Edit tour
Windows
Analysis Report
Electronic_Invoice(20 Mar 2025).pdf.html
Overview
General Information
| Sample name: | Electronic_Invoice(20 Mar 2025).pdf.html |
| Analysis ID: | 1644122 |
| MD5: | 20b9983b934ea88ae95751bbd6252e72 |
| SHA1: | 79ba5f09c60923f0d09be35e2c0eb0fb22812726 |
| SHA256: | 686f59220b0cebc250fbbc82aea11aa24c1ee5423cd22b4a995bbe9dd830a49c |
| Tags: | htmlShippinguser-cocaman |
| Infos: |  |
 | |
Detection
HTMLPhisher
| Score: | 72 |
| Range: | 0 - 100 |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Yara detected HtmlPhish10
AI detected suspicious Javascript
HTML document with suspicious name
HTML document with suspicious title
HTML file submission containing password form
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden javascript code
HTML title does not match URL
IP address seen in connection with other malware
None HTTPS page querying sensitive user data (password, username or email)
Suricata IDS alerts with low severity for network traffic
Classification
- System is w10x64
chrome.exe (PID: 704 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) - chrome.exe (PID: 6984 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=2000,i ,169358628 9106591836 7,16861263 9377349799 45,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction --va riations-s eed-versio n=20250306 -183004.42 9000 --moj o-platform -channel-h andle=2108 /prefetch :3 MD5: E81F54E6C1129887AEA47E7D092680BF) - chrome.exe (PID: 7756 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= printing.m ojom.Unsan dboxedPrin tBackendHo st --lang= en-US --se rvice-sand box-type=n one --no-p re-read-ma in-dll --f ield-trial -handle=20 00,i,16935 8628910659 18367,1686 1263937734 979945,262 144 --disa ble-featur es=Optimiz ationGuide ModelDownl oading,Opt imizationH ints,Optim izationHin tsFetching ,Optimizat ionTargetP rediction --variatio ns-seed-ve rsion=2025 0306-18300 4.429000 - -mojo-plat form-chann el-handle= 5036 /pref etch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)
- chrome.exe (PID: 7956 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "C:\ Users\user \Desktop\E lectronic_ Invoice(20 Mar 2025) .pdf.html" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
⊘No configs have been found
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security | ||
| JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security | ||
| JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
⊘No Sigma rule has matched
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-20T11:44:51.035126+0100 | 2030707 | 1 | Successful Credential Theft Detected | 192.168.2.5 | 49743 | 3.168.73.69 | 443 | TCP |
| 2025-03-20T11:44:59.708574+0100 | 2030707 | 1 | Successful Credential Theft Detected | 192.168.2.5 | 49746 | 3.168.73.69 | 443 | TCP |
- • AV Detection
- • Phishing
- • Compliance
- • Networking
- • System Summary
- • Stealing of Sensitive Information
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | ReversingLabs: | ||
Phishing | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Joe Sandbox AI: | ||
| Source: | Tab title: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
System Summary | |
|---|
| Source: | Initial sample: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File deleted: | Jump to behavior | ||
| Source: | Classification label: | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Window detected: | ||
Stealing of Sensitive Information | |
|---|
| Source: | HTTP Parser: | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Browser Extensions | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 25% | ReversingLabs | Document-HTML.Phishing.Beluga |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| google.com | 142.251.40.142 | true | false | high | |
| code.jquery.com | 151.101.2.137 | true | false | high | |
| submitted.formspark.io | 18.164.116.98 | true | false | unknown | |
| www.google.com | 142.250.81.228 | true | false | high | |
| submit-form.com | 3.168.73.69 | true | false | high | |
| i.ibb.co | 207.174.26.219 | true | false | high | |
| lgpartner.ch | unknown | unknown | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false |
| unknown | |
| false |
| unknown | |
| false | high | ||
| true |
| unknown | |
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 207.174.26.219 | i.ibb.co | United States | 6079 | RCN-ASUS | false | |
| 3.168.73.69 | submit-form.com | United States | 16509 | AMAZON-02US | false | |
| 142.250.81.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
| 3.168.73.87 | unknown | United States | 16509 | AMAZON-02US | false | |
| 151.101.2.137 | code.jquery.com | United States | 54113 | FASTLYUS | false | |
| 18.164.116.98 | submitted.formspark.io | United States | 3 | MIT-GATEWAYSUS | false |
| IP |
|---|
| 192.168.2.7 |
| 192.168.2.16 |
| 192.168.2.5 |
| Joe Sandbox version: | 42.0.0 Malachite |
| Analysis ID: | 1644122 |
| Start date and time: | 2025-03-20 11:43:23 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 5m 55s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowshtmlcookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 16 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | Electronic_Invoice(20 Mar 2025).pdf.html |
| Detection: | MAL |
| Classification: | mal72.phis.winHTML@32/6@43/9 |
| EGA Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, B ackgroundTransferHost.exe, WMI ADAP.exe, SIHClient.exe, backg roundTaskHost.exe, conhost.exe , svchost.exe - Excluded IPs from analysis (wh
itelisted): 23.204.23.20, 142. 250.65.174, 142.250.65.195, 14 2.250.176.206, 172.253.63.84, 142.251.41.14, 142.250.81.238, 142.250.64.110, 142.250.65.20 6, 142.250.65.238, 142.251.40. 142, 199.232.214.172, 142.250. 64.78, 142.251.35.163, 142.251 .167.84, 172.217.165.131, 142. 250.72.110, 142.251.179.84, 14 2.251.35.174, 20.109.210.53, 2 3.96.180.189, 150.171.27.10, 2 3.33.40.139 - Excluded domains from analysis
(whitelisted): www.bing.com, clients1.google.com, fs.micros oft.com, accounts.google.com, slscr.update.microsoft.com, ct ldl.windowsupdate.com, clients ervices.googleapis.com, g.bing .com, fs-wildcard.microsoft.co m.edgekey.net, fs-wildcard.mic rosoft.com.edgekey.net.globalr edir.akadns.net, e16604.dscf.a kamaiedge.net, arc.msn.com, fe 3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.m e.gvt1.com, redirector.gvt1.co m, update.googleapis.com, clie nts.l.google.com, prod.fs.micr osoft.com.akadns.net - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtCreateFile calls fou nd. - Report size getting too big, t
oo many NtOpenFile calls found . - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data.
⊘No simulations
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 151.101.2.137 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| 207.174.26.219 | Get hash | malicious | XWorm | Browse | ||
| Get hash | malicious | HTMLPhisher | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | XWorm | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | XWorm | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | HTMLPhisher | Browse | |||
| Get hash | malicious | HTMLPhisher | Browse | |||
| 18.164.116.98 | Get hash | malicious | Vidar | Browse | ||
| Get hash | malicious | Amadey, Stealc, Vidar | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| i.ibb.co | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | XWorm | Browse |
| ||
| Get hash | malicious | XWorm | Browse |
| ||
| Get hash | malicious | AsyncRAT, XWorm | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | XWorm | Browse |
| ||
| code.jquery.com | Get hash | malicious | HTMLPhisher | Browse |
| |
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| google.com | Get hash | malicious | HTMLPhisher | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | ScreenConnect Tool | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | ScreenConnect Tool | Browse |
| ||
| submitted.formspark.io | Get hash | malicious | HTMLPhisher | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| submit-form.com | Get hash | malicious | HTMLPhisher | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| FASTLYUS | Get hash | malicious | RHADAMANTHYS | Browse |
| |
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | RHADAMANTHYS | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| AMAZON-02US | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Prometei | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Prometei | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| RCN-ASUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | XWorm | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | XWorm | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| AMAZON-02US | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Prometei | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Prometei | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 169555 |
| Entropy (8bit): | 7.9884912169136975 |
| Encrypted: | false |
| SSDEEP: | 3072:zPVQAdzSrY5135f9fkofSxR5yz1Ja8HplRG+JcQAJWymT2AG+RSw:63+95fCxnyzz3BTAJWymTiSSw |
| MD5: | 4AB714A69D89643534082046C194818B |
| SHA1: | 9191B83F7239F221522179AB3765323EBA1F7B45 |
| SHA-256: | 898EA791025A86427C1F2547631D9599B413EDDAA28D8EF005A12BFA225B1927 |
| SHA-512: | 2A41FB58F3DFC121819CDCF31DB4649CAEB051EF78828672973E42BAE4BAA2B9AB872730BEE62AEDF6875D65F400D0110E617EC74B2923DBEC569CB7F8D97982 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 89795 |
| Entropy (8bit): | 5.290870198529059 |
| Encrypted: | false |
| SSDEEP: | 1536:IjjxXUHunxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBqUsuy8WnKdXwhLQvg:IeeIygP3fulzhsz8jlvaDioQ47GKH |
| MD5: | 641DD14370106E992D352166F5A07E99 |
| SHA1: | EDA46747C71D38A880BEE44F9A439C3858BB8F99 |
| SHA-256: | A0FE8723DCF55DA64D06B25446D0A8513E52527C45AFCB37073465F9C6F352AF |
| SHA-512: | A6E981B23351186AA43F32879DD64C6801BE6E2AF7EF8B0E472CCCDEEBA52D5D7894DE4BCB292A364F1E11E525524077534338140A72687ADA4FAE62849843A5 |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| URL: | https://code.jquery.com/jquery-3.6.4.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1366 |
| Entropy (8bit): | 5.195638554980006 |
| Encrypted: | false |
| SSDEEP: | 24:hR0LQaGQGJ+4Gn0MyG3jW7OPGrVJRGJuTJE5JdbJWUJnuuJnSQ4HIZl9jxIzh1I:TrT+4GVyG3q7OPYR6uNEvdVJnuCnVkI3 |
| MD5: | BEBA892C25C0DCDC39747FED4B5B0B2D |
| SHA1: | 660EF720809478C8B744FEF403C3555FB6BDFF2F |
| SHA-256: | B2EB1BD9BCA301A1103863E8F5189CC4C31BD2BC33623758481DF3BC04FC6A2B |
| SHA-512: | 94B55E56FE6BC3D2A2CEFF0EC8EC204ED9415F240A0A6203258ED48784F8AC57D19E9BB22801315429A516CD547767917E905D43CAADA29606151C1B1E9AD1EB |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 169555 |
| Entropy (8bit): | 7.9884912169136975 |
| Encrypted: | false |
| SSDEEP: | 3072:zPVQAdzSrY5135f9fkofSxR5yz1Ja8HplRG+JcQAJWymT2AG+RSw:63+95fCxnyzz3BTAJWymTiSSw |
| MD5: | 4AB714A69D89643534082046C194818B |
| SHA1: | 9191B83F7239F221522179AB3765323EBA1F7B45 |
| SHA-256: | 898EA791025A86427C1F2547631D9599B413EDDAA28D8EF005A12BFA225B1927 |
| SHA-512: | 2A41FB58F3DFC121819CDCF31DB4649CAEB051EF78828672973E42BAE4BAA2B9AB872730BEE62AEDF6875D65F400D0110E617EC74B2923DBEC569CB7F8D97982 |
| Malicious: | false |
| URL: | https://i.ibb.co/LzTQVcnV/background.png |
| Preview: |
| File type: | |
| Entropy (8bit): | 4.778829438019272 |
| TrID: |
|
| File name: | Electronic_Invoice(20 Mar 2025).pdf.html |
| File size: | 13'820 bytes |
| MD5: | 20b9983b934ea88ae95751bbd6252e72 |
| SHA1: | 79ba5f09c60923f0d09be35e2c0eb0fb22812726 |
| SHA256: | 686f59220b0cebc250fbbc82aea11aa24c1ee5423cd22b4a995bbe9dd830a49c |
| SHA512: | d5d1177e881c1695b4479fa616bd00d89b20888591889ee9771cc8635b09076534795a7c7d6d0a53e81c200a5d1580ad34c08d30ba07d0e13084bea3f5c06d59 |
| SSDEEP: | 192:ndw5nLfbIkf7twFffYhxS9ZDAB9LS36Znc6w5A:65nQxFYhxmVAB9Lpc6MA |
| TLSH: | 2E521C328DC7AE008771424362CD9EC5DF8D8357A28319CC764FA78F4F798A64AC35A9 |
| File Content Preview: | <!DOCTYPE html>..<html lang="en">..<head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title></title>.. <script src="https://code.jquery.com/jquery-3.6.4.min.js"></script>.. <script>.. |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library NodeDownload Network PCAP: filtered – full
| Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-20T11:44:51.035126+0100 | 2030707 | ET PHISHING Possible Successful Credential Phish - Form submitted to submit-form Form Hosting | 1 | 192.168.2.5 | 49743 | 3.168.73.69 | 443 | TCP |
| 2025-03-20T11:44:59.708574+0100 | 2030707 | ET PHISHING Possible Successful Credential Phish - Form submitted to submit-form Form Hosting | 1 | 192.168.2.5 | 49746 | 3.168.73.69 | 443 | TCP |
- Total Packets: 265
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 20, 2025 11:44:13.404165983 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:13.716502905 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:14.325759888 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:14.372697115 CET | 49672 | 443 | 192.168.2.5 | 204.79.197.203 |
| Mar 20, 2025 11:44:15.528872967 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:17.117676973 CET | 49709 | 443 | 192.168.2.5 | 23.33.40.145 |
| Mar 20, 2025 11:44:17.118436098 CET | 49716 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:44:17.935129881 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:22.747639894 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:24.044675112 CET | 49672 | 443 | 192.168.2.5 | 204.79.197.203 |
| Mar 20, 2025 11:44:27.070244074 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:27.070280075 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.070337057 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:27.070497990 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:27.070508957 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.275973082 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.276038885 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:27.277153969 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:27.277160883 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.277437925 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.325728893 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:28.068387985 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.068437099 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.068532944 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.068648100 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.068684101 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.255067110 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.255261898 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.256228924 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.256259918 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.256556988 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.257205009 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.300343037 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.429596901 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.440833092 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.440851927 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.441011906 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.441041946 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.441097021 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.462522984 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.462543964 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.462589025 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.462596893 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.462627888 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.516212940 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.534821987 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.534838915 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.534888029 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.534904003 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.534919977 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.534943104 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.548624992 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.548654079 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.548712969 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.548736095 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.548748970 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.550558090 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.559144974 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.559166908 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.559252024 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.559269905 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.559283018 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.560640097 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.565674067 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.565742016 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.565753937 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.565766096 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.565802097 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.575784922 CET | 49734 | 443 | 192.168.2.5 | 151.101.2.137 |
| Mar 20, 2025 11:44:28.575817108 CET | 443 | 49734 | 151.101.2.137 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.707597017 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:28.707699060 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.707822084 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:28.708148003 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:28.708184958 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.905878067 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.905960083 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:28.906738043 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:28.906769037 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.907280922 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.907720089 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:28.952326059 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.080143929 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.080169916 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.080224037 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.080248117 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.080288887 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.086244106 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.086329937 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.097317934 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.097381115 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.124780893 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.124860048 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.174505949 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.174563885 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.187874079 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.187931061 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.194622040 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.194684982 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.207582951 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.207648039 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.219671965 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.219733000 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.225172997 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.225271940 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.237230062 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.237277985 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.250804901 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.250878096 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.255024910 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.255072117 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.265357018 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.265408039 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.269366980 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.269418001 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.278443098 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.278513908 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.287403107 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.287462950 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.291838884 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.291894913 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.300046921 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.300106049 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.308223963 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.308298111 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.311034918 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.311181068 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.321108103 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.321165085 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.328202963 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.328272104 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.331469059 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.331527948 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.340172052 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.340234041 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.344280005 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.344340086 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.347162008 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.347220898 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.352823973 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.352894068 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.358525991 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.358591080 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.361496925 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.361557007 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.365684032 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.365744114 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.369739056 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.369796038 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.371810913 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.371866941 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.376045942 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.376101017 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.379638910 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.379707098 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.381489038 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.381567001 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.385273933 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.385334969 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.389717102 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.389775038 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.391200066 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.391253948 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.394644976 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.394700050 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.396475077 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.396532059 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.398442030 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.398497105 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.398504019 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.398556948 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.398745060 CET | 49735 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.398782015 CET | 443 | 49735 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.504754066 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.504796028 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.504945993 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.505086899 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.505101919 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.689826012 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.690057039 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.690517902 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.690530062 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.690788984 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.691281080 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.732323885 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.876002073 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.876029968 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.877799034 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.877813101 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.877974987 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.882272959 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.882522106 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.892450094 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.894526958 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.920041084 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.920340061 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.969052076 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.969475031 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.981780052 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.982522964 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:29.988084078 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.988343000 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.000704050 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.002238035 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.012217999 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.012346983 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.018201113 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.018435955 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.030452967 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.030519962 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.042140961 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.042223930 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.047271013 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.048118114 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.058357954 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.058526993 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.062530994 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.062686920 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.070893049 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.072222948 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.077900887 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.078104973 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.081685066 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.081763029 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.089109898 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.090625048 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.096707106 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.098109007 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.100985050 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.101178885 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.108545065 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.110433102 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.116627932 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.116717100 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.121308088 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.122524977 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.127715111 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.128118038 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.134222984 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.134535074 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.139822960 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.139915943 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.145802975 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.146524906 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.152995110 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.154525995 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.156471014 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.158112049 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.161001921 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.161087990 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.163439035 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.164325953 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.164519072 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.165904999 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.167560101 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.167937994 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.171422005 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.171818972 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.173573971 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.173772097 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.177177906 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.178117037 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.182163000 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.182523012 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.183944941 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.184339046 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.186095953 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.186522961 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.187767982 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.188108921 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.189230919 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.189388990 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.189404964 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.189512014 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.189512014 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:30.189517975 CET | 443 | 49736 | 207.174.26.219 | 192.168.2.5 |
| Mar 20, 2025 11:44:30.190524101 CET | 49736 | 443 | 192.168.2.5 | 207.174.26.219 |
| Mar 20, 2025 11:44:32.357229948 CET | 49676 | 443 | 192.168.2.5 | 20.189.173.14 |
| Mar 20, 2025 11:44:37.266038895 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:37.266191959 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:37.266243935 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:38.968369961 CET | 49730 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:44:38.968391895 CET | 443 | 49730 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:44:50.842448950 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:50.842547894 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:50.842641115 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:50.842839956 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:50.842884064 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:51.033359051 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:51.033452988 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:51.034482956 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:51.034512043 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:51.034760952 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:51.035011053 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:51.076354027 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.151102066 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.151173115 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.151288986 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:53.152405977 CET | 49743 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:53.152451038 CET | 443 | 49743 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.320888042 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.320919991 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.320992947 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.321110010 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.321118116 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.506936073 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.507018089 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.507538080 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.507544041 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.507739067 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.508023024 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.548362017 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.961612940 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.961683989 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.961764097 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.962292910 CET | 49744 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:44:53.962306976 CET | 443 | 49744 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.102879047 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.102982998 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.103065014 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.103184938 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.103209972 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.309334040 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.309529066 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.311100960 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.311132908 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.311631918 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.311906099 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.352401018 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.676541090 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.676628113 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.676975965 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.678457975 CET | 49745 | 443 | 192.168.2.5 | 18.164.116.98 |
| Mar 20, 2025 11:44:54.678502083 CET | 443 | 49745 | 18.164.116.98 | 192.168.2.5 |
| Mar 20, 2025 11:44:56.576697111 CET | 80 | 49694 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:44:56.576809883 CET | 49694 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:44:56.576853991 CET | 49694 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:44:56.667735100 CET | 80 | 49694 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:44:59.519097090 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:59.519138098 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:59.520585060 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:59.520818949 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:59.520827055 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:59.707935095 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:59.708228111 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:59.708239079 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:44:59.708415985 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:44:59.708420992 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.518708944 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.518776894 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.519792080 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:45:01.519975901 CET | 49746 | 443 | 192.168.2.5 | 3.168.73.69 |
| Mar 20, 2025 11:45:01.519984961 CET | 443 | 49746 | 3.168.73.69 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.523144007 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:01.523200989 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.523607969 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:01.524219036 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:01.524238110 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.714210033 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.714413881 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:01.714438915 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:01.714562893 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:01.714569092 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:02.143704891 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:02.143764019 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:02.146533012 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:02.146564960 CET | 443 | 49747 | 3.168.73.87 | 192.168.2.5 |
| Mar 20, 2025 11:45:02.146594048 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:02.146626949 CET | 49747 | 443 | 192.168.2.5 | 3.168.73.87 |
| Mar 20, 2025 11:45:05.513937950 CET | 49699 | 80 | 192.168.2.5 | 142.250.72.99 |
| Mar 20, 2025 11:45:05.596395016 CET | 49704 | 443 | 192.168.2.5 | 23.33.40.145 |
| Mar 20, 2025 11:45:05.596431971 CET | 49706 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:05.605038881 CET | 80 | 49699 | 142.250.72.99 | 192.168.2.5 |
| Mar 20, 2025 11:45:05.605103016 CET | 49699 | 80 | 192.168.2.5 | 142.250.72.99 |
| Mar 20, 2025 11:45:06.121722937 CET | 80 | 49693 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:45:06.122006893 CET | 49693 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:06.122006893 CET | 49693 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:06.212563038 CET | 80 | 49693 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:45:09.267141104 CET | 80 | 49696 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:45:09.267266035 CET | 49696 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:09.267301083 CET | 49696 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:09.359133959 CET | 80 | 49696 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:45:27.030452967 CET | 49756 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:45:27.030565023 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:27.030661106 CET | 49756 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:45:27.030786037 CET | 49756 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:45:27.030812025 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:27.227230072 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:27.227562904 CET | 49756 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:45:27.227653027 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:37.215471983 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:37.215538025 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:37.215640068 CET | 49756 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:45:38.968691111 CET | 49756 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:45:38.968769073 CET | 443 | 49756 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:45:41.812323093 CET | 80 | 49695 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:45:41.812513113 CET | 49695 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:41.812514067 CET | 49695 | 80 | 192.168.2.5 | 23.203.176.221 |
| Mar 20, 2025 11:45:41.902729988 CET | 80 | 49695 | 23.203.176.221 | 192.168.2.5 |
| Mar 20, 2025 11:45:53.701973915 CET | 49685 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.702370882 CET | 49684 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.702410936 CET | 49686 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.702454090 CET | 49687 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.801501989 CET | 443 | 49684 | 40.126.24.149 | 192.168.2.5 |
| Mar 20, 2025 11:45:53.801526070 CET | 443 | 49687 | 40.126.24.149 | 192.168.2.5 |
| Mar 20, 2025 11:45:53.801584005 CET | 49684 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.801651955 CET | 49687 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.801784039 CET | 443 | 49685 | 40.126.24.149 | 192.168.2.5 |
| Mar 20, 2025 11:45:53.802050114 CET | 49685 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:45:53.802369118 CET | 443 | 49686 | 40.126.24.149 | 192.168.2.5 |
| Mar 20, 2025 11:45:53.802440882 CET | 49686 | 443 | 192.168.2.5 | 40.126.24.149 |
| Mar 20, 2025 11:46:27.093230963 CET | 49763 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:46:27.093281031 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:46:27.093367100 CET | 49763 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:46:27.093585014 CET | 49763 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:46:27.093599081 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:46:27.286946058 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:46:27.287205935 CET | 49763 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:46:27.287236929 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:46:37.279325962 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:46:37.279383898 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:46:37.279550076 CET | 49763 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:46:38.969718933 CET | 49763 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:46:38.969752073 CET | 443 | 49763 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:27.156599045 CET | 49764 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:47:27.156722069 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:27.156852961 CET | 49764 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:47:27.157094002 CET | 49764 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:47:27.157129049 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:27.349374056 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:27.349771976 CET | 49764 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:47:27.349842072 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:37.382482052 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:37.382546902 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Mar 20, 2025 11:47:37.382838964 CET | 49764 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:47:38.969681978 CET | 49764 | 443 | 192.168.2.5 | 142.250.81.228 |
| Mar 20, 2025 11:47:38.969764948 CET | 443 | 49764 | 142.250.81.228 | 192.168.2.5 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 20, 2025 11:44:22.818363905 CET | 53 | 52921 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:22.860327959 CET | 53 | 63834 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:23.598545074 CET | 53 | 50223 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:23.718725920 CET | 53 | 54198 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:26.967468023 CET | 61163 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:26.967571974 CET | 65315 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:27.069039106 CET | 53 | 65315 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.069097042 CET | 53 | 61163 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:27.967891932 CET | 64658 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:27.967891932 CET | 58287 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:28.065197945 CET | 53 | 58287 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.067917109 CET | 53 | 64658 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.605668068 CET | 59612 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:28.606065989 CET | 51041 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:28.704018116 CET | 53 | 59612 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:28.704663038 CET | 53 | 51041 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.404664993 CET | 58850 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:29.404923916 CET | 62672 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:29.502724886 CET | 53 | 58850 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:29.504339933 CET | 53 | 62672 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:40.661009073 CET | 53 | 51111 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:50.707499981 CET | 64713 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:50.707829952 CET | 64354 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:50.816636086 CET | 53 | 64713 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:50.846425056 CET | 53 | 64354 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.210269928 CET | 61821 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:53.212377071 CET | 54849 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:53.317677975 CET | 53 | 54849 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.320365906 CET | 53 | 61821 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:53.963957071 CET | 52584 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:53.964284897 CET | 55403 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:44:54.095988989 CET | 53 | 55403 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:54.102371931 CET | 53 | 52584 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:44:59.394294024 CET | 53 | 63513 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:03.553293943 CET | 54030 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:03.553432941 CET | 52101 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:03.750071049 CET | 53 | 52101 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:03.757123947 CET | 53 | 54030 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:03.757916927 CET | 51465 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:03.970051050 CET | 53 | 51465 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:03.997239113 CET | 50685 | 53 | 192.168.2.5 | 8.8.8.8 |
| Mar 20, 2025 11:45:03.997462988 CET | 57289 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:04.093293905 CET | 53 | 50685 | 8.8.8.8 | 192.168.2.5 |
| Mar 20, 2025 11:45:04.094819069 CET | 53 | 57289 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:05.005170107 CET | 59655 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:05.005430937 CET | 53055 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:05.126234055 CET | 53 | 59655 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:05.209991932 CET | 53 | 53055 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:10.178215027 CET | 58188 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:10.178642035 CET | 58409 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:10.384408951 CET | 53 | 58188 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:10.385906935 CET | 53 | 58409 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:10.386534929 CET | 57155 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:10.485302925 CET | 53 | 57155 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:11.624140978 CET | 53768 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:11.624859095 CET | 56812 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:11.723062992 CET | 53 | 56812 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:11.731254101 CET | 53 | 53768 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:11.744426012 CET | 55819 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:11.744846106 CET | 60599 | 53 | 192.168.2.5 | 8.8.8.8 |
| Mar 20, 2025 11:45:11.840703011 CET | 53 | 60599 | 8.8.8.8 | 192.168.2.5 |
| Mar 20, 2025 11:45:11.842446089 CET | 53 | 55819 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:16.677711964 CET | 138 | 138 | 192.168.2.5 | 192.168.2.255 |
| Mar 20, 2025 11:45:22.363121986 CET | 53 | 61913 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:22.475802898 CET | 53 | 53767 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:25.069768906 CET | 53 | 59612 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:25.316602945 CET | 53 | 49862 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:35.061367035 CET | 51356 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:35.348709106 CET | 53 | 51356 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:41.764667988 CET | 61735 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:41.764667988 CET | 57429 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:41.871963978 CET | 53 | 61735 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:41.883250952 CET | 53 | 57429 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:41.884093046 CET | 63859 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:45:41.992007971 CET | 53 | 63859 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:45:52.216300011 CET | 53 | 64171 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:07.177397013 CET | 50232 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:46:07.177654028 CET | 57074 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:46:07.195576906 CET | 49268 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:46:07.288383961 CET | 53 | 57074 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:07.301038980 CET | 53 | 50232 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:07.404476881 CET | 53 | 49268 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:07.416526079 CET | 57206 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:46:07.416898012 CET | 49574 | 53 | 192.168.2.5 | 8.8.8.8 |
| Mar 20, 2025 11:46:07.512203932 CET | 53 | 49574 | 8.8.8.8 | 192.168.2.5 |
| Mar 20, 2025 11:46:07.514111042 CET | 53 | 57206 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:27.070924044 CET | 53 | 63802 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:36.160365105 CET | 53 | 52335 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:46:47.077923059 CET | 52481 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:46:47.198174953 CET | 53 | 52481 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:47:06.002079010 CET | 57738 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:47:06.002079964 CET | 60149 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:47:06.195518970 CET | 53 | 57738 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:47:06.205147028 CET | 53 | 60149 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:47:06.205866098 CET | 53145 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:47:06.305476904 CET | 53 | 53145 | 1.1.1.1 | 192.168.2.5 |
| Mar 20, 2025 11:47:06.326401949 CET | 54616 | 53 | 192.168.2.5 | 1.1.1.1 |
| Mar 20, 2025 11:47:06.326613903 CET | 63338 | 53 | 192.168.2.5 | 8.8.8.8 |
| Mar 20, 2025 11:47:06.422416925 CET | 53 | 63338 | 8.8.8.8 | 192.168.2.5 |
| Mar 20, 2025 11:47:06.424432993 CET | 53 | 54616 | 1.1.1.1 | 192.168.2.5 |
| Timestamp | Source IP | Dest IP | Checksum | Code | Type |
|---|---|---|---|---|---|
| Mar 20, 2025 11:44:50.846488953 CET | 192.168.2.5 | 1.1.1.1 | c237 | (Port unreachable) | Destination Unreachable |
| Mar 20, 2025 11:45:05.210052013 CET | 192.168.2.5 | 1.1.1.1 | c223 | (Port unreachable) | Destination Unreachable |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Mar 20, 2025 11:44:26.967468023 CET | 192.168.2.5 | 1.1.1.1 | 0x4076 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:26.967571974 CET | 192.168.2.5 | 1.1.1.1 | 0x71d6 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:44:27.967891932 CET | 192.168.2.5 | 1.1.1.1 | 0x7fc8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:27.967891932 CET | 192.168.2.5 | 1.1.1.1 | 0x5d2a | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:44:28.605668068 CET | 192.168.2.5 | 1.1.1.1 | 0x7765 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:28.606065989 CET | 192.168.2.5 | 1.1.1.1 | 0x3995 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:44:29.404664993 CET | 192.168.2.5 | 1.1.1.1 | 0xb7b1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:29.404923916 CET | 192.168.2.5 | 1.1.1.1 | 0xaaa6 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:44:50.707499981 CET | 192.168.2.5 | 1.1.1.1 | 0x67bf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:50.707829952 CET | 192.168.2.5 | 1.1.1.1 | 0x5f16 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:44:53.210269928 CET | 192.168.2.5 | 1.1.1.1 | 0x9155 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:53.212377071 CET | 192.168.2.5 | 1.1.1.1 | 0xcc42 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:44:53.963957071 CET | 192.168.2.5 | 1.1.1.1 | 0x49a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:44:53.964284897 CET | 192.168.2.5 | 1.1.1.1 | 0x7669 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:45:03.553293943 CET | 192.168.2.5 | 1.1.1.1 | 0xd5d1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:03.553432941 CET | 192.168.2.5 | 1.1.1.1 | 0x9cfa | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:45:03.757916927 CET | 192.168.2.5 | 1.1.1.1 | 0x5a36 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:03.997239113 CET | 192.168.2.5 | 8.8.8.8 | 0xf355 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:03.997462988 CET | 192.168.2.5 | 1.1.1.1 | 0x29aa | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:05.005170107 CET | 192.168.2.5 | 1.1.1.1 | 0x92f7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:05.005430937 CET | 192.168.2.5 | 1.1.1.1 | 0x8b02 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:45:10.178215027 CET | 192.168.2.5 | 1.1.1.1 | 0xd38a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:10.178642035 CET | 192.168.2.5 | 1.1.1.1 | 0xf570 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:45:10.386534929 CET | 192.168.2.5 | 1.1.1.1 | 0xbccc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:11.624140978 CET | 192.168.2.5 | 1.1.1.1 | 0x4247 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:11.624859095 CET | 192.168.2.5 | 1.1.1.1 | 0xe0b1 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:45:11.744426012 CET | 192.168.2.5 | 1.1.1.1 | 0x3628 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:11.744846106 CET | 192.168.2.5 | 8.8.8.8 | 0xd5e5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:35.061367035 CET | 192.168.2.5 | 1.1.1.1 | 0xc9d3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:41.764667988 CET | 192.168.2.5 | 1.1.1.1 | 0x913 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:45:41.764667988 CET | 192.168.2.5 | 1.1.1.1 | 0xf771 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:45:41.884093046 CET | 192.168.2.5 | 1.1.1.1 | 0x5aef | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:46:07.177397013 CET | 192.168.2.5 | 1.1.1.1 | 0x2e7b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:46:07.177654028 CET | 192.168.2.5 | 1.1.1.1 | 0xc214 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:46:07.195576906 CET | 192.168.2.5 | 1.1.1.1 | 0xe9f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:46:07.416526079 CET | 192.168.2.5 | 1.1.1.1 | 0x3ad | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:46:07.416898012 CET | 192.168.2.5 | 8.8.8.8 | 0x9e1f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:46:47.077923059 CET | 192.168.2.5 | 1.1.1.1 | 0x71ec | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:47:06.002079010 CET | 192.168.2.5 | 1.1.1.1 | 0x46e4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:47:06.002079964 CET | 192.168.2.5 | 1.1.1.1 | 0x8ca0 | Standard query (0) | 65 | IN (0x0001) | false | |
| Mar 20, 2025 11:47:06.205866098 CET | 192.168.2.5 | 1.1.1.1 | 0x8ef3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:47:06.326401949 CET | 192.168.2.5 | 1.1.1.1 | 0x8870 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 20, 2025 11:47:06.326613903 CET | 192.168.2.5 | 8.8.8.8 | 0x5e3 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Mar 20, 2025 11:44:27.069039106 CET | 1.1.1.1 | 192.168.2.5 | 0x71d6 | No error (0) | 65 | IN (0x0001) | false | |||
| Mar 20, 2025 11:44:27.069097042 CET | 1.1.1.1 | 192.168.2.5 | 0x4076 | No error (0) | 142.250.81.228 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:28.067917109 CET | 1.1.1.1 | 192.168.2.5 | 0x7fc8 | No error (0) | 151.101.2.137 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:28.067917109 CET | 1.1.1.1 | 192.168.2.5 | 0x7fc8 | No error (0) | 151.101.194.137 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:28.067917109 CET | 1.1.1.1 | 192.168.2.5 | 0x7fc8 | No error (0) | 151.101.130.137 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:28.067917109 CET | 1.1.1.1 | 192.168.2.5 | 0x7fc8 | No error (0) | 151.101.66.137 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:28.704018116 CET | 1.1.1.1 | 192.168.2.5 | 0x7765 | No error (0) | 207.174.26.219 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:29.502724886 CET | 1.1.1.1 | 192.168.2.5 | 0xb7b1 | No error (0) | 207.174.26.219 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:50.816636086 CET | 1.1.1.1 | 192.168.2.5 | 0x67bf | No error (0) | 3.168.73.69 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:50.816636086 CET | 1.1.1.1 | 192.168.2.5 | 0x67bf | No error (0) | 3.168.73.68 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:50.816636086 CET | 1.1.1.1 | 192.168.2.5 | 0x67bf | No error (0) | 3.168.73.9 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:50.816636086 CET | 1.1.1.1 | 192.168.2.5 | 0x67bf | No error (0) | 3.168.73.87 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:53.320365906 CET | 1.1.1.1 | 192.168.2.5 | 0x9155 | No error (0) | 3.168.73.87 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:53.320365906 CET | 1.1.1.1 | 192.168.2.5 | 0x9155 | No error (0) | 3.168.73.69 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:53.320365906 CET | 1.1.1.1 | 192.168.2.5 | 0x9155 | No error (0) | 3.168.73.9 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:53.320365906 CET | 1.1.1.1 | 192.168.2.5 | 0x9155 | No error (0) | 3.168.73.68 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:54.102371931 CET | 1.1.1.1 | 192.168.2.5 | 0x49a | No error (0) | 18.164.116.98 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:54.102371931 CET | 1.1.1.1 | 192.168.2.5 | 0x49a | No error (0) | 18.164.116.5 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:54.102371931 CET | 1.1.1.1 | 192.168.2.5 | 0x49a | No error (0) | 18.164.116.72 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:44:54.102371931 CET | 1.1.1.1 | 192.168.2.5 | 0x49a | No error (0) | 18.164.116.30 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:45:04.093293905 CET | 8.8.8.8 | 192.168.2.5 | 0xf355 | No error (0) | 142.251.40.142 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:45:04.094819069 CET | 1.1.1.1 | 192.168.2.5 | 0x29aa | No error (0) | 142.251.40.174 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:45:11.840703011 CET | 8.8.8.8 | 192.168.2.5 | 0xd5e5 | No error (0) | 142.250.72.110 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:45:11.842446089 CET | 1.1.1.1 | 192.168.2.5 | 0x3628 | No error (0) | 142.251.35.174 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:46:07.512203932 CET | 8.8.8.8 | 192.168.2.5 | 0x9e1f | No error (0) | 142.250.72.110 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:46:07.514111042 CET | 1.1.1.1 | 192.168.2.5 | 0x3ad | No error (0) | 142.250.65.174 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:47:06.422416925 CET | 8.8.8.8 | 192.168.2.5 | 0x5e3 | No error (0) | 142.250.72.110 | A (IP address) | IN (0x0001) | false | ||
| Mar 20, 2025 11:47:06.424432993 CET | 1.1.1.1 | 192.168.2.5 | 0x8870 | No error (0) | 142.251.41.14 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.5 | 49734 | 151.101.2.137 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:28 UTC | 539 | OUT | |
| 2025-03-20 10:44:28 UTC | 563 | IN | |
| 2025-03-20 10:44:28 UTC | 16384 | IN | |
| 2025-03-20 10:44:28 UTC | 16384 | IN | |
| 2025-03-20 10:44:28 UTC | 16384 | IN | |
| 2025-03-20 10:44:28 UTC | 16384 | IN | |
| 2025-03-20 10:44:28 UTC | 16384 | IN | |
| 2025-03-20 10:44:28 UTC | 7875 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.5 | 49735 | 207.174.26.219 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:28 UTC | 596 | OUT | |
| 2025-03-20 10:44:29 UTC | 380 | IN | |
| 2025-03-20 10:44:29 UTC | 3716 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.5 | 49736 | 207.174.26.219 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:29 UTC | 395 | OUT | |
| 2025-03-20 10:44:29 UTC | 380 | IN | |
| 2025-03-20 10:44:29 UTC | 3716 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:29 UTC | 4096 | IN | |
| 2025-03-20 10:44:30 UTC | 4096 | IN | |
| 2025-03-20 10:44:30 UTC | 4096 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.5 | 49743 | 3.168.73.69 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:51 UTC | 633 | OUT | |
| 2025-03-20 10:44:51 UTC | 91 | OUT | |
| 2025-03-20 10:44:53 UTC | 898 | IN | |
| 2025-03-20 10:44:53 UTC | 99 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.5 | 49744 | 3.168.73.87 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:53 UTC | 388 | OUT | |
| 2025-03-20 10:44:53 UTC | 959 | IN | |
| 2025-03-20 10:44:53 UTC | 239 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.5 | 49745 | 18.164.116.98 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:54 UTC | 460 | OUT | |
| 2025-03-20 10:44:54 UTC | 448 | IN | |
| 2025-03-20 10:44:54 UTC | 1366 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.5 | 49746 | 3.168.73.69 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:44:59 UTC | 633 | OUT | |
| 2025-03-20 10:44:59 UTC | 86 | OUT | |
| 2025-03-20 10:45:01 UTC | 898 | IN | |
| 2025-03-20 10:45:01 UTC | 98 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.5 | 49747 | 3.168.73.87 | 443 | 6984 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-20 10:45:01 UTC | 388 | OUT | |
| 2025-03-20 10:45:02 UTC | 959 | IN | |
| 2025-03-20 10:45:02 UTC | 239 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
| Target ID: | 1 |
| Start time: | 06:44:17 |
| Start date: | 20/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6952e0000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 2 |
| Start time: | 06:44:20 |
| Start date: | 20/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6952e0000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 5 |
| Start time: | 06:44:23 |
| Start date: | 20/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6952e0000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 8 |
| Start time: | 06:44:26 |
| Start date: | 20/03/2025 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6952e0000 |
| File size: | 3'388'000 bytes |
| MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
⊘No disassembly
