:01.422127962 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:01.422204018 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:01.423667908 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:01.423753023 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:01.464956999 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:01.464971066 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:01.511846066 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:02.327018976 CET | 49741 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:02.327795029 CET | 49742 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:02.331947088 CET | 80 | 49741 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:39:02.332077026 CET | 49741 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:02.332468033 CET | 49741 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:02.332578897 CET | 80 | 49742 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:39:02.332643986 CET | 49742 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:02.337940931 CET | 80 | 49741 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:39:02.813405991 CET | 80 | 49741 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:39:02.829180002 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:02.829279900 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:02.829550982 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:02.829979897 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:02.830068111 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:02.860265017 CET | 49741 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:03.313417912 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.314239979 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.314305067 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.315224886 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.315444946 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.319650888 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.319652081 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.319710016 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.319770098 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.374406099 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.374469042 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.423006058 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.550184011 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550251007 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550323963 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550338030 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.550405979 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550451040 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550462961 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.550471067 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550481081 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550506115 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550524950 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.550548077 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550554037 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.550569057 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.550625086 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.554955959 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.600035906 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.600099087 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642409086 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642474890 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642545938 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642601013 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.642601967 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.642627954 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642657995 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642716885 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.642743111 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642884970 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.642936945 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.642967939 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.643546104 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.643600941 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.643615961 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.643733978 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.643785000 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.643799067 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.643881083 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.643938065 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.643951893 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.644254923 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.644319057 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.644331932 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.644443035 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.644505024 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.644519091 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.644603968 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.644649982 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.644664049 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.645318031 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.645374060 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.645386934 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.699781895 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.699848890 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.739711046 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.739736080 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.739852905 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.739892960 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.739970922 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.740010977 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.740072966 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.740278959 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.740344048 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.740564108 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.740582943 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.740729094 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.740729094 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.740802050 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.741462946 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.741529942 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.741549015 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.741602898 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.741617918 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.741642952 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.741695881 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.741710901 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.741774082 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.742469072 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.742539883 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.743386984 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.743452072 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.743478060 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.743532896 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.744235992 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.744312048 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.744328976 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.744384050 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.744854927 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.745111942 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.745194912 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.745212078 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.745249987 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.745271921 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.746118069 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.746202946 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.746267080 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.746268034 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.746301889 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.771522045 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.771589041 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.771621943 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.771671057 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836049080 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836118937 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836132050 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836182117 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836222887 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836276054 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836301088 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836349010 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836394072 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836436987 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836503983 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836558104 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836611986 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836668968 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836683989 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836730957 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836796045 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836869955 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836913109 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836913109 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836930037 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.836972952 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.836985111 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837033987 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837054014 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837100983 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837126970 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837172985 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837199926 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837265968 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837316990 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837369919 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837389946 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837439060 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837502956 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837552071 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837578058 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837625027 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837687016 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837734938 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837759018 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837810040 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837831020 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837888956 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837902069 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837922096 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837949991 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.837963104 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837987900 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.837992907 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.838035107 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.838047981 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.838100910 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.868587017 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.868697882 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.868730068 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.868788958 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.921647072 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.921792984 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.921858072 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.921951056 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.922274113 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.922316074 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.922513008 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.922513962 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.922580004 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.922679901 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.922688961 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:03.922765970 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.925359011 CET | 49743 | 443 | 192.168.2.4 | 162.159.140.237 |
Jan 15, 2025 01:39:03.925394058 CET | 443 | 49743 | 162.159.140.237 | 192.168.2.4 |
Jan 15, 2025 01:39:04.154469967 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.154560089 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.154659986 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.154912949 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.154953003 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.921448946 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.921983957 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.922049999 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.922967911 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.923142910 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.924107075 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.924185038 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.924305916 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:04.924336910 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:04.964976072 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.088666916 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:05.088731050 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:05.088751078 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:05.088918924 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:05.089019060 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.089019060 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.092282057 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.113183022 CET | 49745 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.113249063 CET | 443 | 49745 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:05.359046936 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.359100103 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:05.359184980 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.359478951 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:05.359497070 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.119172096 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.138596058 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.138607025 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.139517069 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.139580011 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.212343931 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.212461948 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.230598927 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.230618954 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.276889086 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.395113945 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.395140886 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.395152092 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.395172119 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.395185947 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.395194054 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.395222902 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.395267963 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:06.395307064 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.396253109 CET | 49749 | 443 | 192.168.2.4 | 95.154.228.177 |
Jan 15, 2025 01:39:06.396266937 CET | 443 | 49749 | 95.154.228.177 | 192.168.2.4 |
Jan 15, 2025 01:39:11.321763992 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:11.321902990 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:11.321974039 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:12.950700045 CET | 49738 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:39:12.950767994 CET | 443 | 49738 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:39:17.707695961 CET | 80 | 49742 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:39:17.707882881 CET | 49742 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:18.956875086 CET | 49742 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:18.962107897 CET | 80 | 49742 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:39:47.823303938 CET | 49741 | 80 | 192.168.2.4 | 172.66.0.235 |
Jan 15, 2025 01:39:47.828517914 CET | 80 | 49741 | 172.66.0.235 | 192.168.2.4 |
Jan 15, 2025 01:40:00.781420946 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:00.781465054 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:00.781527042 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:00.781789064 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:00.781802893 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:01.412352085 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:01.412813902 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:01.412837029 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:01.413300991 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:01.413695097 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:01.413759947 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:01.459369898 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:02.310585022 CET | 49724 | 80 | 192.168.2.4 | 2.16.168.102 |
Jan 15, 2025 01:40:02.310657978 CET | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Jan 15, 2025 01:40:02.315730095 CET | 80 | 49724 | 2.16.168.102 | 192.168.2.4 |
Jan 15, 2025 01:40:02.316047907 CET | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Jan 15, 2025 01:40:02.316159964 CET | 49724 | 80 | 192.168.2.4 | 2.16.168.102 |
Jan 15, 2025 01:40:02.316176891 CET | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Jan 15, 2025 01:40:11.364135027 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:11.364188910 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Jan 15, 2025 01:40:11.364382029 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:12.949647903 CET | 49815 | 443 | 192.168.2.4 | 142.250.186.100 |
Jan 15, 2025 01:40:12.949675083 CET | 443 | 49815 | 142.250.186.100 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 15, 2025 01:38:56.256513119 CET | 53 | 59846 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:38:56.257781029 CET | 53 | 56091 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:38:57.411685944 CET | 53 | 58688 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:00.716095924 CET | 53064 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:00.716226101 CET | 59536 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:00.722950935 CET | 53 | 53064 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:00.723340034 CET | 53 | 59536 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:02.307725906 CET | 62597 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:02.308813095 CET | 54573 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:02.316836119 CET | 53 | 62597 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:02.318330050 CET | 53 | 54573 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:02.816545010 CET | 62497 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:02.816844940 CET | 59322 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:02.825675964 CET | 53 | 62497 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:02.828160048 CET | 53 | 59322 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:03.939138889 CET | 49760 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:03.939346075 CET | 57436 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:03.948738098 CET | 53 | 58122 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:04.152724028 CET | 53 | 57436 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:04.153801918 CET | 53 | 49760 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:05.119406939 CET | 53 | 63924 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:05.140811920 CET | 65189 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:05.140938997 CET | 49663 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 01:39:05.146471024 CET | 53 | 52769 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:05.357287884 CET | 53 | 49663 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:05.358242989 CET | 53 | 65189 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:13.894191027 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jan 15, 2025 01:39:14.332551003 CET | 53 | 54610 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:33.070661068 CET | 53 | 54299 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:55.599590063 CET | 53 | 56210 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 01:39:55.943515062 CET | 53 | 59140 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jan 15, 2025 01:39:00.716095924 CET | 192.168.2.4 | 1.1.1.1 | 0x5507 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 01:39:00.716226101 CET | 192.168.2.4 | 1.1.1.1 | 0xf3b0 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 01:39:02.307725906 CET | 192.168.2.4 | 1.1.1.1 | 0xc54 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 01:39:02.308813095 CET | 192.168.2.4 | 1.1.1.1 | 0xa540 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 01:39:02.816545010 CET | 192.168.2.4 | 1.1.1.1 | 0x6cde | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 01:39:02.816844940 CET | 192.168.2.4 | 1.1.1.1 | 0x7aa2 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 01:39:03.939138889 CET | 192.168.2.4 | 1.1.1.1 | 0xd1c1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 01:39:03.939346075 CET | 192.168.2.4 | 1.1.1.1 | 0x5736 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 01:39:05.140811920 CET | 192.168.2.4 | 1.1.1.1 | 0x8547 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 01:39:05.140938997 CET | 192.168.2.4 | 1.1.1.1 | 0x844d | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jan 15, 2025 01:39:00.722950935 CET | 1.1.1.1 | 192.168.2.4 | 0x5507 | No error (0) | 142.250.186.100 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 01:39:00.723340034 CET | 1.1.1.1 | 192.168.2.4 | 0xf3b0 | No error (0) | 65 | IN (0x0001) | false | |||
Jan 15, 2025 01:39:02.316836119 CET | 1.1.1.1 | 192.168.2.4 | 0xc54 | No error (0) | 172.66.0.235 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 01:39:02.316836119 CET | 1.1.1.1 | 192.168.2.4 | 0xc54 | No error (0) | 162.159.140.237 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 01:39:02.825675964 CET | 1.1.1.1 | 192.168.2.4 | 0x6cde | No error (0) | 162.159.140.237 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 01:39:02.825675964 CET | 1.1.1.1 | 192.168.2.4 | 0x6cde | No error (0) | 172.66.0.235 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 01:39:04.153801918 CET | 1.1.1.1 | 192.168.2.4 | 0xd1c1 | No error (0) | 95.154.228.177 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 01:39:05.358242989 CET | 1.1.1.1 | 192.168.2.4 | 0x8547 | No error (0) | 95.154.228.177 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49741 | 172.66.0.235 | 80 | 3104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jan 15, 2025 01:39:02.332468033 CET | 478 | OUT | |
Jan 15, 2025 01:39:02.813405991 CET | 534 | IN | |
Jan 15, 2025 01:39:47.823303938 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49743 | 162.159.140.237 | 443 | 3104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-15 00:39:03 UTC | 706 | OUT | |
2025-01-15 00:39:03 UTC | 284 | IN | |
2025-01-15 00:39:03 UTC | 1085 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN | |
2025-01-15 00:39:03 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49745 | 95.154.228.177 | 443 | 3104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-15 00:39:04 UTC | 635 | OUT | |
2025-01-15 00:39:05 UTC | 370 | IN | |
2025-01-15 00:39:05 UTC | 7494 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49749 | 95.154.228.177 | 443 | 3104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-15 00:39:06 UTC | 435 | OUT | |
2025-01-15 00:39:06 UTC | 370 | IN | |
2025-01-15 00:39:06 UTC | 7494 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 19:38:52 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 19:38:55 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 19:39:01 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |