Windows
Analysis Report
http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 5324 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) chrome.exe (PID: 2800 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=2260,i ,600178788 4130247300 ,242215167 6545335571 ,262144 -- disable-fe atures=Opt imizationG uideModelD ownloading ,Optimizat ionHints,O ptimizatio nHintsFetc hing,Optim izationTar getPredict ion --vari ations-see d-version= 20250306-1 83004.4290 00 --mojo- platform-c hannel-han dle=2288 / prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
chrome.exe (PID: 6704 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://czm11. cavernbeat les.com/rd /4EiHFs506 0pdwZ594ue emlltgbq24 6DXCLIFRFR UUFCZD7792 KXRQ15860r 19" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-14T01:53:51.278764+0100 | 2859624 | 1 | Exploit Kit Activity Detected | 185.246.85.93 | 80 | 192.168.2.4 | 49731 | TCP |
- • Phishing
- • Networking
- • System Summary
Click to jump to signature section
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Networking |
---|
Source: | Suricata IDS: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
j.sni.global.fastly.net | 151.101.2.132 | true | false | high | |
czm11.cavernbeatles.com | 185.246.85.93 | true | true | unknown | |
beacons-handoff.gcp.gvt2.com | 142.251.143.35 | true | false | high | |
www.google.com | 142.250.185.132 | true | false | high | |
beacons.gvt2.com | 142.250.181.227 | true | false | high | |
beacons6.gvt2.com | 142.250.186.35 | true | false | high | |
beacons.gcp.gvt2.com | unknown | unknown | false | high | |
feeds.foxnews.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
true |
| unknown | |
true | unknown | ||
false | unknown | ||
false | unknown | ||
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
185.246.85.93 | czm11.cavernbeatles.com | France | 21409 | IKOULAFR | true | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
151.101.2.132 | j.sni.global.fastly.net | United States | 54113 | FASTLYUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1637986 |
Start date and time: | 2025-03-14 01:52:45 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 18s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 21 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@20/10@24/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, a udiodg.exe, sppsvc.exe, Runtim eBroker.exe, ShellExperienceHo st.exe, SIHClient.exe, SgrmBro ker.exe, backgroundTaskHost.ex e, conhost.exe, svchost.exe - Excluded IPs from analysis (wh
itelisted): 142.250.185.99, 14 2.250.185.206, 142.250.186.142 , 64.233.184.84, 199.232.210.1 72, 2.23.77.188, 216.58.212.17 0, 216.58.206.74, 172.217.18.1 0, 142.250.186.138, 142.250.18 5.106, 172.217.23.106, 142.250 .185.138, 142.250.184.202, 142 .250.184.234, 142.250.186.170, 142.250.186.42, 142.250.185.7 4, 142.250.186.74, 142.250.185 .202, 142.250.186.106, 142.250 .185.170, 142.250.186.163, 142 .250.185.238, 74.125.206.84 - Excluded domains from analysis
(whitelisted): fs.microsoft.c om, accounts.google.com, conte nt-autofill.googleapis.com, sl scr.update.microsoft.com, ctld l.windowsupdate.com, clientser vices.googleapis.com, fe3cr.de livery.mp.microsoft.com, clien ts2.google.com, ocsp.digicert. com, edgedl.me.gvt1.com, updat e.googleapis.com, clients.l.go ogle.com, c.pki.goog - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtOpenFile calls found . - VT rate limit hit for: http:/
/czm11.cavernbeatles.com/rd/4E iHFs5060pdwZ594ueemlltgbq246DX CLIFRFRUUFCZD7792KXRQ15860r19
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2883 |
Entropy (8bit): | 4.855223108468014 |
Encrypted: | false |
SSDEEP: | 48:Z+dEJJpI4LLIk6ddLHJy8A3SXUV/ot5CjsEn+yxw4Dj7jvj:j3LLIk6T9yvGssE5x7 |
MD5: | 4C70E6AE58B22DD268F5106D4EE3AE44 |
SHA1: | 0C5646A9F164D08F74FE393211B2F4DC0421010B |
SHA-256: | BF7E3FCFBDA05EA1397C425FC2CE4F3D669059AC6F9BBE762A27111AFF3FF310 |
SHA-512: | DB248ED77A34E0177622C314DE834BC2A215C1B2EABF5D6BDEC717A61C20436A19FB94B4C0C54EDC32636728D2F163B91644EB34E6CC005CD3307EAB89BAA1E0 |
Malicious: | false |
Reputation: | low |
URL: | http://czm11.cavernbeatles.com/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1435 |
Entropy (8bit): | 4.7130828204283555 |
Encrypted: | false |
SSDEEP: | 24:UkvMuGRKe7+U6eSEMDSaGvMdufqGmnoSPfzS7pvMugQrYFv0CGSTYFUL9MtDY3Ss:Uk9w7x9sHGgufRNkz09fcFMCGJFUL9MO |
MD5: | 1FB5EDFEA0AF10D301EFCD56738BA30A |
SHA1: | 1AAC6EB08825AD63AC334CFF1F816CC9ECA71219 |
SHA-256: | 161D0961994DD86814FAFBA6EDD6FA7A75D17B19B2E60E1EE01ADAA9EA19DADC |
SHA-512: | A0C3F78B663E01D24DDD53AF6D0D1E3E9DD743C3E4CB6FC8F45588BCC37AB3923A2992505C4842D9E451692A7E7495155F58BFED056BCFE57E02204603F962DD |
Malicious: | false |
Reputation: | low |
URL: | http://czm11.cavernbeatles.com/assets/styles.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 210 |
Entropy (8bit): | 5.098105294030167 |
Encrypted: | false |
SSDEEP: | 6:uIRnXHFmmmJ0S2IcENFJKSK/xIcEo/VMCGYoVL:lXHAx6S2SRcJ9IL |
MD5: | 05DA576EB71641B10811A1AEF60A853D |
SHA1: | 5E7C7F426430C30209FE270AB129A9C0100BDEE9 |
SHA-256: | 58B98E11D36F9689D4AF3C1CB3755528817709300FACF6D314C99CE91BD90B4B |
SHA-512: | 2DAC5452E42E24043F512741B01E08CDEE464771A13C2D38D3F9958F75FCEA079F67A7B704AC6753C0BAB02DFDDD434AE7024D4674E3A532A70D50C5D6A72937 |
Malicious: | false |
Reputation: | low |
URL: | http://czm11.cavernbeatles.com/t/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 235 |
Entropy (8bit): | 4.996687328840349 |
Encrypted: | false |
SSDEEP: | 6:HXQI4ySmfH1A7YmmBi7YmjA0VhM+yp7YmmJyR13YoVL:HXYknxJX0VM2xYwIL |
MD5: | 41735C0E24BE1E5BD89C1F6531207494 |
SHA1: | 9EAE1BFA3B43E52C21E87FABCD63A4C2A3E55554 |
SHA-256: | A594B117BC9C64745935F48B866C3CAA70CDED9C35EE02841A28277F3E75FFE3 |
SHA-512: | 2CE91960620061DE0C91383930CC83BA32CCAD82E75C6CF8678CCF907021EA8D2901B327AF67565593D765873FD7988AA533753A2B8E94E2FB38D71C3A3C787F |
Malicious: | false |
Reputation: | low |
URL: | http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3201 |
Entropy (8bit): | 4.575164851274125 |
Encrypted: | false |
SSDEEP: | 48:vuzdIC1AFRZpvtph6F6BgxVbaCdQciJ2ZBgof6PM5FGxs7vtj:vuz1Yd6ygx4cA2 |
MD5: | 858A2F5241103487BF39784412AA424E |
SHA1: | 2174BBF56CD7355C60990E3859346BA5643030CF |
SHA-256: | 054A6365422992FB2B7DCD2D5C1E79319C189A3D0F63949ACB6957D24EA79BB7 |
SHA-512: | F86208CECF3D4F1EA9537FA294116F3893C81A0DD370C15CD71235216BCAFBA17DE0FD41F4F9A99803AD107A073CDB8974A0E032DD490B7ADE0FC1398F200881 |
Malicious: | false |
Reputation: | low |
URL: | http://czm11.cavernbeatles.com/news?q=IP%20provider%20is%20blacklisted!%20LEVEL3 |
Preview: |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-14T01:53:51.278764+0100 | 2859624 | ETPRO EXPLOIT_KIT FoxTDS Filtered Blacklisted | 1 | 185.246.85.93 | 80 | 192.168.2.4 | 49731 | TCP |
- Total Packets: 154
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 14, 2025 01:53:43.028965950 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:53:43.338982105 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:53:44.010864973 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:53:45.307789087 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:53:47.713844061 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:53:48.191029072 CET | 49726 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:53:48.191087008 CET | 443 | 49726 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:53:48.191226006 CET | 49726 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:53:48.191492081 CET | 49726 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:53:48.191515923 CET | 443 | 49726 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:53:48.389930010 CET | 443 | 49726 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:53:48.390753031 CET | 49727 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:53:48.390799999 CET | 443 | 49727 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:53:48.390995026 CET | 49727 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:53:48.391357899 CET | 49727 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:53:48.391374111 CET | 443 | 49727 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:53:48.589823961 CET | 443 | 49727 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:53:50.030682087 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.030802011 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.035830975 CET | 80 | 49730 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.036262035 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.036345005 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.036350965 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.062822104 CET | 49732 | 443 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.062872887 CET | 443 | 49732 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.062941074 CET | 49732 | 443 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.063225031 CET | 49732 | 443 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.063241005 CET | 443 | 49732 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.221271038 CET | 49733 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.221323013 CET | 443 | 49733 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.221417904 CET | 49733 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.223429918 CET | 49733 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.223444939 CET | 443 | 49733 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.224080086 CET | 443 | 49733 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.245995045 CET | 49734 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.246037960 CET | 443 | 49734 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.246114016 CET | 49734 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.246452093 CET | 49734 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.246465921 CET | 443 | 49734 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.246889114 CET | 443 | 49734 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.247201920 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.247323036 CET | 443 | 49735 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.249629021 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.253242970 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.253293991 CET | 443 | 49735 | 23.60.203.209 | 192.168.2.4 |
Mar 14, 2025 01:53:50.253351927 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
Mar 14, 2025 01:53:50.261593103 CET | 443 | 49732 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.262582064 CET | 49736 | 443 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.262598991 CET | 443 | 49736 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.262684107 CET | 49736 | 443 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.262979984 CET | 49736 | 443 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.262993097 CET | 443 | 49736 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.461664915 CET | 443 | 49736 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.531416893 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.536206961 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.706698895 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:50.759968042 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.944650888 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:50.949681997 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:51.216758966 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:51.266678095 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:51.274039984 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:51.278764009 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:51.449297905 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:51.493920088 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:51.776316881 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:53:52.076679945 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:53:52.280495882 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:52.285300970 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:52.456248045 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:52.456268072 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:52.456279993 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:52.456291914 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:53:52.456321955 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:52.456352949 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:53:52.514936924 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:53:52.548381090 CET | 49739 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 14, 2025 01:53:52.548415899 CET | 443 | 49739 | 151.101.2.132 | 192.168.2.4 |
Mar 14, 2025 01:53:52.548504114 CET | 49739 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 14, 2025 01:53:52.549041033 CET | 49739 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 14, 2025 01:53:52.549062967 CET | 443 | 49739 | 151.101.2.132 | 192.168.2.4 |
Mar 14, 2025 01:53:52.679879904 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:53:52.749385118 CET | 443 | 49739 | 151.101.2.132 | 192.168.2.4 |
Mar 14, 2025 01:53:52.749917030 CET | 49740 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 14, 2025 01:53:52.749974966 CET | 443 | 49740 | 151.101.2.132 | 192.168.2.4 |
Mar 14, 2025 01:53:52.750030994 CET | 49740 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 14, 2025 01:53:52.750333071 CET | 49740 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 14, 2025 01:53:52.750350952 CET | 443 | 49740 | 151.101.2.132 | 192.168.2.4 |
Mar 14, 2025 01:53:52.949479103 CET | 443 | 49740 | 151.101.2.132 | 192.168.2.4 |
Mar 14, 2025 01:53:53.885481119 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:53:56.291785955 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:53:56.523350000 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:53:56.823049068 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:53:57.432410002 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:53:58.318084955 CET | 49745 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.318151951 CET | 443 | 49745 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.322179079 CET | 49745 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.323199034 CET | 49745 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.323219061 CET | 443 | 49745 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.323821068 CET | 443 | 49745 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.383498907 CET | 49746 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.383543015 CET | 443 | 49746 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.383852959 CET | 49746 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.383948088 CET | 49746 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.383965015 CET | 443 | 49746 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.384447098 CET | 443 | 49746 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.429555893 CET | 49747 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.429603100 CET | 443 | 49747 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.429733992 CET | 49747 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.430180073 CET | 49747 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.430197954 CET | 443 | 49747 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.430783987 CET | 443 | 49747 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.464066029 CET | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.464107990 CET | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.464243889 CET | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.466104984 CET | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.466124058 CET | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.466540098 CET | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.529576063 CET | 49749 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.529649973 CET | 443 | 49749 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.529757023 CET | 49749 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.530066967 CET | 49749 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.530080080 CET | 443 | 49749 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.530524015 CET | 443 | 49749 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.553687096 CET | 49750 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.553741932 CET | 443 | 49750 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.553845882 CET | 49750 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.554085970 CET | 49750 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.554100037 CET | 443 | 49750 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.554445028 CET | 443 | 49750 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.593417883 CET | 49751 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.593452930 CET | 443 | 49751 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.593511105 CET | 49751 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.593808889 CET | 49751 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.593823910 CET | 443 | 49751 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.594249964 CET | 443 | 49751 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.635569096 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:53:58.645361900 CET | 49752 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.645473957 CET | 443 | 49752 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.645569086 CET | 49752 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.645906925 CET | 49752 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:53:58.645940065 CET | 443 | 49752 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:53:58.646469116 CET | 443 | 49752 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:01.042247057 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:54:01.104768991 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:54:02.120795965 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 14, 2025 01:54:05.854757071 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:54:10.715507984 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 14, 2025 01:54:15.411890030 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:15.417423964 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:15.465759993 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 14, 2025 01:54:15.587939024 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:15.587966919 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:15.587985039 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:15.588047028 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:15.638113976 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:15.838443995 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:15.843194008 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:16.013895988 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:16.013910055 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:16.013958931 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:21.208086967 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
Mar 14, 2025 01:54:21.212806940 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
Mar 14, 2025 01:54:21.212867975 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
Mar 14, 2025 01:54:21.213356018 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
Mar 14, 2025 01:54:21.217977047 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
Mar 14, 2025 01:54:21.835282087 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
Mar 14, 2025 01:54:21.840696096 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
Mar 14, 2025 01:54:21.845371962 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
Mar 14, 2025 01:54:22.021383047 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
Mar 14, 2025 01:54:22.088449001 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
Mar 14, 2025 01:54:34.961442947 CET | 49773 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:34.961494923 CET | 443 | 49773 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:34.961575031 CET | 49773 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:34.961899996 CET | 49773 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:34.961915016 CET | 443 | 49773 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:34.962515116 CET | 443 | 49773 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:34.965487003 CET | 49774 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:34.965534925 CET | 443 | 49774 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:34.965603113 CET | 49774 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:34.965873003 CET | 49774 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:34.965886116 CET | 443 | 49774 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:34.966257095 CET | 443 | 49774 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.002146959 CET | 49775 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.002186060 CET | 443 | 49775 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.002264023 CET | 49775 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.002557993 CET | 49775 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.002568960 CET | 443 | 49775 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.002918959 CET | 443 | 49775 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.021733999 CET | 49776 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.021770000 CET | 443 | 49776 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.021826029 CET | 49776 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.022114992 CET | 49776 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.022129059 CET | 443 | 49776 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.022538900 CET | 443 | 49776 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.041498899 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:35.046149969 CET | 49777 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.046224117 CET | 443 | 49777 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.046305895 CET | 49777 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.046566963 CET | 49777 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.046586037 CET | 443 | 49777 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.046905041 CET | 443 | 49777 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.046926975 CET | 80 | 49730 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:35.081752062 CET | 49778 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.081845999 CET | 443 | 49778 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.081926107 CET | 49778 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.082212925 CET | 49778 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.082231045 CET | 443 | 49778 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.082582951 CET | 443 | 49778 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.116449118 CET | 49779 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.116497993 CET | 443 | 49779 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.116558075 CET | 49779 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.116904020 CET | 49779 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.116914988 CET | 443 | 49779 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.117286921 CET | 443 | 49779 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.150599957 CET | 49780 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.150623083 CET | 443 | 49780 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.150669098 CET | 49780 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.150959969 CET | 49780 | 443 | 192.168.2.4 | 20.12.23.50 |
Mar 14, 2025 01:54:35.150969982 CET | 443 | 49780 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:35.151335955 CET | 443 | 49780 | 20.12.23.50 | 192.168.2.4 |
Mar 14, 2025 01:54:48.246721029 CET | 49790 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:54:48.246793032 CET | 443 | 49790 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:54:48.246860981 CET | 49790 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:54:48.247178078 CET | 49790 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:54:48.247195959 CET | 443 | 49790 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:54:48.445298910 CET | 443 | 49790 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:54:48.445888996 CET | 49791 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:54:48.445929050 CET | 443 | 49791 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:54:48.446002007 CET | 49791 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:54:48.446306944 CET | 49791 | 443 | 192.168.2.4 | 142.250.185.132 |
Mar 14, 2025 01:54:48.446319103 CET | 443 | 49791 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:54:48.645543098 CET | 443 | 49791 | 142.250.185.132 | 192.168.2.4 |
Mar 14, 2025 01:54:50.715437889 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:54:50.720448017 CET | 80 | 49730 | 185.246.85.93 | 192.168.2.4 |
Mar 14, 2025 01:54:50.720526934 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:55:01.026643991 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
Mar 14, 2025 01:55:01.031450033 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 14, 2025 01:53:44.648801088 CET | 53 | 54760 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:44.714888096 CET | 53 | 55648 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:48.183479071 CET | 63323 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:48.183619022 CET | 49836 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:48.190181971 CET | 53 | 49836 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:48.190196991 CET | 53 | 63323 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:50.013650894 CET | 59130 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:50.016819954 CET | 59355 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:50.026855946 CET | 53 | 59130 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:50.029987097 CET | 53 | 59355 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:50.040178061 CET | 65172 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:50.040328026 CET | 61001 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:50.061614037 CET | 53 | 61001 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:50.062058926 CET | 53 | 65172 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:52.524221897 CET | 57240 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:52.524712086 CET | 55968 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:53:52.546314955 CET | 53 | 55968 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:53:52.546994925 CET | 53 | 57240 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:16.063039064 CET | 53 | 52103 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:44.208892107 CET | 53 | 51412 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:44.618257046 CET | 53 | 60681 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:45.351607084 CET | 53 | 53723 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:46.365870953 CET | 54107 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:46.366156101 CET | 57800 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:46.372828960 CET | 53 | 54107 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:46.372844934 CET | 53 | 57800 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:47.385952950 CET | 61313 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:47.386089087 CET | 52226 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:47.392752886 CET | 53 | 61313 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:47.392931938 CET | 53 | 52226 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:49.423064947 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:49.429709911 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:50.432570934 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:50.439208031 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:51.420296907 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Mar 14, 2025 01:54:51.433108091 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:51.439837933 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:53.448519945 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:53.455379009 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:54:57.463745117 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:54:57.470390081 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:01.671489954 CET | 50472 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:01.671771049 CET | 49297 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:01.678333998 CET | 53 | 49297 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:01.678350925 CET | 53 | 50472 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:02.682746887 CET | 64185 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:02.691037893 CET | 53 | 64185 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:04.716048002 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:04.722959042 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:05.729640961 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:05.738375902 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:06.729918003 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:06.737422943 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
Mar 14, 2025 01:55:08.745157957 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 14, 2025 01:55:08.752121925 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 14, 2025 01:53:48.183479071 CET | 192.168.2.4 | 1.1.1.1 | 0x7771 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:53:48.183619022 CET | 192.168.2.4 | 1.1.1.1 | 0xe419 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:53:50.013650894 CET | 192.168.2.4 | 1.1.1.1 | 0xe1d9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:53:50.016819954 CET | 192.168.2.4 | 1.1.1.1 | 0x237b | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:53:50.040178061 CET | 192.168.2.4 | 1.1.1.1 | 0xa8a0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:53:50.040328026 CET | 192.168.2.4 | 1.1.1.1 | 0xac19 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:53:52.524221897 CET | 192.168.2.4 | 1.1.1.1 | 0x948e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:53:52.524712086 CET | 192.168.2.4 | 1.1.1.1 | 0x4daa | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:54:46.365870953 CET | 192.168.2.4 | 1.1.1.1 | 0x255e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:54:46.366156101 CET | 192.168.2.4 | 1.1.1.1 | 0xc6d3 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:54:47.385952950 CET | 192.168.2.4 | 1.1.1.1 | 0xf1da | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:54:47.386089087 CET | 192.168.2.4 | 1.1.1.1 | 0x8e4e | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:54:49.423064947 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:54:50.432570934 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:54:51.433108091 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:54:53.448519945 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:54:57.463745117 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:55:01.671489954 CET | 192.168.2.4 | 1.1.1.1 | 0x380e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:55:01.671771049 CET | 192.168.2.4 | 1.1.1.1 | 0x8337 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 14, 2025 01:55:02.682746887 CET | 192.168.2.4 | 1.1.1.1 | 0x176 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:55:04.716048002 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:55:05.729640961 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:55:06.729918003 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 14, 2025 01:55:08.745157957 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 14, 2025 01:53:48.190181971 CET | 1.1.1.1 | 192.168.2.4 | 0xe419 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 14, 2025 01:53:48.190196991 CET | 1.1.1.1 | 192.168.2.4 | 0x7771 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:50.026855946 CET | 1.1.1.1 | 192.168.2.4 | 0xe1d9 | No error (0) | 185.246.85.93 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:50.062058926 CET | 1.1.1.1 | 192.168.2.4 | 0xa8a0 | No error (0) | 185.246.85.93 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:52.546314955 CET | 1.1.1.1 | 192.168.2.4 | 0x4daa | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.2.132 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.66.132 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.130.132 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.194.132 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:46.372828960 CET | 1.1.1.1 | 192.168.2.4 | 0x255e | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:46.372828960 CET | 1.1.1.1 | 192.168.2.4 | 0x255e | No error (0) | 142.251.143.35 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:46.372844934 CET | 1.1.1.1 | 192.168.2.4 | 0xc6d3 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:47.392752886 CET | 1.1.1.1 | 192.168.2.4 | 0xf1da | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:47.392752886 CET | 1.1.1.1 | 192.168.2.4 | 0xf1da | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:47.392931938 CET | 1.1.1.1 | 192.168.2.4 | 0x8e4e | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:49.429709911 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:49.429709911 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:50.439208031 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:50.439208031 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:51.439837933 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:51.439837933 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:53.455379009 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:53.455379009 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:57.470390081 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:54:57.470390081 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:01.678350925 CET | 1.1.1.1 | 192.168.2.4 | 0x380e | No error (0) | beacons6.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:01.678350925 CET | 1.1.1.1 | 192.168.2.4 | 0x380e | No error (0) | 142.250.186.35 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:02.691037893 CET | 1.1.1.1 | 192.168.2.4 | 0x176 | No error (0) | 142.250.181.227 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:04.722959042 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:05.738375902 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:06.737422943 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
Mar 14, 2025 01:55:08.752121925 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49731 | 185.246.85.93 | 80 | 2800 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 14, 2025 01:53:50.531416893 CET | 502 | OUT | |
Mar 14, 2025 01:53:50.706698895 CET | 487 | IN | |
Mar 14, 2025 01:53:50.944650888 CET | 607 | OUT | |
Mar 14, 2025 01:53:51.216758966 CET | 462 | IN | |
Mar 14, 2025 01:53:51.274039984 CET | 453 | OUT | |
Mar 14, 2025 01:53:51.449297905 CET | 258 | IN | |
Mar 14, 2025 01:53:52.280495882 CET | 592 | OUT | |
Mar 14, 2025 01:53:52.456248045 CET | 1236 | IN | |
Mar 14, 2025 01:53:52.456268072 CET | 224 | IN | |
Mar 14, 2025 01:53:52.456279993 CET | 1236 | IN | |
Mar 14, 2025 01:53:52.456291914 CET | 783 | IN | |
Mar 14, 2025 01:54:15.411890030 CET | 529 | OUT | |
Mar 14, 2025 01:54:15.587939024 CET | 1236 | IN | |
Mar 14, 2025 01:54:15.587966919 CET | 1236 | IN | |
Mar 14, 2025 01:54:15.587985039 CET | 689 | IN | |
Mar 14, 2025 01:54:15.838443995 CET | 350 | OUT | |
Mar 14, 2025 01:54:16.013895988 CET | 1236 | IN | |
Mar 14, 2025 01:54:16.013910055 CET | 384 | IN | |
Mar 14, 2025 01:55:01.026643991 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
1 | 192.168.2.4 | 49765 | 172.217.18.3 | 80 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 14, 2025 01:54:21.213356018 CET | 202 | OUT | |
Mar 14, 2025 01:54:21.835282087 CET | 223 | IN | |
Mar 14, 2025 01:54:21.840696096 CET | 200 | OUT | |
Mar 14, 2025 01:54:22.021383047 CET | 223 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49730 | 185.246.85.93 | 80 | 2800 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 14, 2025 01:54:35.041498899 CET | 6 | OUT |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 1 |
Start time: | 20:53:40 |
Start date: | 13/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 20:53:42 |
Start date: | 13/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 4 |
Start time: | 20:53:48 |
Start date: | 13/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |