Windows
Analysis Report
https://currentlyatt64578.weebly.com/
Overview
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 5432 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 916 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2040 --fi eld-trial- handle=198 4,i,178679 4285453316 8435,89233 6641619566 0221,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6428 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://curre ntlyatt645 78.weebly. com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: | ||
Source: | SlashNext: |
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing | ||
100% | SlashNext | Credential Stealing type: Phishing & Social Engineering |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | phishing | ||
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
currentlyatt64578.weebly.com | 74.115.51.8 | true | false | unknown | |
www.google.com | 216.58.212.164 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true | unknown | ||
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
216.58.212.164 | www.google.com | United States | 15169 | GOOGLEUS | false | |
74.115.51.8 | currentlyatt64578.weebly.com | United States | 27647 | WEEBLYUS | false | |
74.115.51.9 | unknown | United States | 27647 | WEEBLYUS | false |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1501464 |
Start date and time: | 2024-08-30 00:15:13 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 6s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://currentlyatt64578.weebly.com/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal64.phis.win@21/9@6/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.186.78, 74.125.206.84, 34.104.35.123, 93.184.221.240, 192.229.221.95, 142.250.186.131, 131.107.255.255
- Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://currentlyatt64578.weebly.com/
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24051 |
Entropy (8bit): | 4.941039417164537 |
Encrypted: | false |
SSDEEP: | 192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk |
MD5: | 5E8C69A459A691B5D1B9BE442332C87D |
SHA1: | F24DD1AD7C9080575D92A9A9A2C42620725EF836 |
SHA-256: | 84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091 |
SHA-512: | 6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42 |
Malicious: | false |
Reputation: | low |
URL: | https://currentlyatt64578.weebly.com/cdn-cgi/styles/cf.errors.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3739 |
Entropy (8bit): | 5.398898496786475 |
Encrypted: | false |
SSDEEP: | 48:lmIbXy547kz0NqSaNRiQKaNr6BwdTniB0FvC5b1SXSDq9cNgFo:1Be0NqSaNRiuNQqvS1SXSBB |
MD5: | 2EEB3E560CA8F369BE20CEB5858A4701 |
SHA1: | 6C53E6B66C1BC6D0B93116E14FB79C30424BF36C |
SHA-256: | AC2D9485ACF7E9C29D94D31F19D3AEDDA958CD4F6119DDC888FBBDE52D6078DD |
SHA-512: | D00C2C8A52E8393A649F1700A7B1EDA0A7F8ADA9F313AFEDAE8039DD94736B7004625853E9E7ACBD85D8CBFF5A1978DED22C09C4DB2D02C42630B67A9DBF0D20 |
Malicious: | false |
Reputation: | low |
URL: | https://currentlyatt64578.weebly.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
URL: | https://currentlyatt64578.weebly.com/cdn-cgi/images/icon-exclamation.png?1376755637 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4394 |
Entropy (8bit): | 5.0823053355875984 |
Encrypted: | false |
SSDEEP: | 96:1j9jwIjYjUDK/D5DMF+BOisIA2ZLimwrR49PaQxJbGD:1j9jhjYjIK/Vo+tsEZOmwrO9ieJGD |
MD5: | 740334F88DBAE7EE058F63B36C18C5D0 |
SHA1: | E89E670AFE6CE43A89C4F65F4E36CB0D43FBF289 |
SHA-256: | FF0A4AD45729E34D5B92012F43B600F729CC1506A9FC42FBC1CC602334E0EF72 |
SHA-512: | 5C00200E693154B05C768539452C5671BEB5A3DB3A8B9DB668946F4A53815AE98DD5596919B03880D2070A6194C5F0CF2D2E2D76C1BAEABD883627E736589948 |
Malicious: | false |
Reputation: | low |
URL: | https://currentlyatt64578.weebly.com/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 30, 2024 00:16:08.050021887 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Aug 30, 2024 00:16:09.372498035 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.372529030 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.372602940 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.372709036 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.372715950 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.372766972 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.372925997 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.372937918 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.373126030 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.373136044 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.835925102 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.836236000 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.836247921 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.837343931 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.837423086 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.838416100 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.838483095 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.838593960 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.857702971 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.860253096 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.860268116 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.863432884 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.863496065 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.869801998 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.869920969 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.881386995 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.881397009 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.922853947 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.922853947 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.922864914 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974133968 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.974272013 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974322081 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974355936 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974387884 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974400997 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.974411011 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974456072 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:09.974462032 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974482059 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:09.974519014 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.038995981 CEST | 49735 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.039027929 CEST | 443 | 49735 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.040229082 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.084501982 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142126083 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142199993 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142244101 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142277956 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142301083 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.142317057 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142328024 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.142349005 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142394066 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.142400026 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142596960 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.142644882 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.142652035 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.146776915 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.146811962 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.146842957 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.146878004 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.146886110 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.146918058 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.190527916 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.234322071 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234384060 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234452009 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.234472990 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234755039 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234795094 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234802008 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.234810114 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234884024 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.234929085 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.330446005 CEST | 49736 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.330471992 CEST | 443 | 49736 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.352083921 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.352129936 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.352205992 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.352425098 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.352442026 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.826195955 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.826514959 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.826539993 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.826880932 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.827347040 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.827414989 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.827501059 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.868503094 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.957284927 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.957370043 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.957442999 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.985624075 CEST | 49738 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.985656977 CEST | 443 | 49738 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.998195887 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.998241901 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:10.998308897 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.998524904 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:10.998538017 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.019925117 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.019951105 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.020010948 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.022258043 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.022270918 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.511013031 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.518702030 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.551136971 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.566751003 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.584050894 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.584062099 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.584737062 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.584755898 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.585226059 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.585356951 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.585421085 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.593818903 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.594006062 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.595074892 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.595213890 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.598284960 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.598867893 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.598879099 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.644512892 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.647083998 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.694850922 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.694927931 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.694976091 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.696788073 CEST | 49742 | 443 | 192.168.2.4 | 74.115.51.9 |
Aug 30, 2024 00:16:11.696806908 CEST | 443 | 49742 | 74.115.51.9 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795456886 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795509100 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795538902 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795547962 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.795568943 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795608044 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.795615911 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795670986 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:11.795711994 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.809730053 CEST | 49741 | 443 | 192.168.2.4 | 74.115.51.8 |
Aug 30, 2024 00:16:11.809748888 CEST | 443 | 49741 | 74.115.51.8 | 192.168.2.4 |
Aug 30, 2024 00:16:12.537669897 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:12.537714005 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:12.537779093 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:12.537992001 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:12.538007975 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:13.255791903 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:13.267932892 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:13.267961025 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:13.269082069 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:13.269157887 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:13.274007082 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:13.274087906 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:13.310386896 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:13.310424089 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:13.311049938 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:13.313399076 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:13.313415051 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:13.316885948 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:13.316911936 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:13.363759041 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:13.956141949 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:13.956216097 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:13.959860086 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:13.959870100 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:13.960114002 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.004369020 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.008743048 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.052505970 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.227868080 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.227933884 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.227988958 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.228283882 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.228302956 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.283704996 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.283762932 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.283835888 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.284967899 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.284984112 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.941910982 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.942038059 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.944215059 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.944227934 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.944498062 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:14.945966005 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:14.992495060 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:15.221143961 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:15.221225023 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:15.221441984 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:15.221909046 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:15.221927881 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:15.221955061 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 30, 2024 00:16:15.221961975 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Aug 30, 2024 00:16:21.154433012 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:21.154475927 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:21.154613018 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:21.155950069 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:21.155966043 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:21.942269087 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:21.942357063 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:21.946573019 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:21.946583033 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:21.946952105 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:21.989420891 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:22.700436115 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:22.740508080 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958615065 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958642960 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958651066 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958661079 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958690882 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958729982 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:22.958760023 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.958774090 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:22.958811045 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:22.959445953 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.959505081 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:22.959513903 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.959919930 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:22.959974051 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:23.091785908 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:23.091859102 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:23.091923952 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:23.634953976 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:23.635003090 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:23.635018110 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:16:23.635025978 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:16:24.446841955 CEST | 49743 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:16:24.446871996 CEST | 443 | 49743 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:16:30.433518887 CEST | 51767 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:30.438291073 CEST | 53 | 51767 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:30.438366890 CEST | 51767 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:30.438436031 CEST | 51767 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:30.444098949 CEST | 53 | 51767 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:30.887845993 CEST | 53 | 51767 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:30.890381098 CEST | 51767 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:30.895689011 CEST | 53 | 51767 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:30.895802975 CEST | 51767 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:17:00.139990091 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:00.140038013 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:00.140161037 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:00.140467882 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:00.140479088 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:00.941450119 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:00.941544056 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:00.954382896 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:00.954396963 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:00.954675913 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:00.982629061 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.028493881 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.272849083 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.272875071 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.272891045 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.272933960 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.272944927 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.272970915 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.272989035 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.274396896 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.274426937 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.274447918 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.274452925 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.274480104 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:01.274487972 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.274513960 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.284115076 CEST | 51769 | 443 | 192.168.2.4 | 20.114.59.183 |
Aug 30, 2024 00:17:01.284128904 CEST | 443 | 51769 | 20.114.59.183 | 192.168.2.4 |
Aug 30, 2024 00:17:12.584445953 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:12.584501982 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:12.584942102 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:12.589348078 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:12.589366913 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:13.251091957 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:13.251419067 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:13.251451015 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:13.251784086 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:13.252171993 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:13.252270937 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:13.302052975 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:23.153855085 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:23.154025078 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Aug 30, 2024 00:17:23.154362917 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:24.511003971 CEST | 51771 | 443 | 192.168.2.4 | 216.58.212.164 |
Aug 30, 2024 00:17:24.511035919 CEST | 443 | 51771 | 216.58.212.164 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 30, 2024 00:16:08.312192917 CEST | 53 | 57953 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:08.312305927 CEST | 53 | 54601 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:09.301044941 CEST | 53 | 64135 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:09.354253054 CEST | 62152 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:09.354494095 CEST | 59522 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:09.370491982 CEST | 53 | 62152 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:09.371961117 CEST | 53 | 59522 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:11.001790047 CEST | 57328 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:11.001939058 CEST | 61125 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:11.018531084 CEST | 53 | 57328 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:11.019613981 CEST | 53 | 61125 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:12.522370100 CEST | 59891 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:12.525780916 CEST | 49748 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 30, 2024 00:16:12.532669067 CEST | 53 | 59891 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:12.534638882 CEST | 53 | 49748 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:26.142812967 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Aug 30, 2024 00:16:26.570997000 CEST | 53 | 52618 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:16:30.433012009 CEST | 53 | 54814 | 1.1.1.1 | 192.168.2.4 |
Aug 30, 2024 00:17:07.885628939 CEST | 53 | 64245 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Aug 30, 2024 00:16:09.354253054 CEST | 192.168.2.4 | 1.1.1.1 | 0x1a68 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:16:09.354494095 CEST | 192.168.2.4 | 1.1.1.1 | 0xf47c | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 30, 2024 00:16:11.001790047 CEST | 192.168.2.4 | 1.1.1.1 | 0x81b1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:16:11.001939058 CEST | 192.168.2.4 | 1.1.1.1 | 0x95e3 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 30, 2024 00:16:12.522370100 CEST | 192.168.2.4 | 1.1.1.1 | 0xe9f4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:16:12.525780916 CEST | 192.168.2.4 | 1.1.1.1 | 0xb613 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Aug 30, 2024 00:16:09.370491982 CEST | 1.1.1.1 | 192.168.2.4 | 0x1a68 | No error (0) | 74.115.51.8 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:16:09.370491982 CEST | 1.1.1.1 | 192.168.2.4 | 0x1a68 | No error (0) | 74.115.51.9 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:16:11.018531084 CEST | 1.1.1.1 | 192.168.2.4 | 0x81b1 | No error (0) | 74.115.51.9 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:16:11.018531084 CEST | 1.1.1.1 | 192.168.2.4 | 0x81b1 | No error (0) | 74.115.51.8 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:16:12.532669067 CEST | 1.1.1.1 | 192.168.2.4 | 0xe9f4 | No error (0) | 216.58.212.164 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:16:12.534638882 CEST | 1.1.1.1 | 192.168.2.4 | 0xb613 | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49735 | 74.115.51.8 | 443 | 916 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:09 UTC | 671 | OUT | |
2024-08-29 22:16:09 UTC | 222 | IN | |
2024-08-29 22:16:09 UTC | 1147 | IN | |
2024-08-29 22:16:09 UTC | 1369 | IN | |
2024-08-29 22:16:09 UTC | 1369 | IN | |
2024-08-29 22:16:09 UTC | 517 | IN | |
2024-08-29 22:16:09 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 74.115.51.8 | 443 | 916 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:10 UTC | 583 | OUT | |
2024-08-29 22:16:10 UTC | 411 | IN | |
2024-08-29 22:16:10 UTC | 958 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN | |
2024-08-29 22:16:10 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49738 | 74.115.51.8 | 443 | 916 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:10 UTC | 675 | OUT | |
2024-08-29 22:16:10 UTC | 409 | IN | |
2024-08-29 22:16:10 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49741 | 74.115.51.8 | 443 | 916 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:11 UTC | 612 | OUT | |
2024-08-29 22:16:11 UTC | 534 | IN | |
2024-08-29 22:16:11 UTC | 835 | IN | |
2024-08-29 22:16:11 UTC | 1369 | IN | |
2024-08-29 22:16:11 UTC | 1369 | IN | |
2024-08-29 22:16:11 UTC | 173 | IN | |
2024-08-29 22:16:11 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49742 | 74.115.51.9 | 443 | 916 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:11 UTC | 398 | OUT | |
2024-08-29 22:16:11 UTC | 409 | IN | |
2024-08-29 22:16:11 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49744 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:14 UTC | 161 | OUT | |
2024-08-29 22:16:14 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49745 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:14 UTC | 239 | OUT | |
2024-08-29 22:16:15 UTC | 515 | IN | |
2024-08-29 22:16:15 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49746 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:16:22 UTC | 306 | OUT | |
2024-08-29 22:16:22 UTC | 560 | IN | |
2024-08-29 22:16:22 UTC | 15824 | IN | |
2024-08-29 22:16:22 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 51769 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:00 UTC | 306 | OUT | |
2024-08-29 22:17:01 UTC | 560 | IN | |
2024-08-29 22:17:01 UTC | 15824 | IN | |
2024-08-29 22:17:01 UTC | 14181 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:16:02 |
Start date: | 29/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:16:06 |
Start date: | 29/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:16:08 |
Start date: | 29/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |