Windows
Analysis Report
https://08nns.mjt.lu/
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 5316 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7032 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2188 --fi eld-trial- handle=197 6,i,333642 6972963149 805,122869 6028566101 934,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6604 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://08nns .mjt.lu/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 216.58.206.68 | true | false |
| unknown |
08nns.mjt.lu | 35.241.186.140 | true | false |
| unknown |
googlecode.l.googleusercontent.com | 74.125.133.82 | true | false |
| unknown |
blank-css-template.googlecode.com | unknown | unknown | false |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown | |
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
74.125.133.82 | googlecode.l.googleusercontent.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.132 | unknown | United States | 15169 | GOOGLEUS | false | |
35.241.186.140 | 08nns.mjt.lu | United States | 15169 | GOOGLEUS | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.16 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1522586 |
Start date and time: | 2024-09-30 12:02:21 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 18s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://08nns.mjt.lu/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@17/8@10/7 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.185.174, 64.233.167.84, 34.104.35.123, 142.250.186.67, 142.250.185.110
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
Input | Output |
---|---|
URL: https://08nns.mjt.lu/ Model: jbxai | { "brand":["Mailjet"], "contains_trigger_text":true, "trigger_text":"See our Anti-spam Policy, Privacy Policy, and Terms of Use.", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":true, "has_visible_qrcode":false} |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.9843574941432207 |
Encrypted: | false |
SSDEEP: | 48:8fdQTUWjMHAOidAKZdA1FehwiZUklqeh2y+3:82bjN8By |
MD5: | 20FC6765AF0414129ABFA7A1E0D92829 |
SHA1: | 2CA2F635513CFFC1584C087402D63C5A15E1578B |
SHA-256: | 8D77B0CFD9B48B46B86ADA20BBB85359F9CABA4C8054781D9B85798F922BD3BA |
SHA-512: | 502E8E763C6998239782861D9151DB20A9D4D9169B9626A29704DB8C83D8DE5FC119921D08BCA517F1D4255B837E42FD7BB29C5C4F38F33E823E21018FFBB16A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.9998456173152657 |
Encrypted: | false |
SSDEEP: | 48:8IdQTUWjMHAOidAKZdA1seh/iZUkAQkqehxy+2:8nbjNy9QEy |
MD5: | F8B28E9A1A60453B4AC42C173A835E2C |
SHA1: | 86BD3284369CA976FAE471569897F8886FE66B1A |
SHA-256: | 295481C16A19C4EDCAFA6164335D71EA7E75CD65A75096DE155C1ADB4BB95F37 |
SHA-512: | D590B5D2349A9206201384E1982F6F8051912F9356CD869EA7BB7D6AC343DBEDDA5844CCB4097D85156870075EA462EC16D657F4E6E37E9D80706B058A4194A4 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.006751585557085 |
Encrypted: | false |
SSDEEP: | 48:8KdQTUWjAHAOidAKZdA14meh7sFiZUkmgqeh7sny+BX:8lbjpmndy |
MD5: | 1CAC26F6866C1AA9696B85FC3A6F2443 |
SHA1: | CD013BADFD795B81328027DFF874771B88EBDA07 |
SHA-256: | 282717C87FE722EB32DFD2D4FCBD0CAD6BF42B0B490C2E51B078B44220E60219 |
SHA-512: | 054E0886352FBB822CA451B4FCFA521D31739DBC948759424E5CBAD0DD8EF529D4929FED9F47AE7B07F9FBDDED3FE9C0566FECBD6423CBE8545AD377C2FBC156 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9993241910157726 |
Encrypted: | false |
SSDEEP: | 48:8NdQTUWjMHAOidAKZdA1TehDiZUkwqehFy+R:8QbjNpvy |
MD5: | 9678148B6C6CAEFEC616C48E7CF24878 |
SHA1: | C4E888B159C36842933F3B86D780C20B74B71012 |
SHA-256: | F78654F07D12621E734E3325E9609AF54F70C708F9BD66A52339A2DF2C096BE4 |
SHA-512: | 13EE467FB5F6548AA349CEE32B7727A0D658FBF2F5C117098FA4E5FFF75E7E909822492A1A40E9BF712BB62F5C32C292DF92C3D8F3DCBD631CBCB67309A69145 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.987025186840807 |
Encrypted: | false |
SSDEEP: | 48:8cKdQTUWjMHAOidAKZdA1dehBiZUk1W1qehTy+C:8clbjN59zy |
MD5: | 13C01A27191D0504A3F01C9EB1056D28 |
SHA1: | AA20479F7AE8EFBB9FF1DBA7585359E0FA81E014 |
SHA-256: | 95F59950345EB1C8ACF035BEED9F880032E925A574933A820A27E63E0CF1F59E |
SHA-512: | DF756257FEBDAF25734AAACE20715231C023639595FBA7955930FACC379EA1286D78541F122B0845A2407E4521E2CED32A122C1FEDC293B87D9E4FA938C3414F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.993737021765867 |
Encrypted: | false |
SSDEEP: | 48:8UdQTUWjMHAOidAKZdA1duTeehOuTbbiZUk5OjqehOuTbdy+yT+:87bjNBTfTbxWOvTbdy7T |
MD5: | 080A20BA4E599AAB76B12DE710E89D02 |
SHA1: | 7D0084C40FA967DB3F6214CBC5A6284B326BE27C |
SHA-256: | B57A591811D84E117B19809DF642A42F8575E743C21C799F8AAFAACE75F26428 |
SHA-512: | 5E3FFEA215A6B833D80E1E019FA205E3D54F7079E188715B9C4344D7F681BDD5DA91FA06FF61DC0A51C748E8367A6E8305003F14A4E2C7EF9A6D57EEC55CC763 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2533 |
Entropy (8bit): | 5.231934808572346 |
Encrypted: | false |
SSDEEP: | 48:zhQsppgwIE0d1nH8uPMTLl2xMApHZwOnnVeZ3:9n0d12fKMROnnVQ |
MD5: | F5F6D07D22B6073A65C5BA48E2AE86E9 |
SHA1: | 8B776F8EF735EA46020D8887DCC93108598A8C5F |
SHA-256: | ADE64D2E1DA33287F8B5E1103D0301D4A3B979912CB822CE6294FC4F24F14028 |
SHA-512: | 0C36A03B5F06D426E23C966C88B35C05F4CD382D0BB7E14BF28A07286FB5B2F8BF88E6CF58FA88ACE059318D56DDAFFB3E65560058E557C19508BB7760B43BBA |
Malicious: | false |
Reputation: | low |
URL: | https://08nns.mjt.lu/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 30, 2024 12:02:50.017941952 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.017977953 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.018049955 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.018284082 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.018316031 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.018394947 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.018579960 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.018594027 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.018851995 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.018865108 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.638036966 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.638365030 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.638386011 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.639419079 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.639499903 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.640579939 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.640645027 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.640777111 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.640784979 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.642288923 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.642493010 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.642510891 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.643984079 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.644068956 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.644824982 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.644911051 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.691324949 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.691340923 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.691344023 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.737396955 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.893332005 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.893356085 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.893419027 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.893424988 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.893488884 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.894179106 CEST | 49706 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:50.894202948 CEST | 443 | 49706 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:50.928596020 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:50.928638935 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:50.928739071 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:50.928994894 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:50.929008961 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.552403927 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.552696943 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.552735090 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.553817987 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.553900003 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.554809093 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.554872990 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.554974079 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.554981947 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.600301981 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.909101009 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.909159899 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.909225941 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.909229040 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.909301996 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.910113096 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.910171986 CEST | 443 | 49708 | 74.125.133.82 | 192.168.2.16 |
Sep 30, 2024 12:02:51.910207033 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.910228968 CEST | 49708 | 443 | 192.168.2.16 | 74.125.133.82 |
Sep 30, 2024 12:02:51.956929922 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.003407001 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.136841059 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.136940002 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.137012959 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.137459040 CEST | 49707 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.137471914 CEST | 443 | 49707 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.163935900 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.164042950 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.164237976 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.164335012 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.164364100 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.788887024 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.789227009 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.789269924 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.790268898 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.790339947 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.790627956 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.790693998 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.790797949 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.790812016 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:52.842325926 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:52.969947100 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:02:53.049369097 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:53.049444914 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:53.049674034 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:53.050129890 CEST | 49710 | 443 | 192.168.2.16 | 35.241.186.140 |
Sep 30, 2024 12:02:53.050158978 CEST | 443 | 49710 | 35.241.186.140 | 192.168.2.16 |
Sep 30, 2024 12:02:53.272326946 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:02:53.877401114 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:02:53.917941093 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:53.917973995 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:53.918065071 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:53.918272018 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:53.918286085 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:54.628876925 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:54.629142046 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:54.629158020 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:54.630126953 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:54.630203009 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:54.631273985 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:54.631333113 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:54.676382065 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:54.676393986 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:02:54.724318981 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:02:55.086294889 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:02:55.536868095 CEST | 49689 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:02:57.486581087 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:02:59.132169008 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:02:59.132211924 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:02:59.132319927 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:02:59.134095907 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:02:59.134119034 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:02:59.202421904 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:02:59.202472925 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:02:59.202589035 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:02:59.204056978 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:02:59.204067945 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:02:59.870626926 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:02:59.870764971 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:02:59.874053001 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:02:59.874068975 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:02:59.874505997 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:02:59.914251089 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:02:59.915658951 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:02:59.915760994 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:02:59.918291092 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:02:59.918299913 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:02:59.918554068 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:02:59.959394932 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:02:59.971136093 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.011400938 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.175220013 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.175293922 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.175355911 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.175441027 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.175462961 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.175477982 CEST | 49717 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.175483942 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.216278076 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.216305017 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.216387987 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.216736078 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.216747999 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.243949890 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.243976116 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.243983984 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244009018 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244024992 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244031906 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.244035959 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244056940 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244079113 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.244102955 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.244127989 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244177103 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.244188070 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244524956 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.244570017 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.257065058 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.257081985 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.257097960 CEST | 49716 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:00.257105112 CEST | 443 | 49716 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:00.853408098 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.853518963 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.854829073 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.854840994 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.855099916 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:00.856661081 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:00.899410963 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:01.130379915 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:01.130439997 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:01.130585909 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:01.131441116 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:01.131459951 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:01.131494045 CEST | 49718 | 443 | 192.168.2.16 | 184.28.90.27 |
Sep 30, 2024 12:03:01.131500006 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.16 |
Sep 30, 2024 12:03:01.137844086 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:01.439321041 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:02.047291040 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:02.287323952 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:03:03.260457039 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:04.459496975 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:03:04.459647894 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:03:04.459867001 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:03:05.388710022 CEST | 49712 | 443 | 192.168.2.16 | 216.58.206.68 |
Sep 30, 2024 12:03:05.388739109 CEST | 443 | 49712 | 216.58.206.68 | 192.168.2.16 |
Sep 30, 2024 12:03:05.609457016 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:05.673329115 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:05.912348032 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:06.519335032 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:07.732423067 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:10.140481949 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:10.476502895 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:11.897630930 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Sep 30, 2024 12:03:14.950347900 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:20.095320940 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Sep 30, 2024 12:03:24.558363914 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Sep 30, 2024 12:03:36.589077950 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:36.589103937 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:36.589267969 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:36.589742899 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:36.589754105 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.332537889 CEST | 49697 | 80 | 192.168.2.16 | 199.232.214.172 |
Sep 30, 2024 12:03:37.332675934 CEST | 49698 | 80 | 192.168.2.16 | 199.232.214.172 |
Sep 30, 2024 12:03:37.399894953 CEST | 80 | 49697 | 199.232.214.172 | 192.168.2.16 |
Sep 30, 2024 12:03:37.399936914 CEST | 80 | 49698 | 199.232.214.172 | 192.168.2.16 |
Sep 30, 2024 12:03:37.399986982 CEST | 49697 | 80 | 192.168.2.16 | 199.232.214.172 |
Sep 30, 2024 12:03:37.400039911 CEST | 49698 | 80 | 192.168.2.16 | 199.232.214.172 |
Sep 30, 2024 12:03:37.621560097 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.621674061 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.623358011 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.623368979 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.623706102 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.625255108 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.667429924 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.956188917 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.956212997 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.956268072 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.956305981 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.956321001 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.956372023 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.958039999 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.958089113 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.958112955 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.958127022 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.958138943 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.958304882 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.958354950 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.972316027 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.972328901 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:37.972351074 CEST | 49719 | 443 | 192.168.2.16 | 4.175.87.197 |
Sep 30, 2024 12:03:37.972362041 CEST | 443 | 49719 | 4.175.87.197 | 192.168.2.16 |
Sep 30, 2024 12:03:53.972735882 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:03:53.972760916 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:03:53.972855091 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:03:53.973084927 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:03:53.973098993 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:03:54.626214981 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:03:54.626647949 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:03:54.626662970 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:03:54.627801895 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:03:54.628130913 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:03:54.628299952 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:03:54.667501926 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:04:04.533989906 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:04:04.534133911 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:04:04.534276009 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:04:05.385485888 CEST | 49721 | 443 | 192.168.2.16 | 142.250.185.132 |
Sep 30, 2024 12:04:05.385514975 CEST | 443 | 49721 | 142.250.185.132 | 192.168.2.16 |
Sep 30, 2024 12:04:27.212800026 CEST | 49700 | 80 | 192.168.2.16 | 192.229.221.95 |
Sep 30, 2024 12:04:27.516638994 CEST | 49700 | 80 | 192.168.2.16 | 192.229.221.95 |
Sep 30, 2024 12:04:28.122612000 CEST | 49700 | 80 | 192.168.2.16 | 192.229.221.95 |
Sep 30, 2024 12:04:28.257409096 CEST | 80 | 49700 | 192.229.221.95 | 192.168.2.16 |
Sep 30, 2024 12:04:28.257420063 CEST | 80 | 49700 | 192.229.221.95 | 192.168.2.16 |
Sep 30, 2024 12:04:28.257427931 CEST | 80 | 49700 | 192.229.221.95 | 192.168.2.16 |
Sep 30, 2024 12:04:28.257653952 CEST | 49700 | 80 | 192.168.2.16 | 192.229.221.95 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 30, 2024 12:02:49.199096918 CEST | 53 | 60868 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:49.260998964 CEST | 53 | 53565 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:49.998275995 CEST | 56003 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:49.998707056 CEST | 49960 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:50.017024040 CEST | 53 | 56003 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:50.017255068 CEST | 53 | 49960 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:50.287959099 CEST | 53 | 60202 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:50.902533054 CEST | 58652 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:50.902717113 CEST | 52196 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:50.914843082 CEST | 53 | 58652 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:50.937968016 CEST | 53 | 52196 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:52.140882969 CEST | 64729 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:52.141052008 CEST | 52263 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:52.159914017 CEST | 53 | 64729 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:52.163573980 CEST | 53 | 52263 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:53.910290003 CEST | 57470 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:53.910418987 CEST | 56108 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:02:53.917095900 CEST | 53 | 57470 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:02:53.917222977 CEST | 53 | 56108 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:07.342700005 CEST | 53 | 61172 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:26.144877911 CEST | 53 | 50883 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:49.005690098 CEST | 53 | 61454 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:49.070455074 CEST | 53 | 61133 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:53.964432001 CEST | 56724 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:03:53.964582920 CEST | 50967 | 53 | 192.168.2.16 | 1.1.1.1 |
Sep 30, 2024 12:03:53.971520901 CEST | 53 | 56724 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:53.971956015 CEST | 53 | 50967 | 1.1.1.1 | 192.168.2.16 |
Sep 30, 2024 12:03:57.297719002 CEST | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
Sep 30, 2024 12:04:16.723953962 CEST | 53 | 59424 | 1.1.1.1 | 192.168.2.16 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Sep 30, 2024 12:02:50.938184977 CEST | 192.168.2.16 | 1.1.1.1 | c269 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 30, 2024 12:02:49.998275995 CEST | 192.168.2.16 | 1.1.1.1 | 0x287 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 30, 2024 12:02:49.998707056 CEST | 192.168.2.16 | 1.1.1.1 | 0x5a3e | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 30, 2024 12:02:50.902533054 CEST | 192.168.2.16 | 1.1.1.1 | 0x67a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 30, 2024 12:02:50.902717113 CEST | 192.168.2.16 | 1.1.1.1 | 0x5cdc | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 30, 2024 12:02:52.140882969 CEST | 192.168.2.16 | 1.1.1.1 | 0xb861 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 30, 2024 12:02:52.141052008 CEST | 192.168.2.16 | 1.1.1.1 | 0xd8 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 30, 2024 12:02:53.910290003 CEST | 192.168.2.16 | 1.1.1.1 | 0x1528 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 30, 2024 12:02:53.910418987 CEST | 192.168.2.16 | 1.1.1.1 | 0x4ee6 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 30, 2024 12:03:53.964432001 CEST | 192.168.2.16 | 1.1.1.1 | 0xdba2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 30, 2024 12:03:53.964582920 CEST | 192.168.2.16 | 1.1.1.1 | 0x9ebc | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 30, 2024 12:02:50.017024040 CEST | 1.1.1.1 | 192.168.2.16 | 0x287 | No error (0) | 35.241.186.140 | A (IP address) | IN (0x0001) | false | ||
Sep 30, 2024 12:02:50.914843082 CEST | 1.1.1.1 | 192.168.2.16 | 0x67a | No error (0) | googlecode.l.googleusercontent.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 30, 2024 12:02:50.914843082 CEST | 1.1.1.1 | 192.168.2.16 | 0x67a | No error (0) | 74.125.133.82 | A (IP address) | IN (0x0001) | false | ||
Sep 30, 2024 12:02:50.937968016 CEST | 1.1.1.1 | 192.168.2.16 | 0x5cdc | No error (0) | googlecode.l.googleusercontent.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 30, 2024 12:02:52.159914017 CEST | 1.1.1.1 | 192.168.2.16 | 0xb861 | No error (0) | 35.241.186.140 | A (IP address) | IN (0x0001) | false | ||
Sep 30, 2024 12:02:53.917095900 CEST | 1.1.1.1 | 192.168.2.16 | 0x1528 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Sep 30, 2024 12:02:53.917222977 CEST | 1.1.1.1 | 192.168.2.16 | 0x4ee6 | No error (0) | 65 | IN (0x0001) | false | |||
Sep 30, 2024 12:03:53.971520901 CEST | 1.1.1.1 | 192.168.2.16 | 0xdba2 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Sep 30, 2024 12:03:53.971956015 CEST | 1.1.1.1 | 192.168.2.16 | 0x9ebc | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49706 | 35.241.186.140 | 443 | 7032 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:02:50 UTC | 655 | OUT | |
2024-09-30 10:02:50 UTC | 88 | IN | |
2024-09-30 10:02:50 UTC | 2533 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49708 | 74.125.133.82 | 443 | 7032 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:02:51 UTC | 586 | OUT | |
2024-09-30 10:02:51 UTC | 231 | IN | |
2024-09-30 10:02:51 UTC | 1159 | IN | |
2024-09-30 10:02:51 UTC | 445 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.16 | 49707 | 35.241.186.140 | 443 | 7032 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:02:51 UTC | 580 | OUT | |
2024-09-30 10:02:52 UTC | 156 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49710 | 35.241.186.140 | 443 | 7032 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:02:52 UTC | 347 | OUT | |
2024-09-30 10:02:53 UTC | 156 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.16 | 49717 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:02:59 UTC | 161 | OUT | |
2024-09-30 10:03:00 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.16 | 49716 | 4.175.87.197 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:02:59 UTC | 306 | OUT | |
2024-09-30 10:03:00 UTC | 560 | IN | |
2024-09-30 10:03:00 UTC | 15824 | IN | |
2024-09-30 10:03:00 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.16 | 49718 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:03:00 UTC | 239 | OUT | |
2024-09-30 10:03:01 UTC | 514 | IN | |
2024-09-30 10:03:01 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.16 | 49719 | 4.175.87.197 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 10:03:37 UTC | 306 | OUT | |
2024-09-30 10:03:37 UTC | 560 | IN | |
2024-09-30 10:03:37 UTC | 15824 | IN | |
2024-09-30 10:03:37 UTC | 14181 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 06:02:47 |
Start date: | 30/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 06:02:48 |
Start date: | 30/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 06:02:49 |
Start date: | 30/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |