Windows
Analysis Report
http://xml-v4.srvqck9.com
Overview
Detection
Score: | 48 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 3772 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) chrome.exe (PID: 2548 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=2056,i ,163616600 8410916481 ,985019589 278040204, 262144 --d isable-fea tures=Opti mizationGu ideModelDo wnloading, Optimizati onHints,Op timization HintsFetch ing,Optimi zationTarg etPredicti on --varia tions-seed -version=2 0250306-18 3004.42900 0 --mojo-p latform-ch annel-hand le=2068 /p refetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
chrome.exe (PID: 6904 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://xml-v4 .srvqck9.c om" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
- • AV Detection
- • Phishing
- • Compliance
- • Networking
- • System Summary
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | malware |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
netdna.bootstrapcdn.com | 104.18.11.207 | true | false | high | |
popunder.bid | 72.167.252.76 | true | false | unknown | |
adright.xml-v4.ak-is2.net | 198.134.116.19 | true | false | high | |
www.google.com | 142.251.40.228 | true | false | high | |
xml-v4.srvqck9.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false | high | ||
false |
| unknown | |
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.251.40.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
72.167.252.76 | popunder.bid | United States | 26496 | AS-26496-GO-DADDY-COM-LLCUS | false | |
198.134.116.19 | adright.xml-v4.ak-is2.net | United States | 27257 | WEBAIR-INTERNETUS | false | |
104.18.11.207 | netdna.bootstrapcdn.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1646847 |
Start date and time: | 2025-03-24 10:08:14 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://xml-v4.srvqck9.com |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 20 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@22/6@10/5 |
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, a udiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHC lient.exe, SgrmBroker.exe, bac kgroundTaskHost.exe, conhost.e xe, svchost.exe - Excluded IPs from analysis (wh
itelisted): 142.251.40.142, 14 2.251.40.227, 142.251.167.84, 142.250.72.110, 142.251.41.3, 142.251.32.110, 142.251.40.206 , 142.250.81.238, 23.203.176.2 21, 199.232.214.172, 142.250.8 0.78, 142.251.35.174, 142.251. 40.110, 142.250.72.99, 142.250 .176.206, 142.251.41.14, 142.2 51.40.195, 23.204.23.20, 4.245 .163.56 - Excluded domains from analysis
(whitelisted): fs.microsoft.c om, accounts.google.com, slscr .update.microsoft.com, ctldl.w indowsupdate.com, clientservic es.googleapis.com, fe3cr.deliv ery.mp.microsoft.com, clients2 .google.com, ocsp.digicert.com , edgedl.me.gvt1.com, redirect or.gvt1.com, update.googleapis .com, clients.l.google.com, c. pki.goog - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtOpenFile calls found . - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data. - VT rate limit hit for: http:/
/xml-v4.srvqck9.com
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 824 |
Entropy (8bit): | 5.138388483109872 |
Encrypted: | false |
SSDEEP: | 12:qTpNVy7KSELAYiMbsQdyecbKUdHf7F7PArA+0Lcju4WH9QlV3mYvQb:0pNVC202sIyGl0LOuT9QP3xm |
MD5: | 7DCCA03DC78E47E88A5ED7C5AA99B7CC |
SHA1: | 3C9624D956F9F61648560E45AC37ABD2C7B01749 |
SHA-256: | E174B1C1BA782F11BC8C90B7F1EDE589EF76CF108064EA91BE54F1FC3A1B4F53 |
SHA-512: | 3BD63A966A943ABCDF9714EFEE000A9E36702D79DFA7AA9B1CC47125029AF4F94398F8AE90C3A0988CA6670AF034F9D110EF8DEE4FD43FE0C9B11403F2609680 |
Malicious: | false |
Reputation: | low |
URL: | https://popunder.bid/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 315 |
Entropy (8bit): | 5.0572271090563765 |
Encrypted: | false |
SSDEEP: | 6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR |
MD5: | A34AC19F4AFAE63ADC5D2F7BC970C07F |
SHA1: | A82190FC530C265AA40A045C21770D967F4767B8 |
SHA-256: | D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3 |
SHA-512: | 42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765 |
Malicious: | false |
Reputation: | low |
URL: | https://popunder.bid/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 101595 |
Entropy (8bit): | 5.114764853341008 |
Encrypted: | false |
SSDEEP: | 768:CbB4YDHYZJwnYJ82GxwmsBW/kzarbZbO6xNCMBm0Cp89ifTXtQJar:uIknYJ8jwU/k+U60f89aXv |
MD5: | 937876BACFEFA6AD4B64756B3834D94C |
SHA1: | 6BFE09A746F64D12EC484D17767A7FD011BF5FB3 |
SHA-256: | 11C74AED50911D54C04455FE1D9C04F42C5F6CF438A94976F890F25F2A59F699 |
SHA-512: | 79C60B0468798903CA91D0628E9FAD547324151D8DD977DBB04F37FFD9C533FAB048BB2300F19197BCFE8E90168F9127C36B38352FBD8476FF57184FD425188D |
Malicious: | false |
Reputation: | low |
URL: | https://netdna.bootstrapcdn.com/bootstrap/3.1.0/css/bootstrap.min.css |
Preview: |
Download Network PCAP: filtered – full
- Total Packets: 150
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 24, 2025 10:09:12.192652941 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:12.601185083 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:13.224426985 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:14.427813053 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:14.858645916 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:14.858696938 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:14.858753920 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:14.858952045 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:14.858963013 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:15.058933973 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:15.059016943 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:15.060801029 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:15.060823917 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:15.061146021 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:15.115309000 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:16.833842993 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:17.737143993 CET | 49724 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:17.737498999 CET | 49725 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:17.757602930 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:17.757635117 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:17.757843018 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:17.757966042 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:17.757975101 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:17.829998016 CET | 80 | 49724 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:17.830089092 CET | 49724 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:17.830935001 CET | 80 | 49725 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:17.831041098 CET | 49725 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:18.061069965 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.061165094 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:18.062333107 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:18.062344074 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.062695980 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.063062906 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:18.108335018 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.160799980 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.160887003 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.161118031 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:18.163127899 CET | 49726 | 443 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:18.163141012 CET | 443 | 49726 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:18.275878906 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:18.275928020 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:18.276024103 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:18.276177883 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:18.276190996 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:18.760760069 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:18.760864019 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:18.888335943 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:18.888365030 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:18.888710976 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:18.895047903 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:18.936330080 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:19.059564114 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:19.059735060 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:19.059824944 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:19.111838102 CET | 49727 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:19.111905098 CET | 443 | 49727 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:19.248152971 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.248240948 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.248343945 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.248476982 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.248508930 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.459104061 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.459192038 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.460335016 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.460352898 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.460604906 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.460841894 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.508363962 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704540014 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704606056 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704642057 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704669952 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.704679012 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704703093 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704722881 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.704740047 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704770088 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704780102 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.704786062 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704845905 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.704850912 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704916954 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.704962969 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.704968929 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705077887 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705128908 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.705133915 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705374956 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705404997 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705437899 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.705451012 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705486059 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705497980 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.705502033 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.705563068 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.705916882 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.706041098 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.706074953 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.706087112 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.706093073 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.706140995 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.706146002 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.707916021 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.707948923 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.707973957 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.707982063 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.708023071 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.708045006 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.708050013 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709002018 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.709007025 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709083080 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709127903 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.709134102 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709213972 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709245920 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709259033 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.709264040 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709304094 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.709886074 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709954023 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.709985971 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710000038 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.710006952 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710047960 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710067034 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.710071087 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710103989 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710117102 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.710122108 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710146904 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710182905 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.710187912 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.710230112 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.756565094 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.804317951 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.804408073 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.804420948 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.804471016 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.804528952 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.804585934 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.805107117 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.805175066 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.805177927 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.805190086 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.805233002 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.806200981 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.806240082 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.806266069 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.806276083 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.806303978 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.807820082 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.807895899 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.807902098 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.807951927 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.808244944 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.808300018 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.808332920 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.808382988 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.808620930 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.808679104 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.808685064 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.808732033 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.808738947 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.808751106 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.808820963 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.809819937 CET | 49728 | 443 | 192.168.2.4 | 104.18.11.207 |
Mar 24, 2025 10:09:19.809834003 CET | 443 | 49728 | 104.18.11.207 | 192.168.2.4 |
Mar 24, 2025 10:09:19.846612930 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:19.846657038 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:19.846726894 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:19.846939087 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:19.846951008 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.166091919 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.166433096 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:20.166455030 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.166603088 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:20.166608095 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.528058052 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.528142929 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.528192997 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:20.530044079 CET | 49732 | 443 | 192.168.2.4 | 72.167.252.76 |
Mar 24, 2025 10:09:20.530076981 CET | 443 | 49732 | 72.167.252.76 | 192.168.2.4 |
Mar 24, 2025 10:09:20.849473000 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:21.161523104 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:21.646986961 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:21.770905972 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:22.974009991 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:24.132021904 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:24.428957939 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:24.437509060 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.439044952 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.439308882 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.540098906 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.541086912 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.541187048 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.541245937 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.541301012 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.541342974 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.541501045 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.541564941 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.541778088 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.544104099 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.544151068 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.544171095 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.544188976 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.551973104 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.644349098 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.653857946 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.656714916 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.656771898 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.656821012 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 10:09:24.656858921 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 10:09:24.659619093 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:24.660171032 CET | 49735 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:24.660222054 CET | 443 | 49735 | 204.79.197.222 | 192.168.2.4 |
Mar 24, 2025 10:09:24.660296917 CET | 49735 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:24.660556078 CET | 49735 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:24.660572052 CET | 443 | 49735 | 204.79.197.222 | 192.168.2.4 |
Mar 24, 2025 10:09:24.879287004 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:09:24.961707115 CET | 443 | 49735 | 204.79.197.222 | 192.168.2.4 |
Mar 24, 2025 10:09:24.961786985 CET | 49735 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:24.973968983 CET | 80 | 49736 | 142.250.80.99 | 192.168.2.4 |
Mar 24, 2025 10:09:24.974073887 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:09:24.974109888 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:24.974890947 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:09:25.036420107 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:25.070394039 CET | 80 | 49736 | 142.250.80.99 | 192.168.2.4 |
Mar 24, 2025 10:09:25.070893049 CET | 80 | 49736 | 142.250.80.99 | 192.168.2.4 |
Mar 24, 2025 10:09:25.076512098 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:09:25.094347000 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:25.094485998 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:25.094542980 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:25.173583031 CET | 80 | 49736 | 142.250.80.99 | 192.168.2.4 |
Mar 24, 2025 10:09:25.223844051 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:09:25.380254984 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:25.583882093 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:26.241002083 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:26.671399117 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:09:26.671426058 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:09:26.803538084 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:28.019942045 CET | 80 | 49724 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:28.020020008 CET | 49724 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:28.082287073 CET | 80 | 49725 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:28.082374096 CET | 49725 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:28.646719933 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:28.648924112 CET | 49724 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:28.649096966 CET | 49725 | 80 | 192.168.2.4 | 198.134.116.19 |
Mar 24, 2025 10:09:28.744750023 CET | 80 | 49724 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:28.745475054 CET | 80 | 49725 | 198.134.116.19 | 192.168.2.4 |
Mar 24, 2025 10:09:29.209108114 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:30.193542004 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:31.255379915 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 10:09:33.458549023 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:34.021049023 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:09:39.807356119 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 10:09:43.084228992 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 10:09:43.631046057 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 10:10:14.819983006 CET | 49743 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:10:14.820027113 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:10:14.820091963 CET | 49743 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:10:14.820476055 CET | 49743 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:10:14.820488930 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:10:15.025820971 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:10:15.026268959 CET | 49743 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:10:15.026299000 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:10:25.040461063 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:10:25.040555954 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 10:10:25.040637016 CET | 49743 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:10:25.474679947 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:10:25.572247028 CET | 80 | 49736 | 142.250.80.99 | 192.168.2.4 |
Mar 24, 2025 10:10:25.572348118 CET | 49736 | 80 | 192.168.2.4 | 142.250.80.99 |
Mar 24, 2025 10:10:26.648518085 CET | 49743 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 10:10:26.648612976 CET | 443 | 49743 | 142.251.40.228 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 24, 2025 10:09:13.030369043 CET | 53 | 51031 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:13.033025026 CET | 53 | 60645 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:13.583590984 CET | 53 | 50435 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:13.760891914 CET | 53 | 52678 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:14.757764101 CET | 60201 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:14.758867025 CET | 52493 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:14.856781960 CET | 53 | 60201 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:14.857768059 CET | 53 | 52493 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:17.629882097 CET | 53340 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:17.630120993 CET | 61798 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:17.649141073 CET | 62661 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:17.649343014 CET | 63479 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:17.732986927 CET | 53 | 53340 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:17.735876083 CET | 53 | 61798 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:17.751898050 CET | 53 | 62661 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:17.756925106 CET | 53 | 63479 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:18.165925026 CET | 62520 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:18.166230917 CET | 50980 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:18.273442984 CET | 53 | 50980 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:18.275177002 CET | 53 | 62520 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:19.140887976 CET | 50523 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:19.141036034 CET | 56329 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 10:09:19.241647959 CET | 53 | 56329 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:19.242770910 CET | 53 | 50523 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:30.821953058 CET | 53 | 53029 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:09:49.691842079 CET | 53 | 53289 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:10:12.110114098 CET | 53 | 56932 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:10:12.422826052 CET | 53 | 59142 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:10:16.501420021 CET | 53 | 53836 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 10:10:20.402244091 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 24, 2025 10:09:14.757764101 CET | 192.168.2.4 | 1.1.1.1 | 0xd633 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 10:09:14.758867025 CET | 192.168.2.4 | 1.1.1.1 | 0x7f8a | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 10:09:17.629882097 CET | 192.168.2.4 | 1.1.1.1 | 0x28a5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 10:09:17.630120993 CET | 192.168.2.4 | 1.1.1.1 | 0x5e40 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 10:09:17.649141073 CET | 192.168.2.4 | 1.1.1.1 | 0x8f6d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 10:09:17.649343014 CET | 192.168.2.4 | 1.1.1.1 | 0xec0e | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 10:09:18.165925026 CET | 192.168.2.4 | 1.1.1.1 | 0x199d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 10:09:18.166230917 CET | 192.168.2.4 | 1.1.1.1 | 0x708e | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 10:09:19.140887976 CET | 192.168.2.4 | 1.1.1.1 | 0x8dff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 10:09:19.141036034 CET | 192.168.2.4 | 1.1.1.1 | 0x28b6 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 24, 2025 10:09:14.856781960 CET | 1.1.1.1 | 192.168.2.4 | 0xd633 | No error (0) | 142.251.40.228 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:14.857768059 CET | 1.1.1.1 | 192.168.2.4 | 0x7f8a | No error (0) | 65 | IN (0x0001) | false | |||
Mar 24, 2025 10:09:17.732986927 CET | 1.1.1.1 | 192.168.2.4 | 0x28a5 | No error (0) | adright.xml-v4.ak-is2.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:17.732986927 CET | 1.1.1.1 | 192.168.2.4 | 0x28a5 | No error (0) | 198.134.116.19 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:17.735876083 CET | 1.1.1.1 | 192.168.2.4 | 0x5e40 | No error (0) | adright.xml-v4.ak-is2.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:17.751898050 CET | 1.1.1.1 | 192.168.2.4 | 0x8f6d | No error (0) | adright.xml-v4.ak-is2.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:17.751898050 CET | 1.1.1.1 | 192.168.2.4 | 0x8f6d | No error (0) | 198.134.116.19 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:17.756925106 CET | 1.1.1.1 | 192.168.2.4 | 0xec0e | No error (0) | adright.xml-v4.ak-is2.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:18.275177002 CET | 1.1.1.1 | 192.168.2.4 | 0x199d | No error (0) | 72.167.252.76 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:19.241647959 CET | 1.1.1.1 | 192.168.2.4 | 0x28b6 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 24, 2025 10:09:19.242770910 CET | 1.1.1.1 | 192.168.2.4 | 0x8dff | No error (0) | 104.18.11.207 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 10:09:19.242770910 CET | 1.1.1.1 | 192.168.2.4 | 0x8dff | No error (0) | 104.18.10.207 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 142.250.80.99 | 80 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 24, 2025 10:09:24.974890947 CET | 202 | OUT | |
Mar 24, 2025 10:09:25.070893049 CET | 223 | IN | |
Mar 24, 2025 10:09:25.076512098 CET | 200 | OUT | |
Mar 24, 2025 10:09:25.173583031 CET | 223 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49726 | 198.134.116.19 | 443 | 2548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 09:09:18 UTC | 668 | OUT | |
2025-03-24 09:09:18 UTC | 169 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49727 | 72.167.252.76 | 443 | 2548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 09:09:18 UTC | 662 | OUT | |
2025-03-24 09:09:19 UTC | 289 | IN | |
2025-03-24 09:09:19 UTC | 824 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49728 | 104.18.11.207 | 443 | 2548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 09:09:19 UTC | 611 | OUT | |
2025-03-24 09:09:19 UTC | 952 | IN | |
2025-03-24 09:09:19 UTC | 417 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN | |
2025-03-24 09:09:19 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49732 | 72.167.252.76 | 443 | 2548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 09:09:20 UTC | 587 | OUT | |
2025-03-24 09:09:20 UTC | 164 | IN | |
2025-03-24 09:09:20 UTC | 315 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 1 |
Start time: | 05:09:07 |
Start date: | 24/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 05:09:09 |
Start date: | 24/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff62fc20000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 4 |
Start time: | 05:09:16 |
Start date: | 24/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |