Windows
Analysis Report
https://bhge-ofse.saviyntcloud.com/ECMv6/request/requestHome
Overview
General Information
Detection
Score: | 2 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 4924 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4180 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2572 --fi eld-trial- handle=254 4,i,128391 4037694836 1460,16293 7693735423 87914,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6516 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://bhge- ofse.saviy ntcloud.co m/ECMv6/re quest/requ estHome" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Memory has grown: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Extra Window Memory Injection | 1 Extra Window Memory Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
d3l0l8wekhoecn.cloudfront.net | 18.65.39.13 | true | false | unknown | |
www.google.com | 172.217.23.100 | true | false | unknown | |
a9d4dea8e2661b2ed.awsglobalaccelerator.com | 15.197.151.86 | true | false | unknown | |
login.bakerhughes.com | unknown | unknown | false | unknown | |
ok7static.oktacdn.com | unknown | unknown | false | unknown | |
bhge-ofse.saviyntcloud.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false | unknown | ||
false | unknown | ||
false | unknown | ||
false | unknown | ||
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
3.161.82.77 | unknown | United States | 16509 | AMAZON-02US | false | |
142.250.185.68 | unknown | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
15.197.151.86 | a9d4dea8e2661b2ed.awsglobalaccelerator.com | United States | 7430 | TANDEMUS | false | |
18.65.39.13 | d3l0l8wekhoecn.cloudfront.net | United States | 3 | MIT-GATEWAYSUS | false | |
172.217.23.100 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1500769 |
Start date and time: | 2024-08-28 22:07:03 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 18s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/request/requestHome |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean2.win@18/45@16/7 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.195, 142.250.186.142, 142.251.173.84, 34.104.35.123, 104.18.0.128, 104.18.1.128, 142.250.74.202, 199.232.214.172, 192.229.221.95, 142.250.186.131
- Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, bhge-ofse.saviyntcloud.com.cdn.cloudflare.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://bhge-ofse.saviyntcloud.com/ECMv6/request/requestHome
Input | Output |
---|---|
URL: https://login.bakerhughes.com/app/bhconnect_bakerhughesbeaconentitlementsystem_1/exk16eygv62QN1bST358/sso/saml Model: jbxai | { "brand":["Baker Hughes"], "contains_trigger_text":false, "prominent_button_name":"Go to Homepage", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false} |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4413532 |
Entropy (8bit): | 5.626043917614758 |
Encrypted: | false |
SSDEEP: | 49152:F6kUQ/hLj+TrBABtl116vfyCNU1dUio/OdWgZ95JHaLntj/8GcnEfBo:ckUGj+T1ABypioWdWgXaBj/8GNJo |
MD5: | 5C0588D0F699E95EB13484E1124CFB99 |
SHA1: | 7886FA30462F01D0C4568FFDF9A9B0CC8DED9CE2 |
SHA-256: | 3C76EDF830950C6592D9D1DC8A808A56D4E871022F348C6134A14304B3A23A47 |
SHA-512: | E973249865F1DFC10DFBF9E7ED407927462C70D8D2B805A86E3256DD7879AF5BB04B81E91528C8DF4F82270DCEDC977DE17AB1AE9A084DBD5D845C5F69849735 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/static/js/17.67f8cc71.chunk.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1911 |
Entropy (8bit): | 4.893288566361781 |
Encrypted: | false |
SSDEEP: | 48:/FOvcF1NuagTB5t4/W7zkg4AFwaR1SBhVouQW7JW1X:9A1vB5K/jxAFwaR1SXVou1JW1X |
MD5: | 80127BA5C47706686501006723BA83DA |
SHA1: | A0AF4ECF251187B0203FF095D16F850CC57A38C1 |
SHA-256: | 07D7429F55979AF1968161A3EB812A39C797F9C3E2F0FD88AECBF1EA741349C1 |
SHA-512: | 13F6A80F4204AB6BF8CDEDD0B9100F63219806EB84FABF03E6E3DE79796AD84B5BEF88E94CDE8701EA7E78A88424955BCE72F7BF4A6767BAC58DB300F572B44F |
Malicious: | false |
Reputation: | low |
URL: | https://login.bakerhughes.com/assets/css/sections/errors-v2.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 231 |
Entropy (8bit): | 5.0275248595486595 |
Encrypted: | false |
SSDEEP: | 6:YWQEGOpzOTm3gV22OCWmzMnOHMJxB5OHMJjnTqrbEb7D0XjOHML:YJEGtcgemNM55oMtnTqrblzoML |
MD5: | 4CE05AC4B95272BDCB0903BFA8FB5827 |
SHA1: | AD653224A6036E4A23EDD022BF4758EB2464569C |
SHA-256: | F01044F410F3D2EEE5E6E621A677FB9B4639C274D0195061FF640ED5789AB883 |
SHA-512: | 1E80B71B4E269D1ED0103407DBBE3D048C10E2FA4BB03F4D4D4EA43FC1CF38D33F026BDEE50243B62504FC3B5B3BBF4688CB26F43D69C6D6AAAC636B2E18FDAE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26699 |
Entropy (8bit): | 5.160661946362283 |
Encrypted: | false |
SSDEEP: | 192:W1IHOtrZRzoyHmUxwxabcxOSqi4LMB6pvrx4PqnFFXoN84Csjq454qHr32eWX:j8ZhoyHj9bcGQMpvTwN8bRiuX |
MD5: | 206C0F79B0EA46F612CCA8A980FB51F2 |
SHA1: | 212CD218A3BA9B4C5299CEAC05C8BAF62B19BB8C |
SHA-256: | DAAFE8915A904934F9BDEDBD9ACD7610C4758D3D47DF0A1C6075D062E5660959 |
SHA-512: | 375F7719C6106BD0CB2773EF245C2A600B09D6778C688DA715F119039EC7AC1CF4A577CE2B70C6DF9DC583A16B337009D6B599E22503FD70CDC23E50122120F3 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/assets/css/bootstrap.purged.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6249 |
Entropy (8bit): | 5.4767275889044145 |
Encrypted: | false |
SSDEEP: | 96:zmg/gyPtwcP3PiPstPryeT5RNFrtbOnv5kGiEiJXew5g0Rnk9vYgLPVEsG2X6Wc:/vP6+DyeT5RE3iJXew5g0+vh9t6Wc |
MD5: | 74C7E46736195929A1DCADC3E20583B2 |
SHA1: | 4EB49B643CB5CD77C6BC6BC2F1CD99485A8E4988 |
SHA-256: | E1B7D1EEF6B650AD7DD085CF93C518608D825F0453C4F233960FCBFCA861C107 |
SHA-512: | FDFBCB03A309BCFB7F4E5F608B67A3DD3069F6535642DD7FDBAEFBEB79F4B7ADE70AF4598C2D31715E543235B198EDE14C65999A9CD63736D61E257BE683DEB0 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/assets/css/rubik-font.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3684285 |
Entropy (8bit): | 5.6716113801092005 |
Encrypted: | false |
SSDEEP: | 24576:L1DWVxIO/mph/Jf/KhXuK9PCPuKPuKLk0PLjfBBhbi/6IEeBvEWapHqqs+hdoQC:BaVxIfdEPCrk0PLjfRbi/6+EW6XoQC |
MD5: | EBE166C0B8880908EDA9CB32A427FE8F |
SHA1: | A5C344FFC8D8EABBA18E65899444BB78B91376C7 |
SHA-256: | 0BB0CF8F2DE39A40AFF4AF775318C4C8EA254B14ABC228228BA94944880C2BC0 |
SHA-512: | 594E001A4C449C2DB51A239A7F8F5FAB844B58921AB0220A9E02C4A49FC6C57AF1145D4C7E488696354100EC000EF20F001489182DC2C92CC5FA4EE713C9AC9F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 38457 |
Entropy (8bit): | 7.195183027727392 |
Encrypted: | false |
SSDEEP: | 768:J+mO/KwKNHM9t2cNMRpAX22zjXa/YsJy/futletxWGEXS1pwID5sxO:J+msKwCHaHNGKX20jK/Vs/GHetYA1pwB |
MD5: | D79EB93784D661C8829996FED20BA23E |
SHA1: | 210D59895100632989A44AA5FAE822764BA82F18 |
SHA-256: | 118CEEC65A796477B7928B4E40DFCC49235CEB5A5B81A88870AEE37B6B04E2BB |
SHA-512: | D0BF2C65F066F2296373E9DAB4314ABB6F54F85CE68559A927C131EA2EE9F3E5E0EA3ED7A0AC3ABB95E441A06F5E696E76D3BD2F62B6A0A206048E72BAD5B31B |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 569 |
Entropy (8bit): | 4.896633254731508 |
Encrypted: | false |
SSDEEP: | 12:Uc11FP/sO6ZRoT6pHAciJkSAx/s6ZmOHc9n+5cMK00k14enEPCedG:3F8OYsKuJXYmOOk4TfenEPCD |
MD5: | 71D6A57D21337114032CA39B294F3591 |
SHA1: | ADA1D867672276F16EF4D3B8A46A519FBA8E3D4E |
SHA-256: | 36B2057EB5EEF261A2CBB8C149DCF3A11EDAA15CCD8E3D462EB34999F5FF8F2A |
SHA-512: | BC5F5B55C2741FED993D5D25A36030028C388C8888EA2D1D1F24970AEC4F856CDA366940B99D54FF2D4D9AF16DF8DE39AB847A7BA2BE0B649DE1CE2C9E70A330 |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.googleapis.com/icon?family=Material+Icons |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 28101 |
Entropy (8bit): | 4.799557763132519 |
Encrypted: | false |
SSDEEP: | 384:+cMgnhpiWbEHJMdxefafwiYxM4EOXpJOccGfqVDiivbx0x+FZE:E2ci2yflYxMyZJOccGyVuivbx4+DE |
MD5: | 4334C8C70998D81BDE3E6765828811A6 |
SHA1: | DE27D3920885BE830EBA8B77FF1C3B320AFC5B98 |
SHA-256: | 1E8638F605575BD335D49EFA95E165ADF7EF06DDA8E367661AC2517A0A3A96B4 |
SHA-512: | 0340F7A2BB6053B2A8E42003EC0238ACF7CCF815D320D431028C83D1CF3B37A96D9CEB749E5C61828293D35B47FE306C2809D2A76E3FEE77F09D9124B5E5DE76 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/assets/css/line-awesome.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 306 |
Entropy (8bit): | 4.648623844105592 |
Encrypted: | false |
SSDEEP: | 6:3vjkpO/Eqh/bwXLjQLMzmezk7TWKAKjgwr2GV/cgGTO:fYDqJeLQq/KUKV/cDTO |
MD5: | 2F717775D17BF3A581ACF2903353545F |
SHA1: | C2D2CDBA08A79B51C4000AD16D7A72D91A515727 |
SHA-256: | 9A67EEFF859EAEDEECE4420D541ED2577C19FF7599C0FB70CA53681FE20CCF95 |
SHA-512: | BEA380FCB94811E5C93661342A08B5BFEE89656FC0AC869C5427A216B8B54F47A9509BEC73224E6A7AD0203338A281CA1625CFA30C5E55FB2AEA67278E7A4ECA |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/manifest.json |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2558880 |
Entropy (8bit): | 4.937208965579254 |
Encrypted: | false |
SSDEEP: | 3072:pCdWjbz9DBua3yI+fywiv54k8Q8jC3Fwt7R4DHVA5j5g5trpxBim0+nExdxrZ9Y/:piS0IiU2EUkIUKiUY |
MD5: | B1873CEA5CA06CBCB3D5FA71D8B72924 |
SHA1: | 1008FC738E579EDC5E70E7FDF7A04869D149A259 |
SHA-256: | FCA4812BA3833470C5DC5870BACB63649694DDE200E64A8FF1BE6D285F2C44BF |
SHA-512: | E906B56A788DBD17333D64AEEEB7C559298EB0A8783D33C994F3064DCC0FD5868A130556D286AC6FFDE6DDDEDB2C3785BEECDB7BBAE262D6477968D638B85EA9 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/assets/css/tailwind.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6507 |
Entropy (8bit): | 7.936919305019708 |
Encrypted: | false |
SSDEEP: | 96:vViXTmqxBMSnRM9qVnPhhXManWGoW5ufdqWWbTctoXpB2VgrbACkwDMjR:vVQTZhCqZ3XMarf5kAPQtoZYcrQjR |
MD5: | 079198E0DCC3F16BFD74913A2F974115 |
SHA1: | 5BAED81FE886A5A7125AD64CC311C5E2DC30E783 |
SHA-256: | B8895771C0644EF9F321A054357C8AA8591D7D3BEC37FA7B19CC02AFCFCB1174 |
SHA-512: | E5A5336AEF857EC21E4D1799DF4622CED1313BE1222D0C7F4D8C01E6D9F1AA3EEFE2EBD16D35692709EB984A9D529D3A0EA1366A1E20B8CB1854E28D6E73AD7B |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 38457 |
Entropy (8bit): | 7.195183027727392 |
Encrypted: | false |
SSDEEP: | 768:J+mO/KwKNHM9t2cNMRpAX22zjXa/YsJy/futletxWGEXS1pwID5sxO:J+msKwCHaHNGKX20jK/Vs/GHetYA1pwB |
MD5: | D79EB93784D661C8829996FED20BA23E |
SHA1: | 210D59895100632989A44AA5FAE822764BA82F18 |
SHA-256: | 118CEEC65A796477B7928B4E40DFCC49235CEB5A5B81A88870AEE37B6B04E2BB |
SHA-512: | D0BF2C65F066F2296373E9DAB4314ABB6F54F85CE68559A927C131EA2EE9F3E5E0EA3ED7A0AC3ABB95E441A06F5E696E76D3BD2F62B6A0A206048E72BAD5B31B |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/static/media/dualball68px.d79eb937.gif |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40238 |
Entropy (8bit): | 4.982920528670533 |
Encrypted: | false |
SSDEEP: | 768:Zknfox+4blc24EwFPcLwm/7nYjFbk3HEiFkcNP8FVoXE87gAFDkNr4zo4FTFQbbb:Qo5blc24EwdcLwm/7YjUHdGcNP88XE8o |
MD5: | 9656936CC57CE427AF6BAF8F3A9F70B3 |
SHA1: | 0C6FBB7447C6D29D38DC25233B605B5394589EDD |
SHA-256: | 72751AAD08822469CE439FB18431FD4F50F86A6D37DF879A6F595EC6B3268444 |
SHA-512: | 7FD89339BC6B80ECA7E531C20283315CD3D3625F48D677F79F70B9AC90082BBAEF77307313CBDBE8D3AB2D3380B3A73096EE932583D0F5AD1ED3C10B0BD62BBD |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/assets/css/style.purged.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5430 |
Entropy (8bit): | 2.7209270279774733 |
Encrypted: | false |
SSDEEP: | 24:E+As6X5OjYp4bEZVJkeZvwnDK4lBit6ubJdhlcolwptQutJt9LSWtF4alXlAXmBQ:Gs6XwjHbqkeKVlA9/zv3urGVu1gmykQ |
MD5: | 449C9DD651DB589388B721EB2496F5B0 |
SHA1: | 64F3B213A89A00F7B0940271576ECC72280236F7 |
SHA-256: | F9E86FB363A05F75AB3B525439D46BF4911D4CD4AE94C656C0198206374002AA |
SHA-512: | 410C701B5050A6D039EE82C6D1B1B596983622E35256A2628A108B20E03D8B0CC85D2033292D5E13ACE0199FFFBB34DBFE9DF82EA4161285082837056A06F2DC |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65838 |
Entropy (8bit): | 0.28903159550363 |
Encrypted: | false |
SSDEEP: | 48:LHSLcllEiocGwV9PBo+Sl2Yg/Mg9e9y9EsWmV:LHSLU1PPPu+Sl2YgEMHWc |
MD5: | D1AD95EC42BD1F77E99C98727A2742F8 |
SHA1: | A3FF8BC557B5C7DA32F8C035FA9E7AEC718E331A |
SHA-256: | 9226E77677EC685D913D214CD168E41FFCAF67930C929E48604145F4017FA482 |
SHA-512: | 8B810C92596797E01A87B8C5D4712758F8FEA2D5C5B0F869DA8C2711B08277E4FD0A2B9765501BC08B814366691FBC6AE4B6FA98B1A27A4D731DD768342A1154 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4413532 |
Entropy (8bit): | 5.626043917614758 |
Encrypted: | false |
SSDEEP: | 49152:F6kUQ/hLj+TrBABtl116vfyCNU1dUio/OdWgZ95JHaLntj/8GcnEfBo:ckUGj+T1ABypioWdWgXaBj/8GNJo |
MD5: | 5C0588D0F699E95EB13484E1124CFB99 |
SHA1: | 7886FA30462F01D0C4568FFDF9A9B0CC8DED9CE2 |
SHA-256: | 3C76EDF830950C6592D9D1DC8A808A56D4E871022F348C6134A14304B3A23A47 |
SHA-512: | E973249865F1DFC10DFBF9E7ED407927462C70D8D2B805A86E3256DD7879AF5BB04B81E91528C8DF4F82270DCEDC977DE17AB1AE9A084DBD5D845C5F69849735 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 533255 |
Entropy (8bit): | 5.17307559682415 |
Encrypted: | false |
SSDEEP: | 12288:I2KYOWc4N3Ao/jop8eDHvglEC1z+jmi3wlbztAdtrdciVfDPe3dM9aajU6fxHRMn:I2KYOWc4N3Ao/jop8eD4l1+jmi3wlbzd |
MD5: | DD8176D7F4124BDC4311A5DB92324AC5 |
SHA1: | 5DB91D80F8AF98F3370D091D20523CFCDA519D76 |
SHA-256: | 0C6E5D494BF5D9D2591DB8E58FF88C0724DC4EB047F23B413B2C69F2BE6630D3 |
SHA-512: | 906F8EA2312EEC031D69F28C711950E14221BE1EA4A45C9ED489634237E3D864623AF8C25BB4EEEC7FE7D7F3F0AAFC5C7AE5CAFB84E10FD2335F8BA2BF6EFC86 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/static/css/main.c4d2e049.chunk.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 2.7209270279774733 |
Encrypted: | false |
SSDEEP: | 24:E+As6X5OjYp4bEZVJkeZvwnDK4lBit6ubJdhlcolwptQutJt9LSWtF4alXlAXmBQ:Gs6XwjHbqkeKVlA9/zv3urGVu1gmykQ |
MD5: | 449C9DD651DB589388B721EB2496F5B0 |
SHA1: | 64F3B213A89A00F7B0940271576ECC72280236F7 |
SHA-256: | F9E86FB363A05F75AB3B525439D46BF4911D4CD4AE94C656C0198206374002AA |
SHA-512: | 410C701B5050A6D039EE82C6D1B1B596983622E35256A2628A108B20E03D8B0CC85D2033292D5E13ACE0199FFFBB34DBFE9DF82EA4161285082837056A06F2DC |
Malicious: | false |
Reputation: | low |
URL: | https://login.bakerhughes.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 65838 |
Entropy (8bit): | 0.28903159550363 |
Encrypted: | false |
SSDEEP: | 48:LHSLcllEiocGwV9PBo+Sl2Yg/Mg9e9y9EsWmV:LHSLU1PPPu+Sl2YgEMHWc |
MD5: | D1AD95EC42BD1F77E99C98727A2742F8 |
SHA1: | A3FF8BC557B5C7DA32F8C035FA9E7AEC718E331A |
SHA-256: | 9226E77677EC685D913D214CD168E41FFCAF67930C929E48604145F4017FA482 |
SHA-512: | 8B810C92596797E01A87B8C5D4712758F8FEA2D5C5B0F869DA8C2711B08277E4FD0A2B9765501BC08B814366691FBC6AE4B6FA98B1A27A4D731DD768342A1154 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4722 |
Entropy (8bit): | 5.3898358598245 |
Encrypted: | false |
SSDEEP: | 96:dQOLP50ZZ8DCK9cHoQOLYRwQOLEFZSQOLOQOLnVc+uJQOL+NdQOgP50ZZ8DCK9ck:DVCl+sGxUfE/VClxs5+/fvK |
MD5: | F84C637018CCC6E6C79B562EEDBF99E3 |
SHA1: | 5393C5C46C8F3C6A91F9730D0F802F6F1B6478D0 |
SHA-256: | DDC39A60AEA4C25F0544D490086B056B68288AEEC90D7DAAADF1F9A66EC98A1B |
SHA-512: | E15405867D0EEA235B73024F16E72CEA477E451C279F57DEB9E8A0FCA4FD6284CE3BE530991F329CBFD8E628C1617F0762B528864CDEED06B302508BD9A73D21 |
Malicious: | false |
Reputation: | low |
URL: | "https://fonts.googleapis.com/css?family=Rubik:400,500" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 44665 |
Entropy (8bit): | 5.029044755613601 |
Encrypted: | false |
SSDEEP: | 768:Zy4WEXxatgDxV67Erb6tif65WJ1mXAA0rEb6CzOZbw7/:Zy4WEBatgVV6zsf65WCXki6Yus/ |
MD5: | 8D80CE061F9B8BB8C660C7BEC7ECA883 |
SHA1: | B7E25FAD179F0EA09B909765B168B9A5BD4EB47E |
SHA-256: | 72FCA1994ACF53C454EE45DFD407A8C8979B2502BC1B1435A126FABA9B9DE6C1 |
SHA-512: | 470D7D75F9F200FA3F24C1EE2F79CF011D94FA056A699E0169702D6365170C166D3B41E1187D31FA736B451DBAF6EF5E37CCCE5C91A9E7BC0D087226B57EF1DE |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/static/css/17.59fb86f4.chunk.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6249 |
Entropy (8bit): | 5.4767275889044145 |
Encrypted: | false |
SSDEEP: | 96:zmg/gyPtwcP3PiPstPryeT5RNFrtbOnv5kGiEiJXew5g0Rnk9vYgLPVEsG2X6Wc:/vP6+DyeT5RE3iJXew5g0+vh9t6Wc |
MD5: | 74C7E46736195929A1DCADC3E20583B2 |
SHA1: | 4EB49B643CB5CD77C6BC6BC2F1CD99485A8E4988 |
SHA-256: | E1B7D1EEF6B650AD7DD085CF93C518608D825F0453C4F233960FCBFCA861C107 |
SHA-512: | FDFBCB03A309BCFB7F4E5F608B67A3DD3069F6535642DD7FDBAEFBEB79F4B7ADE70AF4598C2D31715E543235B198EDE14C65999A9CD63736D61E257BE683DEB0 |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/request/requestHome |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 231 |
Entropy (8bit): | 5.0275248595486595 |
Encrypted: | false |
SSDEEP: | 6:YWQEGOpzOTm3gV22OCWmzMnOHMJxB5OHMJjnTqrbEb7D0XjOHML:YJEGtcgemNM55oMtnTqrblzoML |
MD5: | 4CE05AC4B95272BDCB0903BFA8FB5827 |
SHA1: | AD653224A6036E4A23EDD022BF4758EB2464569C |
SHA-256: | F01044F410F3D2EEE5E6E621A677FB9B4639C274D0195061FF640ED5789AB883 |
SHA-512: | 1E80B71B4E269D1ED0103407DBBE3D048C10E2FA4BB03F4D4D4EA43FC1CF38D33F026BDEE50243B62504FC3B5B3BBF4688CB26F43D69C6D6AAAC636B2E18FDAE |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/api/config/ui-track?v=0.0009069752545964871 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3684285 |
Entropy (8bit): | 5.6716113801092005 |
Encrypted: | false |
SSDEEP: | 24576:L1DWVxIO/mph/Jf/KhXuK9PCPuKPuKLk0PLjfBBhbi/6IEeBvEWapHqqs+hdoQC:BaVxIfdEPCrk0PLjfRbi/6+EW6XoQC |
MD5: | EBE166C0B8880908EDA9CB32A427FE8F |
SHA1: | A5C344FFC8D8EABBA18E65899444BB78B91376C7 |
SHA-256: | 0BB0CF8F2DE39A40AFF4AF775318C4C8EA254B14ABC228228BA94944880C2BC0 |
SHA-512: | 594E001A4C449C2DB51A239A7F8F5FAB844B58921AB0220A9E02C4A49FC6C57AF1145D4C7E488696354100EC000EF20F001489182DC2C92CC5FA4EE713C9AC9F |
Malicious: | false |
Reputation: | low |
URL: | https://bhge-ofse.saviyntcloud.com/ECMv6/static/js/main.ac9b2c32.chunk.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6507 |
Entropy (8bit): | 7.936919305019708 |
Encrypted: | false |
SSDEEP: | 96:vViXTmqxBMSnRM9qVnPhhXManWGoW5ufdqWWbTctoXpB2VgrbACkwDMjR:vVQTZhCqZ3XMarf5kAPQtoZYcrQjR |
MD5: | 079198E0DCC3F16BFD74913A2F974115 |
SHA1: | 5BAED81FE886A5A7125AD64CC311C5E2DC30E783 |
SHA-256: | B8895771C0644EF9F321A054357C8AA8591D7D3BEC37FA7B19CC02AFCFCB1174 |
SHA-512: | E5A5336AEF857EC21E4D1799DF4622CED1313BE1222D0C7F4D8C01E6D9F1AA3EEFE2EBD16D35692709EB984A9D529D3A0EA1366A1E20B8CB1854E28D6E73AD7B |
Malicious: | false |
Reputation: | low |
URL: | https://ok7static.oktacdn.com/fs/bco/1/fs0tfevy7o2rpptBi357 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 28, 2024 22:07:48.141813993 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Aug 28, 2024 22:07:57.751085997 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Aug 28, 2024 22:08:02.315079927 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:02.315104008 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:02.315237999 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:02.318365097 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:02.318381071 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:02.997246981 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:03.002665997 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:03.002679110 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:03.003532887 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:03.003623962 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:03.009516001 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:03.009573936 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:03.063514948 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:03.063527107 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:03.109091043 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:03.351907015 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:03.351931095 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:03.352085114 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:03.354707956 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:03.354718924 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:03.980307102 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:03.980392933 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.198210001 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.198223114 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.198945045 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.236578941 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.284501076 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.412394047 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.412506104 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.412601948 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.412622929 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.412640095 CEST | 49752 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.412647963 CEST | 443 | 49752 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.451338053 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.451364994 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:04.451550007 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.451875925 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:04.451886892 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.070441008 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.070501089 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:05.076291084 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:05.076297045 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.076525927 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.087574959 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:05.132502079 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.330483913 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.330530882 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.330593109 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:05.333908081 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:05.333919048 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:05.333936930 CEST | 49753 | 443 | 192.168.2.4 | 23.53.114.19 |
Aug 28, 2024 22:08:05.333942890 CEST | 443 | 49753 | 23.53.114.19 | 192.168.2.4 |
Aug 28, 2024 22:08:10.701200008 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:10.701227903 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:10.701628923 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:10.702764034 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:10.702773094 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:10.864305973 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:10.864335060 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:10.865277052 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:10.865308046 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:10.865343094 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:10.865680933 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:10.865984917 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:10.866005898 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:10.866348982 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:10.866359949 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.503479958 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:11.505141973 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:11.509145021 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:11.509162903 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:11.509417057 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:11.565560102 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:11.603861094 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.606595993 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.637192965 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.637203932 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.638150930 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.639534950 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.639547110 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.639555931 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.640542030 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.641136885 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.729152918 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.729218006 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.739597082 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.739706039 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.740003109 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.740003109 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.740019083 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.780497074 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.781927109 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.798387051 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.798407078 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.844039917 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.948076010 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.948118925 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.948141098 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.948163986 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.948219061 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.949959993 CEST | 49768 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:11.949976921 CEST | 443 | 49768 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:11.973968029 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:12.020493031 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:12.151525974 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:12.151544094 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:12.151587009 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:12.151609898 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:12.151648045 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:12.152760983 CEST | 49769 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:12.152774096 CEST | 443 | 49769 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:12.153553963 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.153613091 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.153673887 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.154460907 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.154479980 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.267076015 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.312489986 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522806883 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522830963 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522840023 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522885084 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522887945 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.522911072 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522918940 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522939920 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.522955894 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.522955894 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.522984028 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.523133039 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.523188114 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.523195028 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.523325920 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:12.523370028 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:12.851422071 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.852257967 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.852297068 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.853189945 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.853312969 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.854289055 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.854348898 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.854487896 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.900499105 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.905653954 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:12.905673981 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:12.914072990 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:12.914119005 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:12.914346933 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:12.951482058 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:13.013653040 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:13.013672113 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:13.013685942 CEST | 49767 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:13.013691902 CEST | 443 | 49767 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:13.727457047 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:13.727475882 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:13.727480888 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:13.727555990 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:13.727596045 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:13.727920055 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:13.727968931 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:13.728535891 CEST | 49773 | 443 | 192.168.2.4 | 18.65.39.13 |
Aug 28, 2024 22:08:13.728555918 CEST | 443 | 49773 | 18.65.39.13 | 192.168.2.4 |
Aug 28, 2024 22:08:13.737714052 CEST | 49747 | 443 | 192.168.2.4 | 172.217.23.100 |
Aug 28, 2024 22:08:13.737736940 CEST | 443 | 49747 | 172.217.23.100 | 192.168.2.4 |
Aug 28, 2024 22:08:13.738169909 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:13.738209963 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:13.740865946 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:13.741558075 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:13.741569996 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:13.763731003 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:13.763766050 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:13.763823032 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:13.764050961 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:13.764061928 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.492444992 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.492964983 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.492986917 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.493285894 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.494281054 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.494333982 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.495069027 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.540499926 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.557184935 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.568219900 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.568269014 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.569190979 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.569262981 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.571686983 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.571738005 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.572052002 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.572061062 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.611843109 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.672024965 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.672043085 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.672087908 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.672096968 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.672133923 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.676738024 CEST | 49777 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.676749945 CEST | 443 | 49777 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.822917938 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.822949886 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.823009968 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.823734045 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:14.823745012 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:14.848700047 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.849292994 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.849335909 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.849349976 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.849375010 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.849411964 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.849419117 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.849440098 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:14.849481106 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.850970030 CEST | 49778 | 443 | 192.168.2.4 | 3.161.82.77 |
Aug 28, 2024 22:08:14.850984097 CEST | 443 | 49778 | 3.161.82.77 | 192.168.2.4 |
Aug 28, 2024 22:08:15.535375118 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.535734892 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.535752058 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.536786079 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.536847115 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.537252903 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.537309885 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.537529945 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.537535906 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.581140995 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.711998940 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.712022066 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.712080956 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:15.712107897 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.712789059 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.713028908 CEST | 49780 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:15.713042021 CEST | 443 | 49780 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:20.588852882 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:20.588881016 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:20.588963985 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:20.589124918 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:20.589131117 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:20.589339018 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:20.589349031 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:20.589374065 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:20.589776993 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:20.589786053 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.276504993 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.276937962 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.276951075 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.277231932 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.277631044 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.277681112 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.277853012 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.307293892 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.307558060 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.307565928 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.307857990 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.308319092 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.308381081 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.320502043 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.361915112 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.508130074 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.508145094 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.508186102 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:21.508213043 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.508271933 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.748016119 CEST | 49782 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:08:21.748029947 CEST | 443 | 49782 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:08:49.569062948 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:49.569096088 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:49.569233894 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:49.569608927 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:49.569621086 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.346852064 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.346919060 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.351092100 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.351099968 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.351298094 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.359899998 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.404494047 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.758693933 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.758713961 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.758728027 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.758977890 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.759001970 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.759119034 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.760040045 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.760081053 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.760113001 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.760117054 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.760142088 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.760360956 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.760559082 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.764260054 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.764260054 CEST | 49783 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 28, 2024 22:08:50.764275074 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:08:50.764281988 CEST | 443 | 49783 | 20.114.59.183 | 192.168.2.4 |
Aug 28, 2024 22:09:02.367140055 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:02.367173910 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:02.367233992 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:02.368060112 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:02.368078947 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:03.023133993 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:03.023435116 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:03.023471117 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:03.023767948 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:03.024101019 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:03.024162054 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:03.078147888 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:04.578452110 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 28, 2024 22:09:04.578716040 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 28, 2024 22:09:04.584733009 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Aug 28, 2024 22:09:04.584836960 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 28, 2024 22:09:04.584947109 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Aug 28, 2024 22:09:04.584990978 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 28, 2024 22:09:06.312479019 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Aug 28, 2024 22:09:06.312500954 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:09:12.924122095 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:12.924176931 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:12.924227953 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:14.772841930 CEST | 49785 | 443 | 192.168.2.4 | 142.250.185.68 |
Aug 28, 2024 22:09:14.772891045 CEST | 443 | 49785 | 142.250.185.68 | 192.168.2.4 |
Aug 28, 2024 22:09:21.367824078 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:09:21.367888927 CEST | 443 | 49781 | 15.197.151.86 | 192.168.2.4 |
Aug 28, 2024 22:09:21.367938995 CEST | 49781 | 443 | 192.168.2.4 | 15.197.151.86 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 28, 2024 22:07:58.332592010 CEST | 53 | 63953 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:07:58.386246920 CEST | 53 | 62024 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:07:59.353426933 CEST | 53 | 54036 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:00.273691893 CEST | 62229 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:00.273989916 CEST | 53413 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:01.739895105 CEST | 53 | 53051 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:02.304773092 CEST | 60385 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:02.305469036 CEST | 64067 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:02.311970949 CEST | 53 | 60385 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:02.312602997 CEST | 53 | 64067 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:02.888887882 CEST | 53 | 49199 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:05.289407969 CEST | 51196 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:05.289938927 CEST | 49657 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:10.696573019 CEST | 61036 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:10.697114944 CEST | 62415 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:10.781639099 CEST | 53 | 61036 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:10.974411011 CEST | 53 | 62415 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:11.975116968 CEST | 61333 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:11.975440979 CEST | 60407 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:12.005939960 CEST | 53 | 60407 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:12.152327061 CEST | 53 | 61333 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:13.740804911 CEST | 51028 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:13.741123915 CEST | 64944 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:13.751152039 CEST | 53 | 51028 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:13.763305902 CEST | 53 | 64944 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:14.690084934 CEST | 49693 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:14.690711975 CEST | 61598 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:08:14.791356087 CEST | 53 | 61598 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:14.821508884 CEST | 53 | 49693 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:16.148623943 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Aug 28, 2024 22:08:16.881701946 CEST | 53 | 49710 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:35.889719009 CEST | 53 | 63701 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:57.840495110 CEST | 53 | 58797 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:08:58.560878038 CEST | 53 | 52596 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:09:02.356801033 CEST | 49797 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:09:02.357264996 CEST | 49359 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 28, 2024 22:09:02.364111900 CEST | 53 | 49359 | 1.1.1.1 | 192.168.2.4 |
Aug 28, 2024 22:09:02.364649057 CEST | 53 | 49797 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Aug 28, 2024 22:08:10.974710941 CEST | 192.168.2.4 | 1.1.1.1 | c2e3 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Aug 28, 2024 22:08:00.273691893 CEST | 192.168.2.4 | 1.1.1.1 | 0xe7b4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:00.273989916 CEST | 192.168.2.4 | 1.1.1.1 | 0x4455 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:08:02.304773092 CEST | 192.168.2.4 | 1.1.1.1 | 0x40ba | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:02.305469036 CEST | 192.168.2.4 | 1.1.1.1 | 0x75da | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:08:05.289407969 CEST | 192.168.2.4 | 1.1.1.1 | 0x95e0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:05.289938927 CEST | 192.168.2.4 | 1.1.1.1 | 0xc076 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:08:10.696573019 CEST | 192.168.2.4 | 1.1.1.1 | 0x162d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:10.697114944 CEST | 192.168.2.4 | 1.1.1.1 | 0xf551 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:08:11.975116968 CEST | 192.168.2.4 | 1.1.1.1 | 0x43fe | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:11.975440979 CEST | 192.168.2.4 | 1.1.1.1 | 0x50af | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:08:13.740804911 CEST | 192.168.2.4 | 1.1.1.1 | 0xbb20 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:13.741123915 CEST | 192.168.2.4 | 1.1.1.1 | 0xe1d0 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:08:14.690084934 CEST | 192.168.2.4 | 1.1.1.1 | 0x145a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:08:14.690711975 CEST | 192.168.2.4 | 1.1.1.1 | 0x310 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 28, 2024 22:09:02.356801033 CEST | 192.168.2.4 | 1.1.1.1 | 0xcccb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 28, 2024 22:09:02.357264996 CEST | 192.168.2.4 | 1.1.1.1 | 0xd677 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Aug 28, 2024 22:08:00.293016911 CEST | 1.1.1.1 | 192.168.2.4 | 0xe7b4 | No error (0) | bhge-ofse.saviyntcloud.com.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:00.293987036 CEST | 1.1.1.1 | 192.168.2.4 | 0x4455 | No error (0) | bhge-ofse.saviyntcloud.com.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:02.311970949 CEST | 1.1.1.1 | 192.168.2.4 | 0x40ba | No error (0) | 172.217.23.100 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:02.312602997 CEST | 1.1.1.1 | 192.168.2.4 | 0x75da | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 22:08:05.308758020 CEST | 1.1.1.1 | 192.168.2.4 | 0x95e0 | No error (0) | bhge-ofse.saviyntcloud.com.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:05.311955929 CEST | 1.1.1.1 | 192.168.2.4 | 0xc076 | No error (0) | bhge-ofse.saviyntcloud.com.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.781639099 CEST | 1.1.1.1 | 192.168.2.4 | 0x162d | No error (0) | bhconnect.customdomains.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.781639099 CEST | 1.1.1.1 | 192.168.2.4 | 0x162d | No error (0) | ok7-custom-crtrs.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.781639099 CEST | 1.1.1.1 | 192.168.2.4 | 0x162d | No error (0) | ok7-custom-crtrs.oktaedge.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.781639099 CEST | 1.1.1.1 | 192.168.2.4 | 0x162d | No error (0) | a9d4dea8e2661b2ed.awsglobalaccelerator.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.781639099 CEST | 1.1.1.1 | 192.168.2.4 | 0x162d | No error (0) | 15.197.151.86 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.781639099 CEST | 1.1.1.1 | 192.168.2.4 | 0x162d | No error (0) | 3.33.152.248 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.974411011 CEST | 1.1.1.1 | 192.168.2.4 | 0xf551 | No error (0) | bhconnect.customdomains.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.974411011 CEST | 1.1.1.1 | 192.168.2.4 | 0xf551 | No error (0) | ok7-custom-crtrs.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.974411011 CEST | 1.1.1.1 | 192.168.2.4 | 0xf551 | No error (0) | ok7-custom-crtrs.oktaedge.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:10.974411011 CEST | 1.1.1.1 | 192.168.2.4 | 0xf551 | No error (0) | a9d4dea8e2661b2ed.awsglobalaccelerator.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:12.005939960 CEST | 1.1.1.1 | 192.168.2.4 | 0x50af | No error (0) | d3l0l8wekhoecn.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:12.152327061 CEST | 1.1.1.1 | 192.168.2.4 | 0x43fe | No error (0) | d3l0l8wekhoecn.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:12.152327061 CEST | 1.1.1.1 | 192.168.2.4 | 0x43fe | No error (0) | 18.65.39.13 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:12.152327061 CEST | 1.1.1.1 | 192.168.2.4 | 0x43fe | No error (0) | 18.65.39.11 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:12.152327061 CEST | 1.1.1.1 | 192.168.2.4 | 0x43fe | No error (0) | 18.65.39.5 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:12.152327061 CEST | 1.1.1.1 | 192.168.2.4 | 0x43fe | No error (0) | 18.65.39.46 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:13.751152039 CEST | 1.1.1.1 | 192.168.2.4 | 0xbb20 | No error (0) | d3l0l8wekhoecn.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:13.751152039 CEST | 1.1.1.1 | 192.168.2.4 | 0xbb20 | No error (0) | 3.161.82.77 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:13.751152039 CEST | 1.1.1.1 | 192.168.2.4 | 0xbb20 | No error (0) | 3.161.82.47 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:13.751152039 CEST | 1.1.1.1 | 192.168.2.4 | 0xbb20 | No error (0) | 3.161.82.15 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:13.751152039 CEST | 1.1.1.1 | 192.168.2.4 | 0xbb20 | No error (0) | 3.161.82.2 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:13.763305902 CEST | 1.1.1.1 | 192.168.2.4 | 0xe1d0 | No error (0) | d3l0l8wekhoecn.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.791356087 CEST | 1.1.1.1 | 192.168.2.4 | 0x310 | No error (0) | bhconnect.customdomains.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.791356087 CEST | 1.1.1.1 | 192.168.2.4 | 0x310 | No error (0) | ok7-custom-crtrs.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.791356087 CEST | 1.1.1.1 | 192.168.2.4 | 0x310 | No error (0) | ok7-custom-crtrs.oktaedge.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.791356087 CEST | 1.1.1.1 | 192.168.2.4 | 0x310 | No error (0) | a9d4dea8e2661b2ed.awsglobalaccelerator.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.821508884 CEST | 1.1.1.1 | 192.168.2.4 | 0x145a | No error (0) | bhconnect.customdomains.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.821508884 CEST | 1.1.1.1 | 192.168.2.4 | 0x145a | No error (0) | ok7-custom-crtrs.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.821508884 CEST | 1.1.1.1 | 192.168.2.4 | 0x145a | No error (0) | ok7-custom-crtrs.oktaedge.okta.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.821508884 CEST | 1.1.1.1 | 192.168.2.4 | 0x145a | No error (0) | a9d4dea8e2661b2ed.awsglobalaccelerator.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.821508884 CEST | 1.1.1.1 | 192.168.2.4 | 0x145a | No error (0) | 15.197.151.86 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:08:14.821508884 CEST | 1.1.1.1 | 192.168.2.4 | 0x145a | No error (0) | 3.33.152.248 | A (IP address) | IN (0x0001) | false | ||
Aug 28, 2024 22:09:02.364111900 CEST | 1.1.1.1 | 192.168.2.4 | 0xd677 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 28, 2024 22:09:02.364649057 CEST | 1.1.1.1 | 192.168.2.4 | 0xcccb | No error (0) | 142.250.185.68 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49752 | 23.53.114.19 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:04 UTC | 161 | OUT | |
2024-08-28 20:08:04 UTC | 495 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49753 | 23.53.114.19 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:05 UTC | 239 | OUT | |
2024-08-28 20:08:05 UTC | 515 | IN | |
2024-08-28 20:08:05 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49768 | 15.197.151.86 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:11 UTC | 917 | OUT | |
2024-08-28 20:08:11 UTC | 862 | OUT | |
2024-08-28 20:08:11 UTC | 1973 | IN | |
2024-08-28 20:08:11 UTC | 1810 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49769 | 15.197.151.86 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:11 UTC | 786 | OUT | |
2024-08-28 20:08:12 UTC | 558 | IN | |
2024-08-28 20:08:12 UTC | 1911 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49767 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:12 UTC | 306 | OUT | |
2024-08-28 20:08:12 UTC | 560 | IN | |
2024-08-28 20:08:12 UTC | 15824 | IN | |
2024-08-28 20:08:12 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49773 | 18.65.39.13 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:12 UTC | 615 | OUT | |
2024-08-28 20:08:13 UTC | 670 | IN | |
2024-08-28 20:08:13 UTC | 6507 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49777 | 15.197.151.86 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:14 UTC | 810 | OUT | |
2024-08-28 20:08:14 UTC | 368 | IN | |
2024-08-28 20:08:14 UTC | 5430 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49778 | 3.161.82.77 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:14 UTC | 374 | OUT | |
2024-08-28 20:08:14 UTC | 679 | IN | |
2024-08-28 20:08:14 UTC | 6507 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49780 | 15.197.151.86 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:15 UTC | 450 | OUT | |
2024-08-28 20:08:15 UTC | 368 | IN | |
2024-08-28 20:08:15 UTC | 5430 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 49782 | 15.197.151.86 | 443 | 4180 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:21 UTC | 776 | OUT | |
2024-08-28 20:08:21 UTC | 1829 | IN | |
2024-08-28 20:08:21 UTC | 1810 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.4 | 49783 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-28 20:08:50 UTC | 306 | OUT | |
2024-08-28 20:08:50 UTC | 560 | IN | |
2024-08-28 20:08:50 UTC | 15824 | IN | |
2024-08-28 20:08:50 UTC | 14181 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 16:07:52 |
Start date: | 28/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 16:07:56 |
Start date: | 28/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 16:07:59 |
Start date: | 28/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |