Edit tour
Windows
Analysis Report
http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19
Overview
General Information
| Sample URL: | http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
| Analysis ID: | 1637986 |
| Infos: | |
 | |
Detection
| Score: | 48 |
| Range: | 0 - 100 |
| Confidence: | 100% |
Signatures
Suricata IDS alerts for network traffic
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML title does not match URL
None HTTPS page querying sensitive user data (password, username or email)
Classification
- System is w10x64
chrome.exe (PID: 5324 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) - chrome.exe (PID: 2800 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=2260,i ,600178788 4130247300 ,242215167 6545335571 ,262144 -- disable-fe atures=Opt imizationG uideModelD ownloading ,Optimizat ionHints,O ptimizatio nHintsFetc hing,Optim izationTar getPredict ion --vari ations-see d-version= 20250306-1 83004.4290 00 --mojo- platform-c hannel-han dle=2288 / prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
- chrome.exe (PID: 6704 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://czm11. cavernbeat les.com/rd /4EiHFs506 0pdwZ594ue emlltgbq24 6DXCLIFRFR UUFCZD7792 KXRQ15860r 19" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-14T01:53:51.278764+0100 | 2859624 | 1 | Exploit Kit Activity Detected | 185.246.85.93 | 80 | 192.168.2.4 | 49731 | TCP |
- • Phishing
- • Networking
- • System Summary
Click to jump to signature section
Show All Signature Results
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
Networking |   |
|---|
| Source: | Suricata IDS: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File deleted: | Jump to behavior | ||
| Source: | Classification label: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Window detected: | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| j.sni.global.fastly.net | 151.101.2.132 | true | false | high | |
| czm11.cavernbeatles.com | 185.246.85.93 | true | true | unknown | |
| beacons-handoff.gcp.gvt2.com | 142.251.143.35 | true | false | high | |
| www.google.com | 142.250.185.132 | true | false | high | |
| beacons.gvt2.com | 142.250.181.227 | true | false | high | |
| beacons6.gvt2.com | 142.250.186.35 | true | false | high | |
| beacons.gcp.gvt2.com | unknown | unknown | false | high | |
| feeds.foxnews.com | unknown | unknown | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | unknown | ||
| true |
| unknown | |
| true | unknown | ||
| false | unknown | ||
| false | unknown | ||
| true |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 185.246.85.93 | czm11.cavernbeatles.com | France | 21409 | IKOULAFR | true | |
| 142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
| 151.101.2.132 | j.sni.global.fastly.net | United States | 54113 | FASTLYUS | false |
| IP |
|---|
| 192.168.2.4 |
| Joe Sandbox version: | 42.0.0 Malachite |
| Analysis ID: | 1637986 |
| Start date and time: | 2025-03-14 01:52:45 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 3m 18s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | browseurl.jbs |
| Sample URL: | http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 21 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Detection: | MAL |
| Classification: | mal48.win@20/10@24/4 |
| EGA Information: | Failed |
| HCA Information: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, a udiodg.exe, sppsvc.exe, Runtim eBroker.exe, ShellExperienceHo st.exe, SIHClient.exe, SgrmBro ker.exe, backgroundTaskHost.ex e, conhost.exe, svchost.exe - Excluded IPs from analysis (wh
itelisted): 142.250.185.99, 14 2.250.185.206, 142.250.186.142 , 64.233.184.84, 199.232.210.1 72, 2.23.77.188, 216.58.212.17 0, 216.58.206.74, 172.217.18.1 0, 142.250.186.138, 142.250.18 5.106, 172.217.23.106, 142.250 .185.138, 142.250.184.202, 142 .250.184.234, 142.250.186.170, 142.250.186.42, 142.250.185.7 4, 142.250.186.74, 142.250.185 .202, 142.250.186.106, 142.250 .185.170, 142.250.186.163, 142 .250.185.238, 74.125.206.84 - Excluded domains from analysis
(whitelisted): fs.microsoft.c om, accounts.google.com, conte nt-autofill.googleapis.com, sl scr.update.microsoft.com, ctld l.windowsupdate.com, clientser vices.googleapis.com, fe3cr.de livery.mp.microsoft.com, clien ts2.google.com, ocsp.digicert. com, edgedl.me.gvt1.com, updat e.googleapis.com, clients.l.go ogle.com, c.pki.goog - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtOpenFile calls found . - VT rate limit hit for: http:/
/czm11.cavernbeatles.com/rd/4E iHFs5060pdwZ594ueemlltgbq246DX CLIFRFRUUFCZD7792KXRQ15860r19
⊘No simulations
⊘No context
⊘No context
⊘No context
⊘No context
⊘No context
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2883 |
| Entropy (8bit): | 4.855223108468014 |
| Encrypted: | false |
| SSDEEP: | 48:Z+dEJJpI4LLIk6ddLHJy8A3SXUV/ot5CjsEn+yxw4Dj7jvj:j3LLIk6T9yvGssE5x7 |
| MD5: | 4C70E6AE58B22DD268F5106D4EE3AE44 |
| SHA1: | 0C5646A9F164D08F74FE393211B2F4DC0421010B |
| SHA-256: | BF7E3FCFBDA05EA1397C425FC2CE4F3D669059AC6F9BBE762A27111AFF3FF310 |
| SHA-512: | DB248ED77A34E0177622C314DE834BC2A215C1B2EABF5D6BDEC717A61C20436A19FB94B4C0C54EDC32636728D2F163B91644EB34E6CC005CD3307EAB89BAA1E0 |
| Malicious: | false |
| Reputation: | low |
| URL: | http://czm11.cavernbeatles.com/ |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1435 |
| Entropy (8bit): | 4.7130828204283555 |
| Encrypted: | false |
| SSDEEP: | 24:UkvMuGRKe7+U6eSEMDSaGvMdufqGmnoSPfzS7pvMugQrYFv0CGSTYFUL9MtDY3Ss:Uk9w7x9sHGgufRNkz09fcFMCGJFUL9MO |
| MD5: | 1FB5EDFEA0AF10D301EFCD56738BA30A |
| SHA1: | 1AAC6EB08825AD63AC334CFF1F816CC9ECA71219 |
| SHA-256: | 161D0961994DD86814FAFBA6EDD6FA7A75D17B19B2E60E1EE01ADAA9EA19DADC |
| SHA-512: | A0C3F78B663E01D24DDD53AF6D0D1E3E9DD743C3E4CB6FC8F45588BCC37AB3923A2992505C4842D9E451692A7E7495155F58BFED056BCFE57E02204603F962DD |
| Malicious: | false |
| Reputation: | low |
| URL: | http://czm11.cavernbeatles.com/assets/styles.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 210 |
| Entropy (8bit): | 5.098105294030167 |
| Encrypted: | false |
| SSDEEP: | 6:uIRnXHFmmmJ0S2IcENFJKSK/xIcEo/VMCGYoVL:lXHAx6S2SRcJ9IL |
| MD5: | 05DA576EB71641B10811A1AEF60A853D |
| SHA1: | 5E7C7F426430C30209FE270AB129A9C0100BDEE9 |
| SHA-256: | 58B98E11D36F9689D4AF3C1CB3755528817709300FACF6D314C99CE91BD90B4B |
| SHA-512: | 2DAC5452E42E24043F512741B01E08CDEE464771A13C2D38D3F9958F75FCEA079F67A7B704AC6753C0BAB02DFDDD434AE7024D4674E3A532A70D50C5D6A72937 |
| Malicious: | false |
| Reputation: | low |
| URL: | http://czm11.cavernbeatles.com/t/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 235 |
| Entropy (8bit): | 4.996687328840349 |
| Encrypted: | false |
| SSDEEP: | 6:HXQI4ySmfH1A7YmmBi7YmjA0VhM+yp7YmmJyR13YoVL:HXYknxJX0VM2xYwIL |
| MD5: | 41735C0E24BE1E5BD89C1F6531207494 |
| SHA1: | 9EAE1BFA3B43E52C21E87FABCD63A4C2A3E55554 |
| SHA-256: | A594B117BC9C64745935F48B866C3CAA70CDED9C35EE02841A28277F3E75FFE3 |
| SHA-512: | 2CE91960620061DE0C91383930CC83BA32CCAD82E75C6CF8678CCF907021EA8D2901B327AF67565593D765873FD7988AA533753A2B8E94E2FB38D71C3A3C787F |
| Malicious: | false |
| Reputation: | low |
| URL: | http://czm11.cavernbeatles.com/rd/4EiHFs5060pdwZ594ueemlltgbq246DXCLIFRFRUUFCZD7792KXRQ15860r19 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3201 |
| Entropy (8bit): | 4.575164851274125 |
| Encrypted: | false |
| SSDEEP: | 48:vuzdIC1AFRZpvtph6F6BgxVbaCdQciJ2ZBgof6PM5FGxs7vtj:vuz1Yd6ygx4cA2 |
| MD5: | 858A2F5241103487BF39784412AA424E |
| SHA1: | 2174BBF56CD7355C60990E3859346BA5643030CF |
| SHA-256: | 054A6365422992FB2B7DCD2D5C1E79319C189A3D0F63949ACB6957D24EA79BB7 |
| SHA-512: | F86208CECF3D4F1EA9537FA294116F3893C81A0DD370C15CD71235216BCAFBA17DE0FD41F4F9A99803AD107A073CDB8974A0E032DD490B7ADE0FC1398F200881 |
| Malicious: | false |
| Reputation: | low |
| URL: | http://czm11.cavernbeatles.com/news?q=IP%20provider%20is%20blacklisted!%20LEVEL3 |
| Preview: |
⊘No static file info
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library NodeDownload Network PCAP: filtered – full
| Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-14T01:53:51.278764+0100 | 2859624 | ETPRO EXPLOIT_KIT FoxTDS Filtered Blacklisted | 1 | 185.246.85.93 | 80 | 192.168.2.4 | 49731 | TCP |
- Total Packets: 154
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 14, 2025 01:53:43.028965950 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:53:43.338982105 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:53:44.010864973 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:53:45.307789087 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:53:47.713844061 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:53:48.191029072 CET | 49726 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:53:48.191087008 CET | 443 | 49726 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.191226006 CET | 49726 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:53:48.191492081 CET | 49726 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:53:48.191515923 CET | 443 | 49726 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.389930010 CET | 443 | 49726 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.390753031 CET | 49727 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:53:48.390799999 CET | 443 | 49727 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.390995026 CET | 49727 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:53:48.391357899 CET | 49727 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:53:48.391374111 CET | 443 | 49727 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.589823961 CET | 443 | 49727 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.030682087 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.030802011 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.035830975 CET | 80 | 49730 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.036262035 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.036345005 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.036350965 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.062822104 CET | 49732 | 443 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.062872887 CET | 443 | 49732 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.062941074 CET | 49732 | 443 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.063225031 CET | 49732 | 443 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.063241005 CET | 443 | 49732 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.221271038 CET | 49733 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.221323013 CET | 443 | 49733 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.221417904 CET | 49733 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.223429918 CET | 49733 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.223444939 CET | 443 | 49733 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.224080086 CET | 443 | 49733 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.245995045 CET | 49734 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.246037960 CET | 443 | 49734 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.246114016 CET | 49734 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.246452093 CET | 49734 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.246465921 CET | 443 | 49734 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.246889114 CET | 443 | 49734 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.247201920 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.247323036 CET | 443 | 49735 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.249629021 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.253242970 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.253293991 CET | 443 | 49735 | 23.60.203.209 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.253351927 CET | 49735 | 443 | 192.168.2.4 | 23.60.203.209 |
| Mar 14, 2025 01:53:50.261593103 CET | 443 | 49732 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.262582064 CET | 49736 | 443 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.262598991 CET | 443 | 49736 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.262684107 CET | 49736 | 443 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.262979984 CET | 49736 | 443 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.262993097 CET | 443 | 49736 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.461664915 CET | 443 | 49736 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.531416893 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.536206961 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.706698895 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.759968042 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.944650888 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:50.949681997 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:51.216758966 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:51.266678095 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:51.274039984 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:51.278764009 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:51.449297905 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:51.493920088 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:51.776316881 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:53:52.076679945 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:53:52.280495882 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:52.285300970 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.456248045 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.456268072 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.456279993 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.456291914 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.456321955 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:52.456352949 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:53:52.514936924 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:53:52.548381090 CET | 49739 | 443 | 192.168.2.4 | 151.101.2.132 |
| Mar 14, 2025 01:53:52.548415899 CET | 443 | 49739 | 151.101.2.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.548504114 CET | 49739 | 443 | 192.168.2.4 | 151.101.2.132 |
| Mar 14, 2025 01:53:52.549041033 CET | 49739 | 443 | 192.168.2.4 | 151.101.2.132 |
| Mar 14, 2025 01:53:52.549062967 CET | 443 | 49739 | 151.101.2.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.679879904 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:53:52.749385118 CET | 443 | 49739 | 151.101.2.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.749917030 CET | 49740 | 443 | 192.168.2.4 | 151.101.2.132 |
| Mar 14, 2025 01:53:52.749974966 CET | 443 | 49740 | 151.101.2.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.750030994 CET | 49740 | 443 | 192.168.2.4 | 151.101.2.132 |
| Mar 14, 2025 01:53:52.750333071 CET | 49740 | 443 | 192.168.2.4 | 151.101.2.132 |
| Mar 14, 2025 01:53:52.750350952 CET | 443 | 49740 | 151.101.2.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.949479103 CET | 443 | 49740 | 151.101.2.132 | 192.168.2.4 |
| Mar 14, 2025 01:53:53.885481119 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:53:56.291785955 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:53:56.523350000 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:53:56.823049068 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:53:57.432410002 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:53:58.318084955 CET | 49745 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.318151951 CET | 443 | 49745 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.322179079 CET | 49745 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.323199034 CET | 49745 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.323219061 CET | 443 | 49745 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.323821068 CET | 443 | 49745 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.383498907 CET | 49746 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.383543015 CET | 443 | 49746 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.383852959 CET | 49746 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.383948088 CET | 49746 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.383965015 CET | 443 | 49746 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.384447098 CET | 443 | 49746 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.429555893 CET | 49747 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.429603100 CET | 443 | 49747 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.429733992 CET | 49747 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.430180073 CET | 49747 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.430197954 CET | 443 | 49747 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.430783987 CET | 443 | 49747 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.464066029 CET | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.464107990 CET | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.464243889 CET | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.466104984 CET | 49748 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.466124058 CET | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.466540098 CET | 443 | 49748 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.529576063 CET | 49749 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.529649973 CET | 443 | 49749 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.529757023 CET | 49749 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.530066967 CET | 49749 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.530080080 CET | 443 | 49749 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.530524015 CET | 443 | 49749 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.553687096 CET | 49750 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.553741932 CET | 443 | 49750 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.553845882 CET | 49750 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.554085970 CET | 49750 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.554100037 CET | 443 | 49750 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.554445028 CET | 443 | 49750 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.593417883 CET | 49751 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.593452930 CET | 443 | 49751 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.593511105 CET | 49751 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.593808889 CET | 49751 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.593823910 CET | 443 | 49751 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.594249964 CET | 443 | 49751 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.635569096 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:53:58.645361900 CET | 49752 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.645473957 CET | 443 | 49752 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.645569086 CET | 49752 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.645906925 CET | 49752 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:53:58.645940065 CET | 443 | 49752 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:53:58.646469116 CET | 443 | 49752 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:01.042247057 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:54:01.104768991 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:54:02.120795965 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
| Mar 14, 2025 01:54:05.854757071 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:54:10.715507984 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
| Mar 14, 2025 01:54:15.411890030 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:15.417423964 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:15.465759993 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
| Mar 14, 2025 01:54:15.587939024 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:15.587966919 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:15.587985039 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:15.588047028 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:15.638113976 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:15.838443995 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:15.843194008 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:16.013895988 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:16.013910055 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:16.013958931 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:21.208086967 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
| Mar 14, 2025 01:54:21.212806940 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
| Mar 14, 2025 01:54:21.212867975 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
| Mar 14, 2025 01:54:21.213356018 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
| Mar 14, 2025 01:54:21.217977047 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
| Mar 14, 2025 01:54:21.835282087 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
| Mar 14, 2025 01:54:21.840696096 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
| Mar 14, 2025 01:54:21.845371962 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
| Mar 14, 2025 01:54:22.021383047 CET | 80 | 49765 | 172.217.18.3 | 192.168.2.4 |
| Mar 14, 2025 01:54:22.088449001 CET | 49765 | 80 | 192.168.2.4 | 172.217.18.3 |
| Mar 14, 2025 01:54:34.961442947 CET | 49773 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:34.961494923 CET | 443 | 49773 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:34.961575031 CET | 49773 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:34.961899996 CET | 49773 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:34.961915016 CET | 443 | 49773 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:34.962515116 CET | 443 | 49773 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:34.965487003 CET | 49774 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:34.965534925 CET | 443 | 49774 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:34.965603113 CET | 49774 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:34.965873003 CET | 49774 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:34.965886116 CET | 443 | 49774 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:34.966257095 CET | 443 | 49774 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.002146959 CET | 49775 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.002186060 CET | 443 | 49775 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.002264023 CET | 49775 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.002557993 CET | 49775 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.002568960 CET | 443 | 49775 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.002918959 CET | 443 | 49775 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.021733999 CET | 49776 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.021770000 CET | 443 | 49776 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.021826029 CET | 49776 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.022114992 CET | 49776 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.022129059 CET | 443 | 49776 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.022538900 CET | 443 | 49776 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.041498899 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:35.046149969 CET | 49777 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.046224117 CET | 443 | 49777 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.046305895 CET | 49777 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.046566963 CET | 49777 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.046586037 CET | 443 | 49777 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.046905041 CET | 443 | 49777 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.046926975 CET | 80 | 49730 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.081752062 CET | 49778 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.081845999 CET | 443 | 49778 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.081926107 CET | 49778 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.082212925 CET | 49778 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.082231045 CET | 443 | 49778 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.082582951 CET | 443 | 49778 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.116449118 CET | 49779 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.116497993 CET | 443 | 49779 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.116558075 CET | 49779 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.116904020 CET | 49779 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.116914988 CET | 443 | 49779 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.117286921 CET | 443 | 49779 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.150599957 CET | 49780 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.150623083 CET | 443 | 49780 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.150669098 CET | 49780 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.150959969 CET | 49780 | 443 | 192.168.2.4 | 20.12.23.50 |
| Mar 14, 2025 01:54:35.150969982 CET | 443 | 49780 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:35.151335955 CET | 443 | 49780 | 20.12.23.50 | 192.168.2.4 |
| Mar 14, 2025 01:54:48.246721029 CET | 49790 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:54:48.246793032 CET | 443 | 49790 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:54:48.246860981 CET | 49790 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:54:48.247178078 CET | 49790 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:54:48.247195959 CET | 443 | 49790 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:54:48.445298910 CET | 443 | 49790 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:54:48.445888996 CET | 49791 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:54:48.445929050 CET | 443 | 49791 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:54:48.446002007 CET | 49791 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:54:48.446306944 CET | 49791 | 443 | 192.168.2.4 | 142.250.185.132 |
| Mar 14, 2025 01:54:48.446319103 CET | 443 | 49791 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:54:48.645543098 CET | 443 | 49791 | 142.250.185.132 | 192.168.2.4 |
| Mar 14, 2025 01:54:50.715437889 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:54:50.720448017 CET | 80 | 49730 | 185.246.85.93 | 192.168.2.4 |
| Mar 14, 2025 01:54:50.720526934 CET | 49730 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:55:01.026643991 CET | 49731 | 80 | 192.168.2.4 | 185.246.85.93 |
| Mar 14, 2025 01:55:01.031450033 CET | 80 | 49731 | 185.246.85.93 | 192.168.2.4 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 14, 2025 01:53:44.648801088 CET | 53 | 54760 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:44.714888096 CET | 53 | 55648 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.183479071 CET | 63323 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:48.183619022 CET | 49836 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:48.190181971 CET | 53 | 49836 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:48.190196991 CET | 53 | 63323 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.013650894 CET | 59130 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:50.016819954 CET | 59355 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:50.026855946 CET | 53 | 59130 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.029987097 CET | 53 | 59355 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.040178061 CET | 65172 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:50.040328026 CET | 61001 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:50.061614037 CET | 53 | 61001 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:50.062058926 CET | 53 | 65172 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.524221897 CET | 57240 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:52.524712086 CET | 55968 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:53:52.546314955 CET | 53 | 55968 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:53:52.546994925 CET | 53 | 57240 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:16.063039064 CET | 53 | 52103 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:44.208892107 CET | 53 | 51412 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:44.618257046 CET | 53 | 60681 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:45.351607084 CET | 53 | 53723 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:46.365870953 CET | 54107 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:46.366156101 CET | 57800 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:46.372828960 CET | 53 | 54107 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:46.372844934 CET | 53 | 57800 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:47.385952950 CET | 61313 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:47.386089087 CET | 52226 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:47.392752886 CET | 53 | 61313 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:47.392931938 CET | 53 | 52226 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:49.423064947 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:49.429709911 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:50.432570934 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:50.439208031 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:51.420296907 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
| Mar 14, 2025 01:54:51.433108091 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:51.439837933 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:53.448519945 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:53.455379009 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:54:57.463745117 CET | 57089 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:54:57.470390081 CET | 53 | 57089 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:01.671489954 CET | 50472 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:01.671771049 CET | 49297 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:01.678333998 CET | 53 | 49297 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:01.678350925 CET | 53 | 50472 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:02.682746887 CET | 64185 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:02.691037893 CET | 53 | 64185 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:04.716048002 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:04.722959042 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:05.729640961 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:05.738375902 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:06.729918003 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:06.737422943 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
| Mar 14, 2025 01:55:08.745157957 CET | 64231 | 53 | 192.168.2.4 | 1.1.1.1 |
| Mar 14, 2025 01:55:08.752121925 CET | 53 | 64231 | 1.1.1.1 | 192.168.2.4 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Mar 14, 2025 01:53:48.183479071 CET | 192.168.2.4 | 1.1.1.1 | 0x7771 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:53:48.183619022 CET | 192.168.2.4 | 1.1.1.1 | 0xe419 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:53:50.013650894 CET | 192.168.2.4 | 1.1.1.1 | 0xe1d9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:53:50.016819954 CET | 192.168.2.4 | 1.1.1.1 | 0x237b | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:53:50.040178061 CET | 192.168.2.4 | 1.1.1.1 | 0xa8a0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:53:50.040328026 CET | 192.168.2.4 | 1.1.1.1 | 0xac19 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:53:52.524221897 CET | 192.168.2.4 | 1.1.1.1 | 0x948e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:53:52.524712086 CET | 192.168.2.4 | 1.1.1.1 | 0x4daa | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:54:46.365870953 CET | 192.168.2.4 | 1.1.1.1 | 0x255e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:54:46.366156101 CET | 192.168.2.4 | 1.1.1.1 | 0xc6d3 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:54:47.385952950 CET | 192.168.2.4 | 1.1.1.1 | 0xf1da | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:54:47.386089087 CET | 192.168.2.4 | 1.1.1.1 | 0x8e4e | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:54:49.423064947 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:54:50.432570934 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:54:51.433108091 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:54:53.448519945 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:54:57.463745117 CET | 192.168.2.4 | 1.1.1.1 | 0x7015 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:55:01.671489954 CET | 192.168.2.4 | 1.1.1.1 | 0x380e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:55:01.671771049 CET | 192.168.2.4 | 1.1.1.1 | 0x8337 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 14, 2025 01:55:02.682746887 CET | 192.168.2.4 | 1.1.1.1 | 0x176 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:55:04.716048002 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:55:05.729640961 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:55:06.729918003 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 14, 2025 01:55:08.745157957 CET | 192.168.2.4 | 1.1.1.1 | 0x597f | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Mar 14, 2025 01:53:48.190181971 CET | 1.1.1.1 | 192.168.2.4 | 0xe419 | No error (0) | 65 | IN (0x0001) | false | |||
| Mar 14, 2025 01:53:48.190196991 CET | 1.1.1.1 | 192.168.2.4 | 0x7771 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:50.026855946 CET | 1.1.1.1 | 192.168.2.4 | 0xe1d9 | No error (0) | 185.246.85.93 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:50.062058926 CET | 1.1.1.1 | 192.168.2.4 | 0xa8a0 | No error (0) | 185.246.85.93 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:52.546314955 CET | 1.1.1.1 | 192.168.2.4 | 0x4daa | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.2.132 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.66.132 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.130.132 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:53:52.546994925 CET | 1.1.1.1 | 192.168.2.4 | 0x948e | No error (0) | 151.101.194.132 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:46.372828960 CET | 1.1.1.1 | 192.168.2.4 | 0x255e | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:46.372828960 CET | 1.1.1.1 | 192.168.2.4 | 0x255e | No error (0) | 142.251.143.35 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:46.372844934 CET | 1.1.1.1 | 192.168.2.4 | 0xc6d3 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:47.392752886 CET | 1.1.1.1 | 192.168.2.4 | 0xf1da | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:47.392752886 CET | 1.1.1.1 | 192.168.2.4 | 0xf1da | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:47.392931938 CET | 1.1.1.1 | 192.168.2.4 | 0x8e4e | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:49.429709911 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:49.429709911 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:50.439208031 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:50.439208031 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:51.439837933 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:51.439837933 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:53.455379009 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:53.455379009 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:57.470390081 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | beacons-handoff.gcp.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:54:57.470390081 CET | 1.1.1.1 | 192.168.2.4 | 0x7015 | No error (0) | 142.250.180.99 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:01.678350925 CET | 1.1.1.1 | 192.168.2.4 | 0x380e | No error (0) | beacons6.gvt2.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:01.678350925 CET | 1.1.1.1 | 192.168.2.4 | 0x380e | No error (0) | 142.250.186.35 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:02.691037893 CET | 1.1.1.1 | 192.168.2.4 | 0x176 | No error (0) | 142.250.181.227 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:04.722959042 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:05.738375902 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:06.737422943 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
| Mar 14, 2025 01:55:08.752121925 CET | 1.1.1.1 | 192.168.2.4 | 0x597f | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.4 | 49731 | 185.246.85.93 | 80 | 2800 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| Mar 14, 2025 01:53:50.531416893 CET | 502 | OUT | |
| Mar 14, 2025 01:53:50.706698895 CET | 487 | IN | |
| Mar 14, 2025 01:53:50.944650888 CET | 607 | OUT | |
| Mar 14, 2025 01:53:51.216758966 CET | 462 | IN | |
| Mar 14, 2025 01:53:51.274039984 CET | 453 | OUT | |
| Mar 14, 2025 01:53:51.449297905 CET | 258 | IN | |
| Mar 14, 2025 01:53:52.280495882 CET | 592 | OUT | |
| Mar 14, 2025 01:53:52.456248045 CET | 1236 | IN | |
| Mar 14, 2025 01:53:52.456268072 CET | 224 | IN | |
| Mar 14, 2025 01:53:52.456279993 CET | 1236 | IN | |
| Mar 14, 2025 01:53:52.456291914 CET | 783 | IN | |
| Mar 14, 2025 01:54:15.411890030 CET | 529 | OUT | |
| Mar 14, 2025 01:54:15.587939024 CET | 1236 | IN | |
| Mar 14, 2025 01:54:15.587966919 CET | 1236 | IN | |
| Mar 14, 2025 01:54:15.587985039 CET | 689 | IN | |
| Mar 14, 2025 01:54:15.838443995 CET | 350 | OUT | |
| Mar 14, 2025 01:54:16.013895988 CET | 1236 | IN | |
| Mar 14, 2025 01:54:16.013910055 CET | 384 | IN | |
| Mar 14, 2025 01:55:01.026643991 CET | 6 | OUT |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 1 | 192.168.2.4 | 49765 | 172.217.18.3 | 80 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| Mar 14, 2025 01:54:21.213356018 CET | 202 | OUT | |
| Mar 14, 2025 01:54:21.835282087 CET | 223 | IN | |
| Mar 14, 2025 01:54:21.840696096 CET | 200 | OUT | |
| Mar 14, 2025 01:54:22.021383047 CET | 223 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.4 | 49730 | 185.246.85.93 | 80 | 2800 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| Mar 14, 2025 01:54:35.041498899 CET | 6 | OUT |
Click to jump to process
Click to jump to process
Click to jump to process
| Target ID: | 1 |
| Start time: | 20:53:40 |
| Start date: | 13/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff786830000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | false |
| Target ID: | 2 |
| Start time: | 20:53:42 |
| Start date: | 13/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff786830000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | false |
| Target ID: | 4 |
| Start time: | 20:53:48 |
| Start date: | 13/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff786830000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | true |
⊘No disassembly
