Windows
Analysis Report
http://clyy.981169.mdduel.com/rd/4tdTZC5863sQaD697esgeamuxmo320SZLLRUMDGAWEOWN3075INMB39155M12
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 5468 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) chrome.exe (PID: 5284 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=1968,i ,173598504 4482404851 9,32628385 2900756230 2,262144 - -disable-f eatures=Op timization GuideModel Downloadin g,Optimiza tionHints, Optimizati onHintsFet ching,Opti mizationTa rgetPredic tion --var iations-se ed-version =20250306- 183004.429 000 --mojo -platform- channel-ha ndle=1996 /prefetch: 3 MD5: E81F54E6C1129887AEA47E7D092680BF)
chrome.exe (PID: 6868 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://clyy.9 81169.mddu el.com/rd/ 4tdTZC5863 sQaD697esg eamuxmo320 SZLLRUMDGA WEOWN3075I NMB39155M1 2" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-24T12:28:04.760863+0100 | 2859623 | 1 | Exploit Kit Activity Detected | 185.246.86.174 | 80 | 192.168.2.4 | 49722 | TCP |
- • Phishing
- • Compliance
- • Networking
- • System Summary
Click to jump to signature section
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Networking |
---|
Source: | Suricata IDS: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
j.sni.global.fastly.net | 151.101.2.132 | true | false | high | |
www.google.com | 142.251.40.228 | true | false | high | |
clyy.981169.mdduel.com | 185.246.86.174 | true | true | unknown | |
e197183.dsca.akamaiedge.net | 23.33.42.153 | true | false | high | |
moxie.foxnews.com | unknown | unknown | false | high | |
www.foxnews.com | unknown | unknown | false | high | |
feeds.foxnews.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
false | unknown | ||
true | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.251.40.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
185.246.86.174 | clyy.981169.mdduel.com | France | 21409 | IKOULAFR | true | |
151.101.2.132 | j.sni.global.fastly.net | United States | 54113 | FASTLYUS | false |
IP |
---|
192.168.2.4 |
192.168.2.13 |
192.168.2.23 |
192.168.2.14 |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1646909 |
Start date and time: | 2025-03-24 12:26:58 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 22s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://clyy.981169.mdduel.com/rd/4tdTZC5863sQaD697esgeamuxmo320SZLLRUMDGAWEOWN3075INMB39155M12 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 20 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@21/15@14/7 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, a udiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHC lient.exe, SgrmBroker.exe, bac kgroundTaskHost.exe, conhost.e xe, svchost.exe - Excluded IPs from analysis (wh
itelisted): 142.251.40.206, 14 2.251.179.84, 142.250.65.238, 142.250.176.195, 142.250.80.46 , 142.251.40.110, 142.250.65.2 06, 199.232.210.172, 23.203.17 6.221, 199.232.214.172, 142.25 0.176.206, 142.250.81.238, 142 .250.80.106, 142.251.40.202, 1 42.250.81.234, 142.251.35.170, 142.251.32.106, 142.250.72.10 6, 142.251.41.10, 142.251.40.2 34, 142.250.80.10, 142.250.80. 74, 142.250.80.42, 142.250.65. 234, 142.250.65.170, 142.250.1 76.202, 142.250.65.202, 172.21 7.165.138, 142.250.80.78, 142. 251.32.110, 142.250.80.35, 142 .251.40.238, 142.251.41.3, 184 .31.69.3, 4.245.163.56, 52.149 .20.212 - Excluded domains from analysis
(whitelisted): fs.microsoft.c om, accounts.google.com, conte nt-autofill.googleapis.com, sl scr.update.microsoft.com, ctld l.windowsupdate.com, clientser vices.googleapis.com, fe3cr.de livery.mp.microsoft.com, clien ts2.google.com, ocsp.digicert. com, edgedl.me.gvt1.com, redir ector.gvt1.com, update.googlea pis.com, clients.l.google.com, c.pki.goog - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtOpenFile calls found . - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data. - VT rate limit hit for: http:/
/clyy.981169.mdduel.com/rd/4td TZC5863sQaD697esgeamuxmo320SZL LRUMDGAWEOWN3075INMB39155M12
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.875 |
Encrypted: | false |
SSDEEP: | 3:HoUinYn:IUyY |
MD5: | 903747EA4323C522742842A52CE710C9 |
SHA1: | 9F806EA4288867A31A4AD53AC171AA4029DF182B |
SHA-256: | 4BD8B60F91849C936AE45615145A7B7BE2CF803322A30BABBAE7267A142CA5BB |
SHA-512: | EEF73DC29A38ED70FFCFC321931BCB5B5A29FAAC356E8F6D84F57C532EEF44AE75021C341CF7DAE26B8211924A1C0E0EC4735F6BFC4AF3970A48EB63BFB7895F |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCXV5LS7x6-vrEgUNg6hbPSEvU1Z0pOi_Sg==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2873 |
Entropy (8bit): | 4.857327057774731 |
Encrypted: | false |
SSDEEP: | 48:ZuJJpI4LLIk6ddLHJy8A3SXUV/ot5CjsEn+yxw4Dj7jvj:m3LLIk6T9yvGssE5x7 |
MD5: | 1576F13E2D999080421ED6B25FFBCF4A |
SHA1: | 489D69359BF6A5D5A3BAC0BB93559115C405C5E4 |
SHA-256: | 48BF69899BBBD155BE0FCCEEE5454A14A07DD834193AA190122D9BDBBD311A83 |
SHA-512: | 15B24F60426FBEBCF0DE08FFD4CA6DE0FE9FA3B2E9F15594021D47102AB6F62FF0DB5F1DE199844F89D68151105B96841794D9D782B5A15544D3065B92FFE3C9 |
Malicious: | false |
Reputation: | low |
URL: | http://clyy.981169.mdduel.com/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 182 |
Entropy (8bit): | 4.87578959081985 |
Encrypted: | false |
SSDEEP: | 3:gH8IIRRQLGRFfHFwOkADFoCK0SffUCvZECavF/dLbGuQ87e/efUCvZECfvV/VMrt:uIRnXHFmmmJ0SHUCv6HvNJKSK/SUCv69 |
MD5: | E06B4BE56D710C6D17E246B065A39489 |
SHA1: | 1833DFBD311276EE8B865D98FDA7D497A77917A9 |
SHA-256: | B3B13B0F84AC00011263AA2764FF4754B18A6BC422A63C45E8D22580FE253B4A |
SHA-512: | 3BC223937B55BEEBCAC542E12FAD65AA8797059FB42443F718F6084AADFC0E364435F82D26553874F1D2E886066F305F987674BEB4C4EC299838D4DBFFC8CE62 |
Malicious: | false |
Reputation: | low |
URL: | http://clyy.981169.mdduel.com/t/4tdTZC5863sQaD697esgeamuxmo320SZLLRUMDGAWEOWN3075INMB39155M12 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1435 |
Entropy (8bit): | 4.7130828204283555 |
Encrypted: | false |
SSDEEP: | 24:UkvMuGRKe7+U6eSEMDSaGvMdufqGmnoSPfzS7pvMugQrYFv0CGSTYFUL9MtDY3Ss:Uk9w7x9sHGgufRNkz09fcFMCGJFUL9MO |
MD5: | 1FB5EDFEA0AF10D301EFCD56738BA30A |
SHA1: | 1AAC6EB08825AD63AC334CFF1F816CC9ECA71219 |
SHA-256: | 161D0961994DD86814FAFBA6EDD6FA7A75D17B19B2E60E1EE01ADAA9EA19DADC |
SHA-512: | A0C3F78B663E01D24DDD53AF6D0D1E3E9DD743C3E4CB6FC8F45588BCC37AB3923A2992505C4842D9E451692A7E7495155F58BFED056BCFE57E02204603F962DD |
Malicious: | false |
Reputation: | low |
URL: | http://clyy.981169.mdduel.com/assets/styles.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 208097 |
Entropy (8bit): | 4.804209000722071 |
Encrypted: | false |
SSDEEP: | 6144:5wFHoZj3/iWpniIIwDvzc3LypC0gXbsjsnPCOMuFCmrR1E59fLDCF3wMwy/nyO1M:5wFHoZj3/iWpniIIwDvo3LMCHXbsjsny |
MD5: | B8F865FDCB3010D47AEDD63D79358DB3 |
SHA1: | F2A9BAC62DA8CCBC8A80A6381B38D5A0AB233F66 |
SHA-256: | 5F917C51EA0B9885E1D4C7AD0CF4F8428964DD3C37C5BFEDEB37DF54C6B6E406 |
SHA-512: | 3699D33DAE3E0D60CFC57B0E9E7B2A7A9CFF89F1B8F13100052DC5289EF96DB708198DB2441E0D471C9E0200CEDFD361665530E691BAB45679B30552FEF542EB |
Malicious: | false |
Reputation: | low |
URL: | https://moxie.foxnews.com/google-publisher/world.xml |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 208097 |
Entropy (8bit): | 4.804209000722071 |
Encrypted: | false |
SSDEEP: | 6144:5wFHoZj3/iWpniIIwDvzc3LypC0gXbsjsnPCOMuFCmrR1E59fLDCF3wMwy/nyO1M:5wFHoZj3/iWpniIIwDvo3LMCHXbsjsny |
MD5: | B8F865FDCB3010D47AEDD63D79358DB3 |
SHA1: | F2A9BAC62DA8CCBC8A80A6381B38D5A0AB233F66 |
SHA-256: | 5F917C51EA0B9885E1D4C7AD0CF4F8428964DD3C37C5BFEDEB37DF54C6B6E406 |
SHA-512: | 3699D33DAE3E0D60CFC57B0E9E7B2A7A9CFF89F1B8F13100052DC5289EF96DB708198DB2441E0D471C9E0200CEDFD361665530E691BAB45679B30552FEF542EB |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 235 |
Entropy (8bit): | 4.996687328840349 |
Encrypted: | false |
SSDEEP: | 6:HXQI4ySmfH1A7YmmBi7YmjA0VhM+yp7YmmJyR13YoVL:HXYknxJX0VM2xYwIL |
MD5: | 41735C0E24BE1E5BD89C1F6531207494 |
SHA1: | 9EAE1BFA3B43E52C21E87FABCD63A4C2A3E55554 |
SHA-256: | A594B117BC9C64745935F48B866C3CAA70CDED9C35EE02841A28277F3E75FFE3 |
SHA-512: | 2CE91960620061DE0C91383930CC83BA32CCAD82E75C6CF8678CCF907021EA8D2901B327AF67565593D765873FD7988AA533753A2B8E94E2FB38D71C3A3C787F |
Malicious: | false |
Reputation: | low |
URL: | http://clyy.981169.mdduel.com/rd/4tdTZC5863sQaD697esgeamuxmo320SZLLRUMDGAWEOWN3075INMB39155M12 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3191 |
Entropy (8bit): | 4.575800806181905 |
Encrypted: | false |
SSDEEP: | 48:vutC1AFRZpvtph6F6BgxVbaCdQciJ2ZBgof6PM5FGxs7vtj:vuI1Yd6ygx4cA2 |
MD5: | 2FF3DB5F2A7E2CAE6108276A95DAC947 |
SHA1: | 7C50564699081E3BB1494BEE2B7C625819F58033 |
SHA-256: | EC6FBB6F58061502FF1124B2EA2FDEFCB0C812BB3A102CD1C1AA2A6B286E7F5E |
SHA-512: | 3CE30351E058DD0A80A6A9789B7F0DF3DAE7D50789546D448ED20A84C1821DAD05A67DA95A85018960488D65182D3DE5C8B0AFA2507595EF7E98490166E9DA78 |
Malicious: | false |
Reputation: | low |
URL: | http://clyy.981169.mdduel.com/news?q=This%20link%20is%20locked! |
Preview: |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-24T12:28:04.760863+0100 | 2859623 | ETPRO EXPLOIT_KIT FoxTDS Filtered Locked | 1 | 185.246.86.174 | 80 | 192.168.2.4 | 49722 | TCP |
- Total Packets: 203
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 24, 2025 12:27:56.602447033 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:27:56.930243969 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:27:57.727446079 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:27:58.930313110 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:28:01.342652082 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:28:01.696408033 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:01.696449041 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:01.696557999 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:01.696759939 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:01.696775913 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:01.894673109 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:01.894752026 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:01.896303892 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:01.896322012 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:01.896584034 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:01.936408997 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:02.672200918 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:02.672274113 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:02.720714092 CET | 49723 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:02.720781088 CET | 443 | 49723 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:02.720932007 CET | 49723 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:02.721218109 CET | 49723 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:02.721235991 CET | 443 | 49723 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:02.837728024 CET | 80 | 49721 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:02.837758064 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:02.837872982 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:02.837974072 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:03.391489029 CET | 443 | 49723 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:03.391575098 CET | 443 | 49723 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:03.391645908 CET | 49723 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:03.392152071 CET | 49723 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:03.392179012 CET | 443 | 49723 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:03.392874002 CET | 49724 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:03.392924070 CET | 443 | 49724 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:03.392995119 CET | 49724 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:03.393219948 CET | 49724 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:03.393237114 CET | 443 | 49724 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.059701920 CET | 443 | 49724 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.059875965 CET | 443 | 49724 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.060225010 CET | 49724 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:04.060571909 CET | 49724 | 443 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:04.060595036 CET | 443 | 49724 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.064285040 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:04.226993084 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.227592945 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.271485090 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:04.476042986 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.538629055 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.589034081 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:04.595830917 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:04.760863066 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.761006117 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:04.805041075 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:05.368124962 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:05.621231079 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:05.682192087 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:05.787187099 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:05.787246943 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:05.787292004 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:05.787616014 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:05.844333887 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:06.155205965 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:28:06.196671963 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.196748018 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.196826935 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.199908018 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.199923038 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.283376932 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:06.399420023 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.399513006 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.406833887 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.406843901 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.407186031 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.407538891 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.452362061 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.577764988 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.577867031 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.578102112 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.578238010 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.578288078 CET | 443 | 49732 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.578315020 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.578406096 CET | 49732 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.688033104 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.688080072 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.688138008 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.688357115 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.688374043 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.925614119 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.925728083 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.927154064 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.927165985 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.927547932 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:06.928143978 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:06.968343973 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.107211113 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.123192072 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.123215914 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.123275995 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.123301983 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.123317003 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.123367071 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.152465105 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.152508974 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.152534008 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.152549028 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.152582884 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.195719957 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.214183092 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.214209080 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.214276075 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.214293003 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.214332104 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.214353085 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.228099108 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.228121042 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.228167057 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.228177071 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.228276014 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.228276014 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.242155075 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.242176056 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.242244005 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.242255926 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.242285013 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.242294073 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.288017988 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.288042068 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.288388014 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.288403988 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.288470030 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.299159050 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.299181938 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.299242020 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.299252987 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.299293041 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.310045958 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.310066938 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.310132027 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.310142994 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.310198069 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.316639900 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.316673994 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.316708088 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.316715956 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.316754103 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.316767931 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.326777935 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.326796055 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.326853991 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.326864004 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.327043056 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.333887100 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.333904028 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.333957911 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.333966970 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.334104061 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.334104061 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.339724064 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.339745998 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.339813948 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.339822054 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.339921951 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.342885017 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.342927933 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.342951059 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.342957973 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.342971087 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.342991114 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.343010902 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.343292952 CET | 49733 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.343306065 CET | 443 | 49733 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.461211920 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.461249113 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.461329937 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.461479902 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.461493015 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.492790937 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:07.655334949 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.655404091 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.655884981 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.655895948 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.656230927 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.656461954 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.704329967 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.839827061 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.851969957 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.851989985 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.852062941 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.852087975 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.852165937 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.873693943 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.873720884 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.873795033 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.873836994 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.873867989 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.930294991 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.944727898 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.944760084 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.944843054 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.944864035 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.944911957 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.958435059 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.958477020 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.958515882 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.958524942 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.958565950 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.969400883 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.969424009 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.969501972 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:07.969527006 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:07.969655037 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.024221897 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.024250031 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.024323940 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.024380922 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.024403095 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.024600029 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.032464027 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.032491922 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.032547951 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.032577991 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.032598972 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.032624006 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.042316914 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.042337894 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.042398930 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.042418003 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.042433023 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.042458057 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.050673008 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.050693989 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.050750971 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.050761938 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.050808907 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.059174061 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.059201956 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.059545040 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.059567928 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.059748888 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.065812111 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.065833092 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.065906048 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.065922022 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.066243887 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.070733070 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.070753098 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.070811033 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.070825100 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.070894957 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.074661970 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.074712038 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.074750900 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.074754953 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.074780941 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.074801922 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.075134993 CET | 49734 | 443 | 192.168.2.4 | 151.101.2.132 |
Mar 24, 2025 12:28:08.075148106 CET | 443 | 49734 | 151.101.2.132 | 192.168.2.4 |
Mar 24, 2025 12:28:08.846769094 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:09.142709970 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.149019957 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:09.150105953 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.152229071 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.240888119 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.242125034 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.242209911 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.242472887 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.242522001 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.250323057 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.253320932 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.253360033 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.253407955 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.255513906 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.255526066 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.255600929 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.284967899 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.352724075 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.383795023 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.386101007 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.386113882 CET | 443 | 49709 | 131.253.33.254 | 192.168.2.4 |
Mar 24, 2025 12:28:09.386158943 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.386173964 CET | 49709 | 443 | 192.168.2.4 | 131.253.33.254 |
Mar 24, 2025 12:28:09.394870996 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:09.395498037 CET | 49737 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:09.395529985 CET | 443 | 49737 | 204.79.197.222 | 192.168.2.4 |
Mar 24, 2025 12:28:09.395600080 CET | 49737 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:09.396078110 CET | 49737 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:09.396091938 CET | 443 | 49737 | 204.79.197.222 | 192.168.2.4 |
Mar 24, 2025 12:28:09.568335056 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:28:09.658231020 CET | 80 | 49738 | 142.251.40.227 | 192.168.2.4 |
Mar 24, 2025 12:28:09.658324003 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:28:09.658489943 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:28:09.695899010 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:09.697448015 CET | 443 | 49737 | 204.79.197.222 | 192.168.2.4 |
Mar 24, 2025 12:28:09.697550058 CET | 49737 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:09.748055935 CET | 80 | 49738 | 142.251.40.227 | 192.168.2.4 |
Mar 24, 2025 12:28:09.748214006 CET | 80 | 49738 | 142.251.40.227 | 192.168.2.4 |
Mar 24, 2025 12:28:09.755034924 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:28:09.758388996 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:09.845347881 CET | 80 | 49738 | 142.251.40.227 | 192.168.2.4 |
Mar 24, 2025 12:28:09.898504019 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:28:09.898555994 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:10.304991961 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:10.961302996 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:11.508479118 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:11.885740995 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:11.885871887 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:11.885936022 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:13.367358923 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:13.512006998 CET | 49720 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:28:13.512041092 CET | 443 | 49720 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:28:13.914211988 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:14.711119890 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:15.773431063 CET | 49671 | 443 | 192.168.2.4 | 204.79.197.203 |
Mar 24, 2025 12:28:17.097290993 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:17.260566950 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:17.260598898 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:17.260668993 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:17.260782003 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:17.287102938 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:17.460067987 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:17.460094929 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:17.460161924 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:18.179524899 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:18.366722107 CET | 80 | 49721 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:18.366811037 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:18.726423979 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:24.316739082 CET | 49678 | 443 | 192.168.2.4 | 20.189.173.27 |
Mar 24, 2025 12:28:27.787219048 CET | 49681 | 80 | 192.168.2.4 | 2.17.190.73 |
Mar 24, 2025 12:28:28.335525036 CET | 49680 | 443 | 192.168.2.4 | 204.79.197.222 |
Mar 24, 2025 12:28:32.701627016 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:32.701704979 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:33.725608110 CET | 80 | 49721 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:33.725709915 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:47.855082989 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:28:48.020533085 CET | 80 | 49721 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:48.062752008 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:28:48.062824011 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:29:01.669111967 CET | 49746 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:29:01.669152975 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:01.669229031 CET | 49746 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:29:01.672739983 CET | 49746 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:29:01.672765017 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:01.870126963 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:01.870433092 CET | 49746 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:29:01.870460987 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:02.462265968 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:29:02.626653910 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:29:03.421791077 CET | 80 | 49721 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:29:03.421838999 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:29:03.498209953 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:29:03.665705919 CET | 80 | 49721 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:29:03.666161060 CET | 49721 | 80 | 192.168.2.4 | 185.246.86.174 |
Mar 24, 2025 12:29:10.148720980 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:29:10.241998911 CET | 80 | 49738 | 142.251.40.227 | 192.168.2.4 |
Mar 24, 2025 12:29:10.242058992 CET | 49738 | 80 | 192.168.2.4 | 142.251.40.227 |
Mar 24, 2025 12:29:11.910494089 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:11.910552979 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:11.910751104 CET | 49746 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:29:13.528534889 CET | 49746 | 443 | 192.168.2.4 | 142.251.40.228 |
Mar 24, 2025 12:29:13.528572083 CET | 443 | 49746 | 142.251.40.228 | 192.168.2.4 |
Mar 24, 2025 12:29:17.757639885 CET | 80 | 49722 | 185.246.86.174 | 192.168.2.4 |
Mar 24, 2025 12:29:17.757698059 CET | 49722 | 80 | 192.168.2.4 | 185.246.86.174 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 24, 2025 12:27:57.506561041 CET | 53 | 65467 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:27:57.506834030 CET | 53 | 57202 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:27:58.068646908 CET | 53 | 61011 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:27:58.231359959 CET | 53 | 57372 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:01.594021082 CET | 50420 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:01.594258070 CET | 50063 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:01.693101883 CET | 53 | 50420 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:01.693120956 CET | 53 | 50063 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:02.560476065 CET | 56157 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:02.563178062 CET | 56270 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:02.578469038 CET | 56358 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:02.578768969 CET | 63645 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:02.670772076 CET | 53 | 56157 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:02.671044111 CET | 53 | 56270 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:02.689506054 CET | 53 | 63645 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:02.719428062 CET | 53 | 56358 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:06.071034908 CET | 55299 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:06.071232080 CET | 56531 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:06.171389103 CET | 53 | 55299 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:06.172672033 CET | 53 | 56531 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:06.579947948 CET | 53638 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:06.580235958 CET | 58380 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:06.686966896 CET | 53 | 58380 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:06.687386990 CET | 53 | 53638 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:07.348201990 CET | 65422 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:07.348500013 CET | 58670 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:07.455723047 CET | 53 | 65422 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:07.460689068 CET | 53 | 58670 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:15.187766075 CET | 53 | 49257 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:16.239542007 CET | 56937 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:16.239809990 CET | 59860 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 24, 2025 12:28:16.340260029 CET | 53 | 56937 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:16.341451883 CET | 53 | 59860 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:17.637476921 CET | 53 | 49831 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:33.993818045 CET | 53 | 51910 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:56.360193014 CET | 53 | 55667 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:28:57.032763958 CET | 53 | 60848 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:29:00.050009966 CET | 53 | 52578 | 1.1.1.1 | 192.168.2.4 |
Mar 24, 2025 12:29:04.795419931 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 24, 2025 12:28:01.594021082 CET | 192.168.2.4 | 1.1.1.1 | 0x886a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:01.594258070 CET | 192.168.2.4 | 1.1.1.1 | 0x1f65 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 12:28:02.560476065 CET | 192.168.2.4 | 1.1.1.1 | 0x5a89 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:02.563178062 CET | 192.168.2.4 | 1.1.1.1 | 0xf17d | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 12:28:02.578469038 CET | 192.168.2.4 | 1.1.1.1 | 0x7474 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:02.578768969 CET | 192.168.2.4 | 1.1.1.1 | 0xf0c2 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 12:28:06.071034908 CET | 192.168.2.4 | 1.1.1.1 | 0x1eb4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:06.071232080 CET | 192.168.2.4 | 1.1.1.1 | 0x3fe7 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 12:28:06.579947948 CET | 192.168.2.4 | 1.1.1.1 | 0x680 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:06.580235958 CET | 192.168.2.4 | 1.1.1.1 | 0xc31f | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 12:28:07.348201990 CET | 192.168.2.4 | 1.1.1.1 | 0xaf8a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:07.348500013 CET | 192.168.2.4 | 1.1.1.1 | 0xaab2 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 24, 2025 12:28:16.239542007 CET | 192.168.2.4 | 1.1.1.1 | 0x492a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 24, 2025 12:28:16.239809990 CET | 192.168.2.4 | 1.1.1.1 | 0x5a07 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 24, 2025 12:28:01.693101883 CET | 1.1.1.1 | 192.168.2.4 | 0x886a | No error (0) | 142.251.40.228 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:01.693120956 CET | 1.1.1.1 | 192.168.2.4 | 0x1f65 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 24, 2025 12:28:02.670772076 CET | 1.1.1.1 | 192.168.2.4 | 0x5a89 | No error (0) | 185.246.86.174 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:02.719428062 CET | 1.1.1.1 | 192.168.2.4 | 0x7474 | No error (0) | 185.246.86.174 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.171389103 CET | 1.1.1.1 | 192.168.2.4 | 0x1eb4 | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.171389103 CET | 1.1.1.1 | 192.168.2.4 | 0x1eb4 | No error (0) | 151.101.2.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.171389103 CET | 1.1.1.1 | 192.168.2.4 | 0x1eb4 | No error (0) | 151.101.66.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.171389103 CET | 1.1.1.1 | 192.168.2.4 | 0x1eb4 | No error (0) | 151.101.130.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.171389103 CET | 1.1.1.1 | 192.168.2.4 | 0x1eb4 | No error (0) | 151.101.194.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.172672033 CET | 1.1.1.1 | 192.168.2.4 | 0x3fe7 | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.686966896 CET | 1.1.1.1 | 192.168.2.4 | 0xc31f | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.687386990 CET | 1.1.1.1 | 192.168.2.4 | 0x680 | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.687386990 CET | 1.1.1.1 | 192.168.2.4 | 0x680 | No error (0) | 151.101.2.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.687386990 CET | 1.1.1.1 | 192.168.2.4 | 0x680 | No error (0) | 151.101.66.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.687386990 CET | 1.1.1.1 | 192.168.2.4 | 0x680 | No error (0) | 151.101.130.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:06.687386990 CET | 1.1.1.1 | 192.168.2.4 | 0x680 | No error (0) | 151.101.194.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.455723047 CET | 1.1.1.1 | 192.168.2.4 | 0xaf8a | No error (0) | j.sni.global.fastly.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.455723047 CET | 1.1.1.1 | 192.168.2.4 | 0xaf8a | No error (0) | 151.101.2.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.455723047 CET | 1.1.1.1 | 192.168.2.4 | 0xaf8a | No error (0) | 151.101.66.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.455723047 CET | 1.1.1.1 | 192.168.2.4 | 0xaf8a | No error (0) | 151.101.130.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.455723047 CET | 1.1.1.1 | 192.168.2.4 | 0xaf8a | No error (0) | 151.101.194.132 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.460689068 CET | 1.1.1.1 | 192.168.2.4 | 0xaab2 | No error (0) | moxie.foxnews.com.edgekey.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:07.460689068 CET | 1.1.1.1 | 192.168.2.4 | 0xaab2 | No error (0) | e8979.dscj.akamaiedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:16.340260029 CET | 1.1.1.1 | 192.168.2.4 | 0x492a | No error (0) | www.foxnews.com.edgekey.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:16.340260029 CET | 1.1.1.1 | 192.168.2.4 | 0x492a | No error (0) | e197183.dsca.akamaiedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:16.340260029 CET | 1.1.1.1 | 192.168.2.4 | 0x492a | No error (0) | 23.33.42.153 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:16.340260029 CET | 1.1.1.1 | 192.168.2.4 | 0x492a | No error (0) | 23.33.42.148 | A (IP address) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:16.341451883 CET | 1.1.1.1 | 192.168.2.4 | 0x5a07 | No error (0) | www.foxnews.com.edgekey.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 24, 2025 12:28:16.341451883 CET | 1.1.1.1 | 192.168.2.4 | 0x5a07 | No error (0) | e197183.dsca.akamaiedge.net | CNAME (Canonical name) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49722 | 185.246.86.174 | 80 | 5284 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 24, 2025 12:28:04.064285040 CET | 501 | OUT | |
Mar 24, 2025 12:28:04.227592945 CET | 486 | IN | |
Mar 24, 2025 12:28:04.271485090 CET | 605 | OUT | |
Mar 24, 2025 12:28:04.538629055 CET | 433 | IN | |
Mar 24, 2025 12:28:04.595830917 CET | 451 | OUT | |
Mar 24, 2025 12:28:04.761006117 CET | 257 | IN | |
Mar 24, 2025 12:28:05.621231079 CET | 574 | OUT | |
Mar 24, 2025 12:28:05.787187099 CET | 1254 | IN | |
Mar 24, 2025 12:28:05.787246943 CET | 1254 | IN | |
Mar 24, 2025 12:28:05.787292004 CET | 960 | IN | |
Mar 24, 2025 12:28:17.097290993 CET | 511 | OUT | |
Mar 24, 2025 12:28:17.260566950 CET | 1254 | IN | |
Mar 24, 2025 12:28:17.260598898 CET | 1254 | IN | |
Mar 24, 2025 12:28:17.260782003 CET | 642 | IN | |
Mar 24, 2025 12:28:17.287102938 CET | 348 | OUT | |
Mar 24, 2025 12:28:17.460067987 CET | 1254 | IN | |
Mar 24, 2025 12:28:17.460094929 CET | 366 | IN | |
Mar 24, 2025 12:29:02.462265968 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
1 | 192.168.2.4 | 49738 | 142.251.40.227 | 80 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 24, 2025 12:28:09.658489943 CET | 202 | OUT | |
Mar 24, 2025 12:28:09.748214006 CET | 223 | IN | |
Mar 24, 2025 12:28:09.755034924 CET | 200 | OUT | |
Mar 24, 2025 12:28:09.845347881 CET | 223 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49721 | 185.246.86.174 | 80 | 5284 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 24, 2025 12:28:47.855082989 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49732 | 151.101.2.132 | 443 | 5284 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 11:28:06 UTC | 577 | OUT | |
2025-03-24 11:28:06 UTC | 557 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49733 | 151.101.2.132 | 443 | 5284 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 11:28:06 UTC | 565 | OUT | |
2025-03-24 11:28:07 UTC | 1269 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49734 | 151.101.2.132 | 443 | 5284 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-24 11:28:07 UTC | 407 | OUT | |
2025-03-24 11:28:07 UTC | 1269 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:07 UTC | 16384 | IN | |
2025-03-24 11:28:08 UTC | 16384 | IN | |
2025-03-24 11:28:08 UTC | 16384 | IN | |
2025-03-24 11:28:08 UTC | 16384 | IN | |
2025-03-24 11:28:08 UTC | 16384 | IN | |
2025-03-24 11:28:08 UTC | 16384 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 1 |
Start time: | 07:27:52 |
Start date: | 24/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 07:27:55 |
Start date: | 24/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 4 |
Start time: | 07:28:01 |
Start date: | 24/03/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff786830000 |
File size: | 3'388'000 bytes |
MD5 hash: | E81F54E6C1129887AEA47E7D092680BF |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |