Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sleep loop found (likely to delay execution)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 7392 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 93310C090C153920356CB59B7B182267) - chrome.exe (PID: 7432 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ki osk https: //youtube. com/accoun t?=https:/ /accounts. google.com /v3/signin /challenge /pwd MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7644 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2100 --fi eld-trial- handle=203 2,i,139361 0420461869 1855,10969 3719336062 99604,2621 44 /prefet ch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6864 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=53 84 --field -trial-han dle=2032,i ,139361042 0461869185 5,10969371 9336062996 04,262144 /prefetch: 8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 764 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5328 --f ield-trial -handle=20 32,i,13936 1042046186 91855,1096 9371933606 299604,262 144 /prefe tch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_005EDBBE | |
Source: | Code function: | 0_2_005F68EE | |
Source: | Code function: | 0_2_005F698F | |
Source: | Code function: | 0_2_005ED076 | |
Source: | Code function: | 0_2_005ED3A9 | |
Source: | Code function: | 0_2_005F9642 | |
Source: | Code function: | 0_2_005F979D | |
Source: | Code function: | 0_2_005F9B2B | |
Source: | Code function: | 0_2_005F5C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_005FCE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_005FEAFF |
Source: | Code function: | 0_2_005FED6A |
Source: | Code function: | 0_2_005FEAFF |
Source: | Code function: | 0_2_005EAA57 |
Source: | Binary or memory string: | memstr_47a5e444-3 |
Source: | Code function: | 0_2_00619576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_f2e42fef-f | |
Source: | String found in binary or memory: | memstr_f3c54dd8-3 | |
Source: | String found in binary or memory: | memstr_d26ba9a2-a | |
Source: | String found in binary or memory: | memstr_a1c37e53-8 |
Source: | Code function: | 0_2_005ED5EB |
Source: | Code function: | 0_2_005E1201 |
Source: | Code function: | 0_2_005EE8F6 |
Source: | Code function: | 0_2_0058BF40 | |
Source: | Code function: | 0_2_005F2046 | |
Source: | Code function: | 0_2_00588060 | |
Source: | Code function: | 0_2_005E8298 | |
Source: | Code function: | 0_2_005BE4FF | |
Source: | Code function: | 0_2_005B676B | |
Source: | Code function: | 0_2_00614873 | |
Source: | Code function: | 0_2_0058CAF0 | |
Source: | Code function: | 0_2_005ACAA0 | |
Source: | Code function: | 0_2_0059CC39 | |
Source: | Code function: | 0_2_005B6DD9 | |
Source: | Code function: | 0_2_0059B119 | |
Source: | Code function: | 0_2_005891C0 | |
Source: | Code function: | 0_2_005A1394 | |
Source: | Code function: | 0_2_005A1706 | |
Source: | Code function: | 0_2_005A781B | |
Source: | Code function: | 0_2_0059997D | |
Source: | Code function: | 0_2_00587920 | |
Source: | Code function: | 0_2_005A19B0 | |
Source: | Code function: | 0_2_005A7A4A | |
Source: | Code function: | 0_2_005A1C77 | |
Source: | Code function: | 0_2_005A7CA7 | |
Source: | Code function: | 0_2_0060BE44 | |
Source: | Code function: | 0_2_005B9EEE | |
Source: | Code function: | 0_2_005A1F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_005F37B5 |
Source: | Code function: | 0_2_005E10BF | |
Source: | Code function: | 0_2_005E16C3 |
Source: | Code function: | 0_2_005F51CD |
Source: | Code function: | 0_2_0060A67C |
Source: | Code function: | 0_2_005F648E |
Source: | Code function: | 0_2_005842A2 |
Source: | Static PE information: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | Static file information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_005842DE |
Source: | Code function: | 0_2_005A0A89 |
Source: | Code function: | 0_2_0059F98E | |
Source: | Code function: | 0_2_00611C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-96355 |
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | Thread sleep count: | Jump to behavior |
Source: | Code function: | 0_2_005EDBBE | |
Source: | Code function: | 0_2_005F68EE | |
Source: | Code function: | 0_2_005F698F | |
Source: | Code function: | 0_2_005ED076 | |
Source: | Code function: | 0_2_005ED3A9 | |
Source: | Code function: | 0_2_005F9642 | |
Source: | Code function: | 0_2_005F979D | |
Source: | Code function: | 0_2_005F9B2B | |
Source: | Code function: | 0_2_005F5C97 |
Source: | Code function: | 0_2_005842DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_0-95206 |
Source: | Code function: | 0_2_005FEAA2 |
Source: | Code function: | 0_2_005B2622 |
Source: | Code function: | 0_2_005842DE |
Source: | Code function: | 0_2_005A4CE8 |
Source: | Code function: | 0_2_005E0B62 |
Source: | Code function: | 0_2_005B2622 | |
Source: | Code function: | 0_2_005A083F | |
Source: | Code function: | 0_2_005A09D5 | |
Source: | Code function: | 0_2_005A0C21 |
Source: | Code function: | 0_2_005E1201 |
Source: | Code function: | 0_2_005C2BA5 |
Source: | Code function: | 0_2_005EB226 |
Source: | Code function: | 0_2_006022DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_005E0B62 |
Source: | Code function: | 0_2_005E1663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_005A0698 |
Source: | Code function: | 0_2_005F8195 |
Source: | Code function: | 0_2_005DD27A |
Source: | Code function: | 0_2_005BBB6F |
Source: | Code function: | 0_2_005842DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00601204 | |
Source: | Code function: | 0_2_00601806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 31 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 31 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 12 Process Injection | 2 Valid Accounts | LSA Secrets | 221 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 22 Virtualization/Sandbox Evasion | Cached Domain Credentials | 22 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 12 Process Injection | Proc Filesystem | 11 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.186.110 | true | false | unknown | |
www3.l.google.com | 142.250.186.110 | true | false | unknown | |
play.google.com | 142.250.185.142 | true | false | unknown | |
www.google.com | 172.217.18.4 | true | false | unknown | |
youtube.com | 142.250.185.78 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.185.78 | youtube.com | United States | 15169 | GOOGLEUS | false | |
172.217.18.4 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.142 | play.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.186.142 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.110 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1520588 |
Start date and time: | 2024-09-27 16:16:08 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 12s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal60.evad.winEXE@29/32@12/9 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.99, 74.125.133.84, 216.58.206.46, 34.104.35.123, 142.250.185.67, 142.250.186.138, 142.250.74.202, 142.250.186.106, 142.250.184.202, 216.58.206.42, 142.250.186.42, 172.217.16.138, 142.250.186.74, 172.217.18.106, 142.250.186.170, 142.250.185.74, 216.58.212.170, 172.217.16.202, 142.250.181.234, 172.217.18.10, 216.58.206.74, 142.250.185.170, 142.250.185.106, 142.250.185.234, 142.250.185.202, 142.250.184.234, 142.250.185.138, 216.58.212.138, 93.184.221.240, 192.229.221.95, 142.250.185.195, 108.177.15.84, 172.217.16.206
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A1yn5d,A7fCU,AvtSve,CMcBD,E87wgc,EEDORb,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,Mlhmy,MpJwZc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,Ug7Xab,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZfAoz,_b,_tp,aC1iue,aW3pY,aurFic,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,ebZ3mb,f8Gu1e,fKUV3e,gJzDyc,gychg,hc6Ubd,inNHtf,iyZMqd,kWgXee,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,ovKuLd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xUdipf,xiZRqc,y5vRwf,yDVVkb,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 358292 |
Entropy (8bit): | 5.622523467644739 |
Encrypted: | false |
SSDEEP: | 3072:sy/lJpABa9hEP2iyjV5ygVLdh3YB4qyhLD6Crjyp3Sm5pnrjtuo0MpLEKusgI8sw:TyTNoygVWyhoDAMpL5gI8seqfhP3p+L |
MD5: | 14049A4F8FB34A2FA52A0358C72B2F2E |
SHA1: | 680985BDBE3FA830B31A9F02D40AFE925C12E70E |
SHA-256: | 56C112F31C6F61735FE5EBD188AD0928406F04454AFEC139297328D3EE6540B4 |
SHA-512: | 5637742A7E2936540D957BA8A09991478EF0D4C28A3DA92D5260C7D5DA7BFD20811AFA26C0B53DD88D4A536B3C40A21ACA3310EFC17508A1C806B76ACB320631 |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,EFQ78c,EIOG1e,GwYlN,I6YDgd,IZT63,K0PMbc,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,y5vRwf,zbML3c,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603951 |
Entropy (8bit): | 5.789948381047936 |
Encrypted: | false |
SSDEEP: | 3072:W0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAT:WlgNmwwdnOsF98oNGuQRAYqXsI1+ |
MD5: | A97373CC3F8795654F3C8C6B57066AE7 |
SHA1: | F7BECFDDE230EF537E8745B598DCED737C490C3C |
SHA-256: | A1B0568D555DC4B4AF4CC5A6C41E838B702816445C04FF002C8A13058387F311 |
SHA-512: | 47C76D26F4F9F206F93186800E06D3DBE1FDD0A1BA23FB9A3556390DE7F86C1FFB2C78FE307FB944C690475BFBAE9738C38233E00FDDFA9775A3B2030081D7F1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEQAz5EZnBR6fK6LIn1v8ILsATM3g/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 339369 |
Entropy (8bit): | 5.533022690974177 |
Encrypted: | false |
SSDEEP: | 3072:9hFx8tVGv15Iyr4t4s2GvgHVTYDh+rvVvurtVEWzcLmLyszIm8j2kzU:9NlvE+zTYDh+rvh8cLMijFg |
MD5: | FF16B667178352EFDF164CE3F16A8F55 |
SHA1: | E9B1BC661337502E31306B5E7AE37D93C0551455 |
SHA-256: | 625EC33FBA1BFF3734490AC15C8430CDB5850E9159B80F607E093BB73B7F243B |
SHA-512: | F197393CB05F94BCEDA0FE3176842E09CFCFC2348DE22C9815DD8369D5D333038E8F93F426994482E2E9731A859FA9B6B6062BAD4AA3BFD3C0730281C4CCADB9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A1yn5d,A7fCU,AvtSve,CMcBD,E87wgc,EEDORb,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,Mlhmy,MpJwZc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,Ug7Xab,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZfAoz,ZwDk9d,_b,_tp,aC1iue,aW3pY,aurFic,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,ebZ3mb,f8Gu1e,fKUV3e,gJzDyc,gychg,hc6Ubd,inNHtf,iyZMqd,kWgXee,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,ovKuLd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xUdipf,xiZRqc,y5vRwf,yDVVkb,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1416 |
Entropy (8bit): | 5.299417038163051 |
Encrypted: | false |
SSDEEP: | 24:kMYD7JqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7JopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | 6AEAE74D22F7C2D9658B057EA5D85069 |
SHA1: | 2F4644F53FB4E8EC4AFD49A31C55853F062D284C |
SHA-256: | EBFE7B5A1020808B9A02667ECC0E7E460643CBDE84F0B9C410C70A91C9726667 |
SHA-512: | C43F067D649CBC3091B9878715F718E47CD753C860EBEB20CD387C325640C2EF3CA9556D0689852CEF667C8E83BF42568BEF33C8A92BC07FDB91CB7EA608162D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A1yn5d,A7fCU,AvtSve,CMcBD,E87wgc,EEDORb,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,Mlhmy,MpJwZc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,Ug7Xab,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZfAoz,ZwDk9d,_b,_tp,aC1iue,aW3pY,aurFic,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,ebZ3mb,f8Gu1e,fKUV3e,gJzDyc,gychg,hc6Ubd,inNHtf,iyZMqd,kWgXee,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,ovKuLd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xUdipf,xiZRqc,y5vRwf,yDVVkb,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4070 |
Entropy (8bit): | 5.362700670482359 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLaQOw:lpT+qXW1PFcn7tGnyWY1TGb |
MD5: | ED368A20CB303C0E7C6A3E6E43C2E14F |
SHA1: | 429A5C538B45221F80405163D1F87912DD73C05A |
SHA-256: | 93BA77AD4B11E0A70C0D36576F0DF24E27F50001EA02BAA6D357E034532D97F2 |
SHA-512: | DE74BBADE910475DD245FFEFD4E1FD10137DE710B1C920D33BA52554911496E1339EF3C1F6D9D315CBC98A60ABE5687A3E7D8BEE483708E18D25722E794BDBE9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A1yn5d,A7fCU,AvtSve,CMcBD,E87wgc,EEDORb,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,Mlhmy,MpJwZc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,Ug7Xab,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZfAoz,_b,_tp,aC1iue,aW3pY,aurFic,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,ebZ3mb,f8Gu1e,fKUV3e,gJzDyc,gychg,hc6Ubd,inNHtf,iyZMqd,kWgXee,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,ovKuLd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xUdipf,xiZRqc,y5vRwf,yDVVkb,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A1yn5d,A7fCU,AvtSve,CMcBD,E87wgc,EEDORb,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,Mlhmy,MpJwZc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,Ug7Xab,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZfAoz,ZwDk9d,_b,_tp,aC1iue,aW3pY,aurFic,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,ebZ3mb,f8Gu1e,fKUV3e,gJzDyc,gychg,hc6Ubd,iAskyc,inNHtf,iyZMqd,kWgXee,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,ovKuLd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xUdipf,xiZRqc,y5vRwf,yDVVkb,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1652 |
Entropy (8bit): | 5.296387798840289 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlDQENrpB3stYCIgMxILNH/wf7DVTBpdQrw:o5fpB8iDwYlGw |
MD5: | F18EA2D35027D6173E2864B5863CB6E3 |
SHA1: | 1979174E786593DAFD2B23084F26332AB929216C |
SHA-256: | 547E151C2D842255451D651B749239B28DED9F803B524A77BD1E14D878BDAF58 |
SHA-512: | A031A439A99BCA557951A75234766033145E7D05E8453A4FE9BC0EA091E49BA59AF1479850D1E896B2D114575A80CCE111A787E7EEA9A7F288C78AD325436C18 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,NwH0H,OmgaI,gychg,w9hDv,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,ebZ3mb,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A1yn5d,A7fCU,AvtSve,CMcBD,E87wgc,EEDORb,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,Mlhmy,MpJwZc,NOeYWe,NTMZac,NwH0H,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,Ug7Xab,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZfAoz,ZwDk9d,_b,_tp,aC1iue,aW3pY,aurFic,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,ebZ3mb,f8Gu1e,fKUV3e,gJzDyc,gychg,hc6Ubd,iAskyc,inNHtf,iyZMqd,kWgXee,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,ovKuLd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xUdipf,xiZRqc,y5vRwf,yDVVkb,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
File type: | |
Entropy (8bit): | 7.036738891743053 |
TrID: |
|
File name: | file.exe |
File size: | 1'167'360 bytes |
MD5: | 93310c090c153920356cb59b7b182267 |
SHA1: | b1fc2e7d83715bd6ebe86d1f64e5352f205efee1 |
SHA256: | e51ec6e12421f0977f191817fc3f778ab1c9ddd6598732e0a9d8f2f1860889b5 |
SHA512: | 21f87659fca16bd085569506db558ce9a8c7d13654a4382da7f9605c4a7c81d8e06afa7f134d0ce5df5222fb2c51e6fa7e14db451c95443826f97f7917c1467f |
SSDEEP: | 24576:9qDEvCTbMWu7rQYlBQcBiT6rprG8ary2+b+HdiJUK:9TvC/MTQYxsWR7ary2+b+HoJU |
TLSH: | 8845CF027391C062FF9B92734F5AF6115BBC69260123E61F13981DBABE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66F6BCC4 [Fri Sep 27 14:10:12 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F348C7CA7F3h |
jmp 00007F348C7CA0FFh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F348C7CA2DDh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F348C7CA2AAh |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F348C7CCE9Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F348C7CCEE8h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F348C7CCED1h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x46464 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x11b000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x46464 | 0x46600 | e89e628e8f135da625882cdaf8299f87 | False | 0.9059794071936057 | data | 7.844920527792643 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x11b000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x3d72c | data | 1.0003416874592757 | ||
RT_GROUP_ICON | 0x119ee4 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0x119f5c | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0x119f70 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0x119f84 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0x119f98 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0x11a074 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 16:17:10.540220022 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:10.540254116 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:10.540328979 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:10.596524000 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:10.596539021 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.264609098 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.264780045 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.264789104 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.265342951 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.265408993 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.266361952 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.266418934 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.267729998 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.267818928 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.267936945 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.267945051 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.313218117 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.375591993 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Sep 27, 2024 16:17:11.553289890 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.554455996 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.554883003 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.560744047 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.78 |
Sep 27, 2024 16:17:11.560758114 CEST | 443 | 49732 | 142.250.185.78 | 192.168.2.4 |
Sep 27, 2024 16:17:11.603241920 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:11.603280067 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:11.603358984 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:11.603640079 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:11.603656054 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.276429892 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.295209885 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.295236111 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.295859098 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.296082973 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.296909094 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.297035933 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.298469067 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.298469067 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.298480988 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.298552990 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.344332933 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.344342947 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.391228914 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.597306967 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.597347021 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.597486973 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.597502947 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.598223925 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.599566936 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.600033998 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.600044012 CEST | 443 | 49736 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:12.600073099 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:12.600210905 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:14.667690992 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:14.667754889 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:14.667824984 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:14.668035030 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:14.668059111 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:15.354847908 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:15.355108023 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:15.355138063 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:15.356812000 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:15.356878996 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:15.357841015 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:15.357929945 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:15.412539959 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:15.412564993 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:15.453730106 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:15.519866943 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:15.519906044 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:15.520102024 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:15.522005081 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:15.522020102 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.229964972 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.230048895 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.233359098 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.233372927 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.233771086 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.274581909 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.280262947 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.323442936 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.498667955 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.498739004 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.498795033 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.498907089 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.498928070 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.498951912 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.498959064 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.537117958 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.537148952 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:16.537218094 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.537550926 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:16.537565947 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.249244928 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.249315023 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:17.251110077 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:17.251121044 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.251455069 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.252515078 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:17.295439959 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.542987108 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.543164968 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.543333054 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:17.544949055 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:17.544956923 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:17.544972897 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 16:17:17.544977903 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 16:17:20.586705923 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:20.586736917 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:20.586812019 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:20.587025881 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:20.587039948 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.232346058 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.232542038 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.232592106 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.233942032 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.234014034 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.236484051 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.236553907 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.237523079 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.237709045 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.237715006 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.237731934 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.282005072 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.282015085 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.328867912 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.564986944 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.565133095 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.565239906 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.565239906 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.565287113 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.565345049 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.571252108 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.571330070 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.571351051 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.574413061 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.574548006 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.574583054 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.574601889 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.574682951 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.581346989 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.581423998 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.586025000 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.586083889 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.586431026 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.586488962 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.671566010 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.671777010 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.671806097 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.671861887 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.671915054 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.671969891 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.672266006 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.672318935 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.672544956 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.672596931 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.673469067 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.673543930 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.677829981 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.677949905 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.677968979 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.686961889 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:21.687007904 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:21.687087059 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:21.687261105 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:21.687271118 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:21.688106060 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.688165903 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.688174009 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.699472904 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.699541092 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.699548006 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.699800014 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.699856043 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.706480026 CEST | 49758 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 16:17:21.706490040 CEST | 443 | 49758 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 16:17:21.718287945 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:21.718306065 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:21.718377113 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:21.718920946 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:21.718933105 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.409770012 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.410201073 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.410212040 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.410715103 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.410773993 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.411726952 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.411772966 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.413394928 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.413480043 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.413898945 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.413906097 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.455739021 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.455966949 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.455976009 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.456969976 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.457165003 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.457223892 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.459670067 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.459718943 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.464767933 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.464842081 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.465215921 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.465221882 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.520092964 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.708024979 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.708924055 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.708978891 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.709388971 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.709404945 CEST | 443 | 49761 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.719253063 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.719299078 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.719369888 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.739850998 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.739869118 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.772228003 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.772536039 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.772687912 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.838519096 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.838530064 CEST | 443 | 49762 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.839488029 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.839524031 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:22.839590073 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.840071917 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:22.840087891 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.495136023 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.495377064 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.495409012 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.495942116 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.496014118 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.496944904 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.496990919 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.497176886 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.497390985 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.497396946 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.497406006 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.497420073 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.504326105 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.504550934 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.504568100 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.505759001 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.505814075 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.508258104 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.508310080 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.508491039 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.508578062 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.508749962 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.508760929 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.508780003 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.549134016 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.549144983 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.549144983 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.549175978 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.594422102 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.712435007 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.713692904 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.713748932 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.715460062 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.715483904 CEST | 443 | 49767 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.736650944 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.737003088 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.737057924 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.738146067 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:23.738166094 CEST | 443 | 49766 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:23.835068941 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:23.879405022 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101388931 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101514101 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101588964 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:24.101603031 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101689100 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101845980 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101898909 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:24.101911068 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.101953983 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:24.101960897 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.102022886 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.103955030 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:24.105442047 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:17:24.105458975 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:17:24.852746964 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:24.852787018 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:24.852884054 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:24.853950024 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:24.853965998 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:25.550528049 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:25.550622940 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:25.553611040 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:25.553631067 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:25.553868055 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:25.595222950 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.388401031 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.388482094 CEST | 49723 | 80 | 192.168.2.4 | 2.16.100.168 |
Sep 27, 2024 16:17:26.394037008 CEST | 80 | 49723 | 2.16.100.168 | 192.168.2.4 |
Sep 27, 2024 16:17:26.394135952 CEST | 49723 | 80 | 192.168.2.4 | 2.16.100.168 |
Sep 27, 2024 16:17:26.435405016 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677553892 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677614927 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677635908 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677675009 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677675962 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.677711964 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677725077 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.677741051 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.677741051 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.677773952 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.678379059 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.678447008 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:26.678452969 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.678565979 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:26.678663969 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:27.337953091 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:27.337982893 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:27.338028908 CEST | 49773 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:17:27.338036060 CEST | 443 | 49773 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:17:28.769354105 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:28.769393921 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:28.769470930 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:28.769872904 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:28.769885063 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.402420998 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.402673006 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:29.402683020 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.403191090 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.403656960 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:29.403742075 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.403851986 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:29.403875113 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:29.403884888 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.724421024 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.725028992 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:29.725107908 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:29.726059914 CEST | 49779 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:29.726080894 CEST | 443 | 49779 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:51.943284035 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:51.943315983 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:51.943434954 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:51.943850994 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:51.943865061 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.099311113 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.099344015 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.099409103 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.099694014 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.099713087 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.584896088 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.585264921 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.585282087 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.585632086 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.585932016 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.585994005 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.586093903 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.586122036 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.586127043 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.784425974 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.784773111 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.784790993 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.786020994 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.786305904 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.786472082 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.786480904 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.786489964 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.786597013 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.830255985 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.885452986 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.886552095 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.886615992 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.886720896 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.886739016 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.889838934 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.889885902 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:52.889970064 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.890256882 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:52.890274048 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.109030962 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.109462023 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.109571934 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.109985113 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.110022068 CEST | 443 | 49782 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.613598108 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.614052057 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.614073038 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.614587069 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.615009069 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.615094900 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.615216017 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.615309000 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.615317106 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.833064079 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.833698034 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:17:53.833810091 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.834420919 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.142 |
Sep 27, 2024 16:17:53.834438086 CEST | 443 | 49783 | 142.250.185.142 | 192.168.2.4 |
Sep 27, 2024 16:18:03.790061951 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:03.790117025 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:03.790188074 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:03.790663004 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:03.790680885 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:04.889556885 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:04.889687061 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:04.895837069 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:04.895853043 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:04.896070004 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:04.909260035 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:04.955395937 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.163347006 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.163369894 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.163460970 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.163501978 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.163525105 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.163575888 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.164818048 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.164853096 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.164880037 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.164887905 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.164901018 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.164922953 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.164951086 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.174956083 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.174978018 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:05.174998999 CEST | 49784 | 443 | 192.168.2.4 | 52.165.165.26 |
Sep 27, 2024 16:18:05.175003052 CEST | 443 | 49784 | 52.165.165.26 | 192.168.2.4 |
Sep 27, 2024 16:18:10.079871893 CEST | 49724 | 80 | 192.168.2.4 | 88.221.110.91 |
Sep 27, 2024 16:18:10.085311890 CEST | 80 | 49724 | 88.221.110.91 | 192.168.2.4 |
Sep 27, 2024 16:18:10.085382938 CEST | 49724 | 80 | 192.168.2.4 | 88.221.110.91 |
Sep 27, 2024 16:18:14.723342896 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:14.723397970 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:14.723562956 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:14.724153996 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:14.724169970 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:15.682624102 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:15.682980061 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:15.683001995 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:15.684117079 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:15.684412956 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:15.684587002 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:15.735238075 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:21.981810093 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:21.981863022 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:21.981960058 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:21.982178926 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:21.982198000 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.655642986 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.655962944 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.655982018 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.656366110 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.656732082 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.656796932 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.656902075 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.656955004 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.656960964 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.806350946 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.806399107 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.806452990 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.806787014 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.806803942 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.959136009 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.960190058 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:22.960241079 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.960560083 CEST | 49788 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:22.960585117 CEST | 443 | 49788 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:23.955050945 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.001290083 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.020420074 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.020427942 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.021858931 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.026216984 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.026390076 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.026390076 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.026397943 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.026509047 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.079322100 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.838658094 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.838818073 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:24.838901997 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.839584112 CEST | 49789 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:24.839593887 CEST | 443 | 49789 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:25.496788979 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:25.496936083 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:25.497011900 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:38.853563070 CEST | 49786 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:18:38.853574038 CEST | 443 | 49786 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:18:52.460160971 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:52.460186005 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:52.460325956 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:52.464984894 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:52.464997053 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.093862057 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.094131947 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:53.094141960 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.094491959 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.094769955 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:53.094827890 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.096162081 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:53.096184015 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:53.096188068 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.399688005 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.399838924 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:53.399902105 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:53.400279045 CEST | 49791 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:53.400291920 CEST | 443 | 49791 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.097574949 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.097611904 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.097687960 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.098242998 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.098256111 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.753089905 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.753371000 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.753391981 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.753758907 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.754285097 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.754350901 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:55.754523039 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.754558086 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:55.754564047 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:56.053929090 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:56.054917097 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:18:56.054985046 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:56.055128098 CEST | 49792 | 443 | 192.168.2.4 | 142.250.186.142 |
Sep 27, 2024 16:18:56.055145979 CEST | 443 | 49792 | 142.250.186.142 | 192.168.2.4 |
Sep 27, 2024 16:19:14.783941031 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:19:14.783976078 CEST | 443 | 49793 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:19:14.784127951 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:19:14.784302950 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:19:14.784313917 CEST | 443 | 49793 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:19:15.530581951 CEST | 443 | 49793 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:19:15.532816887 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:19:15.532828093 CEST | 443 | 49793 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:19:15.533180952 CEST | 443 | 49793 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:19:15.538945913 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.4 |
Sep 27, 2024 16:19:15.539028883 CEST | 443 | 49793 | 172.217.18.4 | 192.168.2.4 |
Sep 27, 2024 16:19:15.579575062 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 16:17:10.327683926 CEST | 65453 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:10.328048944 CEST | 65256 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:10.335164070 CEST | 53 | 51137 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:10.335746050 CEST | 53 | 65453 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:10.337562084 CEST | 53 | 65256 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:10.339251995 CEST | 53 | 50802 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:11.567581892 CEST | 49921 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:11.568073988 CEST | 49451 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:11.579205990 CEST | 53 | 49921 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:11.580605984 CEST | 53 | 49451 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:11.635117054 CEST | 53 | 51288 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:14.657651901 CEST | 49734 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:14.657896996 CEST | 61474 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:14.666503906 CEST | 53 | 61474 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:14.667110920 CEST | 53 | 49734 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:17.397841930 CEST | 53 | 59644 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:20.563574076 CEST | 55660 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:20.563770056 CEST | 61551 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:20.570914984 CEST | 53 | 55660 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:20.572290897 CEST | 53 | 61551 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:21.304035902 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Sep 27, 2024 16:17:21.639689922 CEST | 65204 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:21.639856100 CEST | 53598 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:17:21.647495985 CEST | 53 | 53598 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:21.647584915 CEST | 53 | 65204 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:22.416233063 CEST | 53 | 55452 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:28.822037935 CEST | 53 | 50339 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:17:47.588002920 CEST | 53 | 57201 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:18:09.934010029 CEST | 53 | 50292 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:18:10.307060003 CEST | 53 | 53984 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:18:21.830254078 CEST | 53 | 54082 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:18:21.973083973 CEST | 59453 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:18:21.973232031 CEST | 57720 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 16:18:21.979852915 CEST | 53 | 57720 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:18:21.981303930 CEST | 53 | 59453 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 16:18:38.860852957 CEST | 53 | 63897 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 27, 2024 16:17:10.327683926 CEST | 192.168.2.4 | 1.1.1.1 | 0xd73c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 16:17:10.328048944 CEST | 192.168.2.4 | 1.1.1.1 | 0xd5ee | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 16:17:11.567581892 CEST | 192.168.2.4 | 1.1.1.1 | 0xfb25 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 16:17:11.568073988 CEST | 192.168.2.4 | 1.1.1.1 | 0x1089 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 16:17:14.657651901 CEST | 192.168.2.4 | 1.1.1.1 | 0x103c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 16:17:14.657896996 CEST | 192.168.2.4 | 1.1.1.1 | 0x1446 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 16:17:20.563574076 CEST | 192.168.2.4 | 1.1.1.1 | 0xe054 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 16:17:20.563770056 CEST | 192.168.2.4 | 1.1.1.1 | 0x32b2 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 16:17:21.639689922 CEST | 192.168.2.4 | 1.1.1.1 | 0xd2f0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 16:17:21.639856100 CEST | 192.168.2.4 | 1.1.1.1 | 0x9bef | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 16:18:21.973083973 CEST | 192.168.2.4 | 1.1.1.1 | 0x969f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 16:18:21.973232031 CEST | 192.168.2.4 | 1.1.1.1 | 0x9dc | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 27, 2024 16:17:10.335746050 CEST | 1.1.1.1 | 192.168.2.4 | 0xd73c | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:10.337562084 CEST | 1.1.1.1 | 192.168.2.4 | 0xd5ee | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.579205990 CEST | 1.1.1.1 | 192.168.2.4 | 0xfb25 | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.580605984 CEST | 1.1.1.1 | 192.168.2.4 | 0x1089 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:11.580605984 CEST | 1.1.1.1 | 192.168.2.4 | 0x1089 | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 16:17:14.666503906 CEST | 1.1.1.1 | 192.168.2.4 | 0x1446 | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 16:17:14.667110920 CEST | 1.1.1.1 | 192.168.2.4 | 0x103c | No error (0) | 172.217.18.4 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:20.570914984 CEST | 1.1.1.1 | 192.168.2.4 | 0xe054 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:20.570914984 CEST | 1.1.1.1 | 192.168.2.4 | 0xe054 | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:20.572290897 CEST | 1.1.1.1 | 192.168.2.4 | 0x32b2 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 16:17:21.647584915 CEST | 1.1.1.1 | 192.168.2.4 | 0xd2f0 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 16:18:21.981303930 CEST | 1.1.1.1 | 192.168.2.4 | 0x969f | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49732 | 142.250.185.78 | 443 | 7644 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 14:17:11 UTC | 851 | OUT | |
2024-09-27 14:17:11 UTC | 1919 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 142.250.186.110 | 443 | 7644 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 14:17:12 UTC | 894 | OUT | |
2024-09-27 14:17:12 UTC | 2530 | IN |