Windows
Analysis Report
http://allegro-6999.com/
Overview
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 1892 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4500 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2284 --fi eld-trial- handle=223 2,i,162680 9697608765 213,108139 3258599382 9049,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6416 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://allegr o-6999.com /" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: |
Source: | Avira URL Cloud: |
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
a.nel.cloudflare.com | 35.190.80.1 | true | false | unknown | |
www.google.com | 142.250.185.164 | true | false | unknown | |
allegro-6999.com | 104.21.42.180 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.164 | www.google.com | United States | 15169 | GOOGLEUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
104.21.42.180 | allegro-6999.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.4 |
192.168.2.6 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1500139 |
Start date and time: | 2024-08-28 00:14:11 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://allegro-6999.com/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal64.phis.win@23/14@11/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.16.195, 66.102.1.84, 172.217.18.110, 34.104.35.123, 13.85.23.86, 93.184.221.240, 192.229.221.95, 13.95.31.18, 52.165.164.15, 142.250.185.195
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, 6.d.a.8.b.e.f.b.0.0.0.0.0.0.0.0.4.0.0.a.0.0.1.f.1.1.1.0.1.0.a.2.ip6.arpa, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: http://allegro-6999.com/
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1892_1180222276\LICENSE
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1558 |
Entropy (8bit): | 5.11458514637545 |
Encrypted: | false |
SSDEEP: | 48:OBOCrYJ4rYJVwUCLHDy43HV713XEyMmZ3teTHn:LCrYJ4rYJVwUCHZ3Z13XtdUTH |
MD5: | EE002CB9E51BB8DFA89640A406A1090A |
SHA1: | 49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2 |
SHA-256: | 3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B |
SHA-512: | D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1892_1180222276\_metadata\verified_contents.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1864 |
Entropy (8bit): | 6.021127689065198 |
Encrypted: | false |
SSDEEP: | 48:p/hUI1atAdI567akUmYWEFw/3+ovGJ4F3jkZUbvzk98g5m7:RnYQI47avYUwvVGJ41jkZIzxgA7 |
MD5: | 68E6B5733E04AB7BF19699A84D8ABBC2 |
SHA1: | 1C11F06CA1AD3ED8116D356AB9164FD1D52B5CF0 |
SHA-256: | F095F969D6711F53F97747371C83D5D634EAEF21C54CB1A6A1CC5B816D633709 |
SHA-512: | 9DC5D824A55C969820D5D1FBB0CA7773361F044AE0C255E7C48D994E16CE169FCEAC3DE180A3A544EBEF32337EA535683115584D592370E5FE7D85C68B86C891 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1892_1180222276\manifest.fingerprint
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 66 |
Entropy (8bit): | 3.9159446964030753 |
Encrypted: | false |
SSDEEP: | 3:Sq5TQRaELVHecsUDBAeHD5k:Sq5gJ+csHej5k |
MD5: | CFB54589424206D0AE6437B5673F498D |
SHA1: | D1EF6314F0F68EFDD0BA8F6CA9E59BFF863B1609 |
SHA-256: | 285AC183C35350B4B77332172413902F83726CA8F53D63859B5DA082FD425A1C |
SHA-512: | 70FDCA4A1E6B7A5FFED3414E2DB74FECA7E0FD17482B8CB30393DFEE20AB9AD2B0B00FF0C590DD0E8D744D0EAD876CE8844519AF66618ED14666BCA56DF2DA21 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1892_1180222276\manifest.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 85 |
Entropy (8bit): | 4.4533115571544695 |
Encrypted: | false |
SSDEEP: | 3:rR6TAulhFphifFCmMARWHJqS1tean:F6VlM8aRWpqS1ln |
MD5: | C3419069A1C30140B77045ABA38F12CF |
SHA1: | 11920F0C1E55CADC7D2893D1EEBB268B3459762A |
SHA-256: | DB9A702209807BA039871E542E8356219F342A8D9C9CA34BCD9A86727F4A3A0F |
SHA-512: | C5E95A4E9F5919CB14F4127539C4353A55C5F68062BF6F95E1843B6690CEBED3C93170BADB2412B7FB9F109A620385B0AE74783227D6813F26FF8C29074758A1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1892_1180222276\sets.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 9748 |
Entropy (8bit): | 4.629326694042306 |
Encrypted: | false |
SSDEEP: | 96:Mon4mvC4qX19s1blbw/BNKLcxbdmf56MFJtRTGXvcxN43uP+8qJq:v5C4ql7BkIVmtRTGXvcxBsq |
MD5: | EEA4913A6625BEB838B3E4E79999B627 |
SHA1: | 1B4966850F1B117041407413B70BFA925FD83703 |
SHA-256: | 20EF4DE871ECE3C5F14867C4AE8465999C7A2CC1633525E752320E61F78A373C |
SHA-512: | 31B1429A5FACD6787F6BB45216A4AB1C724C79438C18EBFA8C19CED83149C17783FD492A03197110A75AAF38486A9F58828CA30B58D41E0FE89DFE8BDFC8A004 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4408 |
Entropy (8bit): | 5.087951956134119 |
Encrypted: | false |
SSDEEP: | 96:1j9jwIjYjUDK/D5DMF+BOisCkwA2ZLimqrR49PaQxJbGD:1j9jhjYjIK/Vo+tsWZOmqrO9ieJGD |
MD5: | 412019EB80103ED5E364BA91A3F5A426 |
SHA1: | F96427D2CC263CF8E1728D47E98046716A3BD4ED |
SHA-256: | 710C88DE7ACB00EC87E91CDBB29A59B6EBE3DCF0BA36F4F72ABDF8FA3C7EB47E |
SHA-512: | 79A31E34AC7489CFB8E876F74D6802F55E74D679EEB43666CB15ECF2C060840BC8EC53B59638C1D49F92F06A20B5FE30079E8C28AC622DBA09990120F7E232D9 |
Malicious: | false |
Reputation: | low |
URL: | https://allegro-6999.com/xml/index.html |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6722 |
Entropy (8bit): | 4.290562476999482 |
Encrypted: | false |
SSDEEP: | 96:9EJmdzxtFCeZOj+JIej51Dt8X2q0lFWbCAOdQNXbHiresWf5M:KsZlJIW5V2MgVikHirxs5M |
MD5: | A76815DB161544F6F2416F19496E99D9 |
SHA1: | 5009F9478C4ACF96A6578CB735CB71B225A88ED8 |
SHA-256: | 9122CAD9D8FC2BE7A6CF8B9BF9FB070C4DF8FF36BF63A0DBAB314849BB6A4765 |
SHA-512: | B6A8346FA84318A10409E5623D3D64BB7151E000E8E243DAB3159ED0E3DCF0840172E386F5FE63E0133C6D7E44A20B39775B11AC7F21340F30E7AF8C12F6A435 |
Malicious: | false |
Reputation: | low |
URL: | https://allegro-6999.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24051 |
Entropy (8bit): | 4.941039417164537 |
Encrypted: | false |
SSDEEP: | 192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk |
MD5: | 5E8C69A459A691B5D1B9BE442332C87D |
SHA1: | F24DD1AD7C9080575D92A9A9A2C42620725EF836 |
SHA-256: | 84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091 |
SHA-512: | 6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42 |
Malicious: | false |
Reputation: | low |
URL: | https://allegro-6999.com/cdn-cgi/styles/cf.errors.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
URL: | https://allegro-6999.com/cdn-cgi/images/icon-exclamation.png?1376755637 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 28, 2024 00:15:05.316837072 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Aug 28, 2024 00:15:06.217216015 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.217246056 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.220576048 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.220777035 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.220791101 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.694154024 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.694674015 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.694689989 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.695732117 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.695801020 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.696974993 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.697040081 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.697244883 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.697252035 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.744143009 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.980880022 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.980943918 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.981015921 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.982196093 CEST | 49736 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.982207060 CEST | 443 | 49736 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.987404108 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.987443924 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:06.987633944 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.987847090 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:06.987860918 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.447092056 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.448112011 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.448133945 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.448465109 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.449212074 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.449278116 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.449470043 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.492502928 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578537941 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578587055 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578614950 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578655005 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578684092 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.578696012 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578707933 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.578749895 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.578814983 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.632759094 CEST | 49738 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.632772923 CEST | 443 | 49738 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.640033007 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.640050888 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:07.640139103 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.640352964 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:07.640364885 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.106647968 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.149844885 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.307784081 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.307796955 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.308280945 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.309176922 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.309250116 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.309572935 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.352494001 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406064034 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406105042 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406135082 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406150103 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.406162024 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406200886 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406202078 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.406213999 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406261921 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.406267881 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406822920 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.406900883 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.406907082 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.410748005 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.410775900 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.410804987 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.410813093 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.410866022 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.492779016 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.492837906 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.492885113 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.492892027 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.492919922 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.492963076 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.492969036 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.493010044 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.493051052 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.493057013 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.493091106 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.493132114 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.549602985 CEST | 49740 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.549612045 CEST | 443 | 49740 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.877402067 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.877429008 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.877551079 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.877769947 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:08.877782106 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:08.928458929 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:08.928492069 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:08.928638935 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:08.929039001 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:08.929054022 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:09.316627026 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:09.316659927 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:09.316951990 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:09.318636894 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:09.318650961 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:09.394800901 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.395508051 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.395520926 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.395951033 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.397032022 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.397119999 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.397300005 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.440501928 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.443933964 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.548909903 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.548985004 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.549130917 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.549757004 CEST | 49741 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.549765110 CEST | 443 | 49741 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.561453104 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:09.561691046 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:09.561711073 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:09.562726974 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:09.562793970 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:09.646522045 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:09.646691084 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:09.671849966 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.671879053 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.671977043 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.672588110 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:09.672600031 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:09.692665100 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:09.692678928 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:09.737236023 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:10.742568016 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:10.747973919 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:10.748143911 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:10.785407066 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.892401934 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.892412901 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:10.892952919 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:10.899331093 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:10.899357080 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:10.899696112 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:10.903539896 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.903615952 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:10.904685020 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.904706001 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:10.904804945 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.905837059 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.905849934 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:10.906155109 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:10.941606045 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:10.952487946 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.159754038 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.159801006 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.159837008 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.159940958 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.159953117 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.159991026 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.160017967 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.160020113 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.160032034 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.160056114 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.160114050 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.160238028 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.168519974 CEST | 49745 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.168531895 CEST | 443 | 49745 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.183079958 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.224503040 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.371340036 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.371412039 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.371469021 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.371675014 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.371695995 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.371707916 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.371712923 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.380990028 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.381356955 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.381369114 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.382402897 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.382458925 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.382865906 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.382925987 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.383183956 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.383189917 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.400182962 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.400207043 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.400473118 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.400770903 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:11.400783062 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:11.425996065 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.500577927 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.500648975 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.500799894 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.503978968 CEST | 49746 | 443 | 192.168.2.4 | 104.21.42.180 |
Aug 28, 2024 00:15:11.503997087 CEST | 443 | 49746 | 104.21.42.180 | 192.168.2.4 |
Aug 28, 2024 00:15:11.508239985 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:11.508272886 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:11.508410931 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:11.508855104 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:11.508868933 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:11.671783924 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:11.677881002 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:11.677944899 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:11.678561926 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:11.683427095 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.869472980 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.869843960 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.869947910 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.870328903 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:12.870328903 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:12.870615959 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:12.872675896 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:12.872755051 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:12.874111891 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:12.874123096 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:12.874380112 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:12.875613928 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:12.876905918 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.877296925 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:12.877315998 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.878494978 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.878571033 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:12.879112005 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.879163980 CEST | 57539 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:12.892271042 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:12.892363071 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.892493963 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:12.892505884 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:12.916496992 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:12.943217993 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.016151905 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.016220093 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.016310930 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.016555071 CEST | 49748 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.016575098 CEST | 443 | 49748 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.017220974 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.017256975 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.017328978 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.017854929 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.017864943 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.158318043 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:13.158380032 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:13.158610106 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:13.160510063 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 28, 2024 00:15:13.160526037 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Aug 28, 2024 00:15:13.472476006 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.474359989 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.474385023 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.474755049 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.475979090 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.476036072 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.476314068 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.516498089 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.603714943 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.603848934 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:13.603914976 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.604274988 CEST | 57541 | 443 | 192.168.2.4 | 35.190.80.1 |
Aug 28, 2024 00:15:13.604295015 CEST | 443 | 57541 | 35.190.80.1 | 192.168.2.4 |
Aug 28, 2024 00:15:19.585778952 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:19.585839987 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:19.585900068 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:21.278484106 CEST | 49743 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:15:21.278522968 CEST | 443 | 49743 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:15:48.185216904 CEST | 49642 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 28, 2024 00:15:48.190110922 CEST | 53 | 49642 | 162.159.36.2 | 192.168.2.4 |
Aug 28, 2024 00:15:48.190247059 CEST | 49642 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 28, 2024 00:15:48.190376997 CEST | 49642 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 28, 2024 00:15:48.197485924 CEST | 53 | 49642 | 162.159.36.2 | 192.168.2.4 |
Aug 28, 2024 00:15:48.663714886 CEST | 53 | 49642 | 162.159.36.2 | 192.168.2.4 |
Aug 28, 2024 00:15:48.664040089 CEST | 49642 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 28, 2024 00:15:48.670296907 CEST | 53 | 49642 | 162.159.36.2 | 192.168.2.4 |
Aug 28, 2024 00:15:48.670393944 CEST | 49642 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 28, 2024 00:16:07.920005083 CEST | 50883 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:16:07.926404953 CEST | 53 | 50883 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:16:07.926471949 CEST | 50883 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:16:07.926497936 CEST | 50883 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:16:07.933917046 CEST | 53 | 50883 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:16:08.401248932 CEST | 53 | 50883 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:16:08.401638985 CEST | 50883 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:16:08.406835079 CEST | 53 | 50883 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:16:08.406887054 CEST | 50883 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:16:08.741513968 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:08.741559982 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:08.741694927 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:08.741993904 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:08.742010117 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:09.435760975 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:09.443252087 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:09.443285942 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:09.443629026 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:09.448035955 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:09.448108912 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:09.490004063 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:19.295305014 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:19.295403004 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Aug 28, 2024 00:16:19.295567036 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:20.977396011 CEST | 50885 | 443 | 192.168.2.4 | 142.250.185.164 |
Aug 28, 2024 00:16:20.977431059 CEST | 443 | 50885 | 142.250.185.164 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 28, 2024 00:15:05.336344957 CEST | 53 | 52318 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:05.336375952 CEST | 53 | 57097 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:06.167479038 CEST | 55367 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:06.172374964 CEST | 57228 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:06.183137894 CEST | 53 | 55367 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:06.189094067 CEST | 53 | 57228 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:06.191997051 CEST | 52617 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:06.192236900 CEST | 62733 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:06.207923889 CEST | 53 | 52617 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:06.228616953 CEST | 53 | 62733 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:06.534181118 CEST | 53 | 61814 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:08.850608110 CEST | 49915 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:08.851305962 CEST | 50550 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:08.926433086 CEST | 53 | 50550 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:08.926450014 CEST | 53 | 49915 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:09.769591093 CEST | 58841 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:09.769983053 CEST | 62685 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:10.747021914 CEST | 53 | 58841 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:10.893569946 CEST | 58541 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:10.896318913 CEST | 53 | 62685 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:10.907578945 CEST | 53 | 58541 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:11.497760057 CEST | 53740 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:11.498006105 CEST | 62926 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 00:15:11.506635904 CEST | 53 | 53740 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:11.507462978 CEST | 53 | 62926 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:11.671214104 CEST | 53 | 62805 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:15:24.386667013 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Aug 28, 2024 00:15:48.184323072 CEST | 53 | 56495 | 162.159.36.2 | 192.168.2.4 |
Aug 28, 2024 00:15:48.729087114 CEST | 53 | 64019 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:16:04.401756048 CEST | 53 | 58497 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 00:16:07.919564962 CEST | 53 | 55227 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Aug 28, 2024 00:15:06.229288101 CEST | 192.168.2.4 | 1.1.1.1 | c22f | (Port unreachable) | Destination Unreachable |
Aug 28, 2024 00:15:10.907666922 CEST | 192.168.2.4 | 1.1.1.1 | c22f | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Aug 28, 2024 00:15:06.167479038 CEST | 192.168.2.4 | 1.1.1.1 | 0xc2a2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 00:15:06.172374964 CEST | 192.168.2.4 | 1.1.1.1 | 0x233c | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 00:15:06.191997051 CEST | 192.168.2.4 | 1.1.1.1 | 0xf350 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 00:15:06.192236900 CEST | 192.168.2.4 | 1.1.1.1 | 0xb556 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 00:15:08.850608110 CEST | 192.168.2.4 | 1.1.1.1 | 0xd487 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 00:15:08.851305962 CEST | 192.168.2.4 | 1.1.1.1 | 0x4d02 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 00:15:09.769591093 CEST | 192.168.2.4 | 1.1.1.1 | 0x5c4a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 00:15:09.769983053 CEST | 192.168.2.4 | 1.1.1.1 | 0xbe01 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 00:15:10.893569946 CEST | 192.168.2.4 | 1.1.1.1 | 0x2e65 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 00:15:11.497760057 CEST | 192.168.2.4 | 1.1.1.1 | 0xf65d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 00:15:11.498006105 CEST | 192.168.2.4 | 1.1.1.1 | 0x2be0 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Aug 28, 2024 00:15:06.183137894 CEST | 1.1.1.1 | 192.168.2.4 | 0xc2a2 | No error (0) | 104.21.42.180 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:06.183137894 CEST | 1.1.1.1 | 192.168.2.4 | 0xc2a2 | No error (0) | 172.67.207.122 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:06.189094067 CEST | 1.1.1.1 | 192.168.2.4 | 0x233c | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 00:15:06.207923889 CEST | 1.1.1.1 | 192.168.2.4 | 0xf350 | No error (0) | 104.21.42.180 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:06.207923889 CEST | 1.1.1.1 | 192.168.2.4 | 0xf350 | No error (0) | 172.67.207.122 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:06.228616953 CEST | 1.1.1.1 | 192.168.2.4 | 0xb556 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 00:15:08.926433086 CEST | 1.1.1.1 | 192.168.2.4 | 0x4d02 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 00:15:08.926450014 CEST | 1.1.1.1 | 192.168.2.4 | 0xd487 | No error (0) | 142.250.185.164 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:10.747021914 CEST | 1.1.1.1 | 192.168.2.4 | 0x5c4a | No error (0) | 104.21.42.180 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:10.747021914 CEST | 1.1.1.1 | 192.168.2.4 | 0x5c4a | No error (0) | 172.67.207.122 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:10.896318913 CEST | 1.1.1.1 | 192.168.2.4 | 0xbe01 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 00:15:10.907578945 CEST | 1.1.1.1 | 192.168.2.4 | 0x2e65 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 00:15:11.506635904 CEST | 1.1.1.1 | 192.168.2.4 | 0xf65d | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:20.900650978 CEST | 1.1.1.1 | 192.168.2.4 | 0x9414 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:20.900650978 CEST | 1.1.1.1 | 192.168.2.4 | 0x9414 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:34.174293995 CEST | 1.1.1.1 | 192.168.2.4 | 0x3897 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 00:15:34.174293995 CEST | 1.1.1.1 | 192.168.2.4 | 0x3897 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 104.21.42.180 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:06 UTC | 659 | OUT | |
2024-08-27 22:15:06 UTC | 668 | IN | |
2024-08-27 22:15:06 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49738 | 104.21.42.180 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:07 UTC | 673 | OUT | |
2024-08-27 22:15:07 UTC | 541 | IN | |
2024-08-27 22:15:07 UTC | 828 | IN | |
2024-08-27 22:15:07 UTC | 1369 | IN | |
2024-08-27 22:15:07 UTC | 1369 | IN | |
2024-08-27 22:15:07 UTC | 850 | IN | |
2024-08-27 22:15:07 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49740 | 104.21.42.180 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:08 UTC | 573 | OUT | |
2024-08-27 22:15:08 UTC | 411 | IN | |
2024-08-27 22:15:08 UTC | 958 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN | |
2024-08-27 22:15:08 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49741 | 104.21.42.180 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:09 UTC | 651 | OUT | |
2024-08-27 22:15:09 UTC | 409 | IN | |
2024-08-27 22:15:09 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49745 | 104.21.42.180 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:10 UTC | 602 | OUT | |
2024-08-27 22:15:11 UTC | 632 | IN | |
2024-08-27 22:15:11 UTC | 737 | IN | |
2024-08-27 22:15:11 UTC | 1369 | IN | |
2024-08-27 22:15:11 UTC | 1369 | IN | |
2024-08-27 22:15:11 UTC | 1369 | IN | |
2024-08-27 22:15:11 UTC | 1369 | IN | |
2024-08-27 22:15:11 UTC | 517 | IN | |
2024-08-27 22:15:11 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49744 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:11 UTC | 161 | OUT | |
2024-08-27 22:15:11 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49746 | 104.21.42.180 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:11 UTC | 386 | OUT | |
2024-08-27 22:15:11 UTC | 409 | IN | |
2024-08-27 22:15:11 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49747 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:12 UTC | 239 | OUT | |
2024-08-27 22:15:13 UTC | 514 | IN | |
2024-08-27 22:15:13 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49748 | 35.190.80.1 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:12 UTC | 535 | OUT | |
2024-08-27 22:15:13 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 57541 | 35.190.80.1 | 443 | 4500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 22:15:13 UTC | 476 | OUT | |
2024-08-27 22:15:13 UTC | 439 | OUT | |
2024-08-27 22:15:13 UTC | 168 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:15:00 |
Start date: | 27/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:15:03 |
Start date: | 27/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:15:05 |
Start date: | 27/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |