Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
- file.exe (PID: 6228 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 50ABA0AA8A80D890EF49C27A76476169) - chrome.exe (PID: 5552 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ap p="https:/ /youtube.c om/account ?=https:// accounts.g oogle.com/ v3/signin/ challenge/ pwd" --sta rt-fullscr een --no-f irst-run - -disable-s ession-cra shed-bubbl e --disabl e-features =CrashReco very MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 6836 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2104 --fi eld-trial- handle=203 2,i,793057 4530814096 516,144537 6464959715 5510,26214 4 --disabl e-features =CrashReco very /pref etch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 7876 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=54 44 --field -trial-han dle=2032,i ,793057453 0814096516 ,144537646 4959715551 0,262144 - -disable-f eatures=Cr ashRecover y /prefetc h:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 7884 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5552 --f ield-trial -handle=20 32,i,79305 7453081409 6516,14453 7646495971 55510,2621 44 --disab le-feature s=CrashRec overy /pre fetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00E1DBBE | |
Source: | Code function: | 0_2_00DEC2A2 | |
Source: | Code function: | 0_2_00E268EE | |
Source: | Code function: | 0_2_00E2698F | |
Source: | Code function: | 0_2_00E1D076 | |
Source: | Code function: | 0_2_00E1D3A9 | |
Source: | Code function: | 0_2_00E29642 | |
Source: | Code function: | 0_2_00E2979D | |
Source: | Code function: | 0_2_00E29B2B | |
Source: | Code function: | 0_2_00E25C97 |
Source: | TCP traffic: |
Source: | IP Address: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_00E2CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00E2EAFF |
Source: | Code function: | 0_2_00E2ED6A |
Source: | Code function: | 0_2_00E2EAFF |
Source: | Code function: | 0_2_00E1AA57 |
Source: | Code function: | 0_2_00E49576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_31c2c761-d | |
Source: | String found in binary or memory: | memstr_4f9f0417-f | |
Source: | String found in binary or memory: | memstr_e36d8b29-f | |
Source: | String found in binary or memory: | memstr_0ce4c107-3 |
Source: | Code function: | 0_2_00E1D5EB |
Source: | Code function: | 0_2_00E11201 |
Source: | Code function: | 0_2_00E1E8F6 |
Source: | Code function: | 0_2_00DBBF40 | |
Source: | Code function: | 0_2_00E22046 | |
Source: | Code function: | 0_2_00DB8060 | |
Source: | Code function: | 0_2_00E18298 | |
Source: | Code function: | 0_2_00DEE4FF | |
Source: | Code function: | 0_2_00DE676B | |
Source: | Code function: | 0_2_00E44873 | |
Source: | Code function: | 0_2_00DBCAF0 | |
Source: | Code function: | 0_2_00DDCAA0 | |
Source: | Code function: | 0_2_00DCCC39 | |
Source: | Code function: | 0_2_00DE6DD9 | |
Source: | Code function: | 0_2_00DB91C0 | |
Source: | Code function: | 0_2_00DCB119 | |
Source: | Code function: | 0_2_00DD1394 | |
Source: | Code function: | 0_2_00DD781B | |
Source: | Code function: | 0_2_00DC997D | |
Source: | Code function: | 0_2_00DB7920 | |
Source: | Code function: | 0_2_00DD7A4A | |
Source: | Code function: | 0_2_00DD7CA7 | |
Source: | Code function: | 0_2_00DE9EEE | |
Source: | Code function: | 0_2_00E3BE44 |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_00E237B5 |
Source: | Code function: | 0_2_00E110BF | |
Source: | Code function: | 0_2_00E116C3 |
Source: | Code function: | 0_2_00E251CD |
Source: | Code function: | 0_2_00E1D4DC |
Source: | Code function: | 0_2_00E2648E |
Source: | Code function: | 0_2_00DB42A2 |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_00DB42DE |
Source: | Code function: | 0_2_00DD0A89 |
Source: | Code function: | 0_2_00DCF98E | |
Source: | Code function: | 0_2_00E41C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-94252 |
Source: | API coverage: |
Source: | Code function: | 0_2_00E1DBBE | |
Source: | Code function: | 0_2_00DEC2A2 | |
Source: | Code function: | 0_2_00E268EE | |
Source: | Code function: | 0_2_00E2698F | |
Source: | Code function: | 0_2_00E1D076 | |
Source: | Code function: | 0_2_00E1D3A9 | |
Source: | Code function: | 0_2_00E29642 | |
Source: | Code function: | 0_2_00E2979D | |
Source: | Code function: | 0_2_00E29B2B | |
Source: | Code function: | 0_2_00E25C97 |
Source: | Code function: | 0_2_00DB42DE |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_00E2EAA2 |
Source: | Code function: | 0_2_00DE2622 |
Source: | Code function: | 0_2_00DB42DE |
Source: | Code function: | 0_2_00DD4CE8 |
Source: | Code function: | 0_2_00E10B62 |
Source: | Code function: | 0_2_00DE2622 | |
Source: | Code function: | 0_2_00DD083F | |
Source: | Code function: | 0_2_00DD09D5 | |
Source: | Code function: | 0_2_00DD0C21 |
Source: | Code function: | 0_2_00E11201 |
Source: | Code function: | 0_2_00DF2BA5 |
Source: | Code function: | 0_2_00E1B226 |
Source: | Code function: | 0_2_00E322DA |
Source: | Code function: | 0_2_00E10B62 |
Source: | Code function: | 0_2_00E11663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00DD0698 |
Source: | Code function: | 0_2_00E28195 |
Source: | Code function: | 0_2_00E0D27A |
Source: | Code function: | 0_2_00DEB952 |
Source: | Code function: | 0_2_00DB42DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00E31204 | |
Source: | Code function: | 0_2_00E31806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 2 Valid Accounts | LSA Secrets | 12 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Virtualization/Sandbox Evasion | Cached Domain Credentials | 1 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 3 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.185.238 | true | false | unknown | |
www3.l.google.com | 172.217.16.206 | true | false | unknown | |
play.google.com | 172.217.16.142 | true | false | unknown | |
www.google.com | 142.250.186.36 | true | false | unknown | |
youtube.com | 142.250.185.238 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown | |
198.187.3.20.in-addr.arpa | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.16.206 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.238 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.184.228 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.16.142 | play.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
192.168.2.6 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523034 |
Start date and time: | 2024-10-01 00:38:05 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 52s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal56.evad.winEXE@37/30@14/8 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.186.142, 66.102.1.84, 34.104.35.123, 142.250.186.35, 142.250.186.106, 142.250.186.42, 142.250.181.234, 142.250.184.202, 142.250.186.74, 172.217.16.202, 142.250.186.138, 142.250.186.170, 216.58.206.42, 216.58.206.74, 216.58.212.138, 172.217.18.106, 216.58.212.170, 172.217.16.138, 172.217.18.10, 172.217.23.106, 142.250.185.67, 142.250.184.234, 142.250.74.202, 142.250.185.202, 142.250.185.234, 192.229.221.95, 88.221.110.91, 64.233.167.84, 93.184.221.240, 142.250.185.110
- Excluded domains from analysis (whitelisted): clients1.google.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
1138de370e523e824bbca92d049a3777 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Snake Keylogger, VIP Keylogger | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | DCRat | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 697429 |
Entropy (8bit): | 5.593310312179182 |
Encrypted: | false |
SSDEEP: | 6144:TYNlxfbDTYDhzCTNoygVWyJb5eGpbL2Mp15gI8seqfh53p+rrvV7i:T25bDTYB+qeGB+Nu |
MD5: | 92F0F5E28355D863ACB77313F1E675DE |
SHA1: | 8AD6F9B535D5B8952A4ADCCC57E4A4E0723F1E8D |
SHA-256: | F903AE346609A2872554A3D8FFBDB1836CB5C8B7AAAED4C3F8296B887E03D833 |
SHA-512: | 0C81A6CD850C6ACDBE9CCCBA00BBA34CDE1E09E8572814AE8E55DBED3C2B56F0B020359841F8217843B3403847DF46FA1C82229684F762A73C8110CE45898DAF |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4070 |
Entropy (8bit): | 5.362700670482359 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLaQOw:lpT+qXW1PFcn7tGnyWY1TGb |
MD5: | ED368A20CB303C0E7C6A3E6E43C2E14F |
SHA1: | 429A5C538B45221F80405163D1F87912DD73C05A |
SHA-256: | 93BA77AD4B11E0A70C0D36576F0DF24E27F50001EA02BAA6D357E034532D97F2 |
SHA-512: | DE74BBADE910475DD245FFEFD4E1FD10137DE710B1C920D33BA52554911496E1339EF3C1F6D9D315CBC98A60ABE5687A3E7D8BEE483708E18D25722E794BDBE9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603951 |
Entropy (8bit): | 5.789948381047936 |
Encrypted: | false |
SSDEEP: | 3072:W0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAT:WlgNmwwdnOsF98oNGuQRAYqXsI1+ |
MD5: | A97373CC3F8795654F3C8C6B57066AE7 |
SHA1: | F7BECFDDE230EF537E8745B598DCED737C490C3C |
SHA-256: | A1B0568D555DC4B4AF4CC5A6C41E838B702816445C04FF002C8A13058387F311 |
SHA-512: | 47C76D26F4F9F206F93186800E06D3DBE1FDD0A1BA23FB9A3556390DE7F86C1FFB2C78FE307FB944C690475BFBAE9738C38233E00FDDFA9775A3B2030081D7F1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEQAz5EZnBR6fK6LIn1v8ILsATM3g/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.280977407061266 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlENrpB3stYCIgMxILNH/wf7DVTBpdQrw:oApB8iDwYlGw |
MD5: | 4FB66582D37D04933F00E49C2FBA34D4 |
SHA1: | 3DB09C53BBEB1EEB045A001356E498D8EF30915D |
SHA-256: | A97DAC01ABFE3EB75C7C97D504E21BDDDADDB6EBE0B56B6A9A10CD3700CAB41B |
SHA-512: | 2AEB3A6CFFBF6EFA626EBDC9E11ACBAC04BFE986F98FBC050B2501898B289C67D392ED195D16ACC9565EF8784401ADA1E88188CDE3A7AB12D98BB5ED7D8A5711 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.316515499943097 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DduJqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7DQJopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | D97AB4594FC610665FF2763A650EE6A8 |
SHA1: | 5C7459CA838D27BE45745571D8D96D156F4B9F8D |
SHA-256: | 767D778369623FD8F5FB98D3BCC3130D05D02CBE0B9B88DD226F43281B14E9AF |
SHA-512: | CE4941B41C3A8CC983C1BBCC87EF682823CB9DB24EA7A570E35BBF832046340D433F7D47211384B61FA38F3527CC35C195A6068CCB24B48E1F492C5B4D4192A1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
File type: | |
Entropy (8bit): | 6.579782426504288 |
TrID: |
|
File name: | file.exe |
File size: | 917'504 bytes |
MD5: | 50aba0aa8a80d890ef49c27a76476169 |
SHA1: | e3d112aeff03dc896e1836aa1c9cb680874e0aa6 |
SHA256: | fd740a847216805b96292d5f3030de5a5daf46203dc04b11bb3e8beba9fd363b |
SHA512: | d6cc6bedd0ee6ea654868bd1e00735a50de3b7428292a2d2433a9674c864b8a58f734a2514030379aa13013db39916b683cd30b204b98c2d77ef64cd4d43d8bf |
SSDEEP: | 12288:TqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaUTu:TqDEvCTbMWu7rQYlBQcBiT6rprG8a0u |
TLSH: | D5159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FB2806 [Mon Sep 30 22:36:54 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007FF9ECCE8A23h |
jmp 00007FF9ECCE832Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FF9ECCE850Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FF9ECCE84DAh |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007FF9ECCEB0CDh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007FF9ECCEB118h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007FF9ECCEB101h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x9590 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x9590 | 0x9600 | 7cccd64978c028c3a601732b12f204dc | False | 0.2852604166666667 | data | 5.167247015993855 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x858 | data | 1.0051498127340823 | ||
RT_GROUP_ICON | 0xdd010 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd088 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd09c | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd0b0 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd0c4 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd1a0 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 00:38:51.386344910 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:38:51.386344910 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:38:51.698857069 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:38:56.865798950 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:56.865817070 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:56.865863085 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:56.867460012 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:56.867474079 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.503067970 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.549375057 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.587277889 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.587289095 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.588135004 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.588187933 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.588804007 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.588848114 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.611488104 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.611566067 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.612147093 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.612160921 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.658821106 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.812194109 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.812767982 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.812841892 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.814810991 CEST | 49712 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.814829111 CEST | 443 | 49712 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.826550007 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.826596022 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:57.826658964 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.827030897 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:57.827044010 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.473912001 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.474312067 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.474328041 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.474716902 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.475023985 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.475436926 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.475506067 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.476685047 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.476685047 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.476703882 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.476746082 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.519731998 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.519748926 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.566832066 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.782377005 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.782392979 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.782550097 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.782560110 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.782867908 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.785692930 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.785703897 CEST | 443 | 49714 | 142.250.185.238 | 192.168.2.6 |
Oct 1, 2024 00:38:58.785815954 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:58.785870075 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.238 |
Oct 1, 2024 00:38:59.507635117 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:38:59.507678986 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:38:59.507755995 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:38:59.508292913 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:38:59.508306026 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.302191019 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.302278042 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.307949066 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.307965040 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.308233976 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.309933901 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.310007095 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.310009956 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.310167074 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.355416059 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.480281115 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.480489016 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.480549097 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.481395960 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.481405020 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:00.481420040 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:00.994792938 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:00.994792938 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:01.306159019 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:01.392187119 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:01.392221928 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:01.392278910 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:01.392447948 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:01.392457962 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:02.037475109 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:02.037664890 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:02.037687063 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:02.038661957 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:02.038989067 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:02.039659023 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:02.039715052 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:02.065994024 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.066023111 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.066083908 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.069611073 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.069645882 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.092885017 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:02.092907906 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:02.143224001 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:02.707968950 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.708035946 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.711090088 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.711096048 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.711323023 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.763269901 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.803400040 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.979105949 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.979159117 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.979206085 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.988811970 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:02.988892078 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:02.997771978 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.997786045 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:02.997797966 CEST | 49727 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:02.997802973 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.066983938 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.067008018 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.067073107 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.067378998 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.067394018 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.705180883 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.705293894 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.706743956 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.706751108 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.706983089 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.711317062 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.755404949 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.980823994 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.980878115 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.981002092 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.982374907 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.982392073 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:03.982434034 CEST | 49732 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 1, 2024 00:39:03.982439995 CEST | 443 | 49732 | 184.28.90.27 | 192.168.2.6 |
Oct 1, 2024 00:39:05.520736933 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:05.520766973 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:05.521020889 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:05.521339893 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:05.521349907 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.157242060 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.157483101 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.157497883 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.157903910 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.157958984 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.158638000 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.158688068 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.159813881 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.159883976 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.160053015 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.160060883 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.212860107 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.475730896 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.475800991 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.475928068 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.475946903 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.475970984 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.475997925 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.476006985 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.477202892 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.481908083 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.482115984 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.489337921 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.489372015 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.489406109 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.489415884 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.489559889 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.494568110 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.494748116 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.500443935 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.500502110 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.500544071 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.500597954 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.570499897 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.570600033 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.570746899 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.570815086 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.572609901 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.572729111 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.573565006 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.573635101 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.573647022 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.573698044 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.577740908 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.577791929 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.583657026 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.583720922 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.583735943 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.588982105 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:06.589014053 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:06.589999914 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.590106010 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.590107918 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:06.590114117 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.591056108 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:06.591065884 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:06.596723080 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.596846104 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.596924067 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.597842932 CEST | 49742 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:06.597856998 CEST | 443 | 49742 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:06.661108017 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:06.661153078 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:06.661212921 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:06.663727999 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:06.663743019 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.244082928 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.294775009 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.322206974 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.326129913 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.326137066 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.326649904 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.326662064 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.326718092 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.327349901 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.327414036 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.359241009 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.359271049 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.359548092 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.359637022 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.359783888 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.359839916 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.360410929 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.360421896 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.360502958 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.360572100 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.368597031 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.368675947 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.377208948 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.377217054 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.408291101 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.418692112 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.520195961 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:07.520239115 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:07.520325899 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:07.520919085 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:07.520931005 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:07.576061010 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.576683998 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.576777935 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.577269077 CEST | 49745 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.577291965 CEST | 443 | 49745 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.578229904 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.578267097 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.578335047 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.578649998 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.578661919 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.625335932 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.625972033 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.626043081 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.626472950 CEST | 49747 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.626492977 CEST | 443 | 49747 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.627255917 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.627299070 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:07.627371073 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.627665997 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:07.627681017 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.229034901 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.229459047 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.229481936 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.229854107 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.229916096 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.230649948 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.230712891 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.230849981 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.230912924 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.231206894 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.231206894 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.231215000 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.267082930 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.267348051 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.267365932 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.267779112 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.267837048 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.268518925 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.268579006 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.268713951 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.268776894 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.268877983 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.268884897 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.268903017 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.271416903 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.275765896 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.306029081 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.306098938 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.308326960 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.308336973 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.308568954 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.310236931 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.310301065 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.310307026 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.310652018 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.315396070 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.322395086 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.355417967 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.450705051 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.451805115 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.451867104 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.452469110 CEST | 49750 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.452490091 CEST | 443 | 49750 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.488260031 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.489550114 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.489609957 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.489669085 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.489679098 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.489727020 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.489924908 CEST | 49749 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:08.489939928 CEST | 443 | 49749 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:08.491199017 CEST | 49751 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:08.491210938 CEST | 443 | 49751 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:08.944869041 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:08.991398096 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215513945 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215574980 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215604067 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215615034 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:09.215636969 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215677023 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:09.215687037 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215765953 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:09.215826035 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:09.217442989 CEST | 49723 | 443 | 192.168.2.6 | 142.250.186.36 |
Oct 1, 2024 00:39:09.217463970 CEST | 443 | 49723 | 142.250.186.36 | 192.168.2.6 |
Oct 1, 2024 00:39:11.596198082 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:11.596234083 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:11.596301079 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:11.598747969 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:11.598759890 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.294011116 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.294127941 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.429816008 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.429852009 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.430227995 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.481849909 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.527844906 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.575411081 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.735560894 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:12.735630989 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:12.736200094 CEST | 49762 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:12.736247063 CEST | 443 | 49762 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:12.736315012 CEST | 49762 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:12.736567020 CEST | 49762 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:12.736582994 CEST | 443 | 49762 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:12.745956898 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:12.745969057 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752641916 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752662897 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752671003 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752693892 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752722025 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.752736092 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752744913 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752747059 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.752757072 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.752778053 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.752794981 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.763184071 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.763243914 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.763259888 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.763284922 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.763330936 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.764466047 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.764484882 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:12.764497042 CEST | 49759 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:12.764502048 CEST | 443 | 49759 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:13.329914093 CEST | 443 | 49762 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:13.329989910 CEST | 49762 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:14.698791027 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:14.698849916 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:14.698910952 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:14.705024958 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:14.705039978 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.102327108 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.102989912 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:16.103022099 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.103560925 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.103904009 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:16.103982925 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.104078054 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:16.104110956 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:16.104115009 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.420846939 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.421217918 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:16.421273947 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:16.422260046 CEST | 49764 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 1, 2024 00:39:16.422280073 CEST | 443 | 49764 | 172.217.16.142 | 192.168.2.6 |
Oct 1, 2024 00:39:19.585027933 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:19.585094929 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:19.585192919 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:19.585789919 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:19.585805893 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.495079041 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.495158911 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.500804901 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.500818014 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.501102924 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.503185987 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.503262997 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.503273010 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.503402948 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.551405907 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.680794001 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.681076050 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.681133986 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.681298018 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:20.681318045 CEST | 443 | 49765 | 40.113.110.67 | 192.168.2.6 |
Oct 1, 2024 00:39:20.681328058 CEST | 49765 | 443 | 192.168.2.6 | 40.113.110.67 |
Oct 1, 2024 00:39:26.238331079 CEST | 65082 | 53 | 192.168.2.6 | 162.159.36.2 |
Oct 1, 2024 00:39:26.243233919 CEST | 53 | 65082 | 162.159.36.2 | 192.168.2.6 |
Oct 1, 2024 00:39:26.243314028 CEST | 65082 | 53 | 192.168.2.6 | 162.159.36.2 |
Oct 1, 2024 00:39:26.248708010 CEST | 53 | 65082 | 162.159.36.2 | 192.168.2.6 |
Oct 1, 2024 00:39:26.709130049 CEST | 65082 | 53 | 192.168.2.6 | 162.159.36.2 |
Oct 1, 2024 00:39:26.714281082 CEST | 53 | 65082 | 162.159.36.2 | 192.168.2.6 |
Oct 1, 2024 00:39:26.714366913 CEST | 65082 | 53 | 192.168.2.6 | 162.159.36.2 |
Oct 1, 2024 00:39:26.932244062 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:26.932306051 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:26.932379007 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:26.932806969 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:26.932825089 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.733361959 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.733488083 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:27.735122919 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:27.735136986 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.735393047 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.743717909 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:27.787398100 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.974015951 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.974096060 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.974184990 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:27.974334955 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:27.974358082 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:27.974369049 CEST | 65083 | 443 | 192.168.2.6 | 20.3.187.198 |
Oct 1, 2024 00:39:27.974375010 CEST | 443 | 65083 | 20.3.187.198 | 192.168.2.6 |
Oct 1, 2024 00:39:28.012908936 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.012988091 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.013077974 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.013380051 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.013397932 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.704101086 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.704168081 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.705733061 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.705746889 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.706011057 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.706906080 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.747415066 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.884737015 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.884813070 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:28.884869099 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.884965897 CEST | 65084 | 443 | 192.168.2.6 | 52.165.165.26 |
Oct 1, 2024 00:39:28.884985924 CEST | 443 | 65084 | 52.165.165.26 | 192.168.2.6 |
Oct 1, 2024 00:39:29.951682091 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:29.951710939 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:29.951785088 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:29.952219963 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:29.952229023 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:30.717289925 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:30.717497110 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:30.719005108 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:30.719032049 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:30.719239950 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:30.720601082 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:30.763396978 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038443089 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038470030 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038486004 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038536072 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.038562059 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038600922 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.038644075 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.038813114 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038868904 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.038922071 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.042951107 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.042968035 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.042990923 CEST | 65085 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.042998075 CEST | 443 | 65085 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.153301001 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.153352022 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:31.153495073 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.153809071 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:31.153821945 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.040932894 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.041021109 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.042237043 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.042253971 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.042484999 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.044213057 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.091403008 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.363410950 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.363436937 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.363476992 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.363502026 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.363523006 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.363562107 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.363584042 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.364983082 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.365060091 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.365061998 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.365108967 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.365134954 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.365715027 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.365871906 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.365900040 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.365915060 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.365931034 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.365957022 CEST | 65086 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 1, 2024 00:39:32.365961075 CEST | 443 | 65086 | 4.245.163.56 | 192.168.2.6 |
Oct 1, 2024 00:39:32.493443966 CEST | 443 | 49762 | 173.222.162.64 | 192.168.2.6 |
Oct 1, 2024 00:39:32.493505001 CEST | 49762 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 1, 2024 00:39:36.941694975 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:36.941749096 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:36.941823959 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:36.942101002 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:36.942118883 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.090822935 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.090890884 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.090993881 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.091314077 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.091325045 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.570092916 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.570394039 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.570415020 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.570728064 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.571027994 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.571084023 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.571190119 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.571202993 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.571218967 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.710913897 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.710933924 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.711004972 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.711293936 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.711308002 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.722192049 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.722492933 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.722508907 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.722894907 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.723242044 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.723306894 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.723428965 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.723450899 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.723506927 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.869102955 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.870187044 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.870279074 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.870474100 CEST | 65087 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.870490074 CEST | 443 | 65087 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.938355923 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.938865900 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:37.938946962 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.939306021 CEST | 65088 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:37.939321041 CEST | 443 | 65088 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.292346001 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:38.292462111 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:38.292565107 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:38.293275118 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:38.293311119 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:38.349119902 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.349456072 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:38.349472046 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.349874973 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.350162983 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:38.350235939 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.350332022 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:38.350351095 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:38.350363970 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.569411993 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.569722891 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:38.569782019 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:38.569941044 CEST | 65089 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:39:38.569958925 CEST | 443 | 65089 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:39:39.108596087 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.108690023 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.110444069 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.110470057 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.110707045 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.112159014 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.112215042 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.112243891 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.112375975 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.159398079 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.283287048 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.283402920 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:39:39.283468962 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.345685959 CEST | 65090 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:39:39.345716953 CEST | 443 | 65090 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:01.475984097 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:01.476031065 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:01.476116896 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:01.484162092 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:01.484175920 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:02.118705988 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:02.119065046 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:02.119090080 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:02.119431019 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:02.119748116 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:02.119822025 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:02.128084898 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.128113031 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:02.128199100 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.128787994 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.128806114 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:02.166141033 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:02.909877062 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:02.909965038 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.911744118 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.911758900 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:02.912005901 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:02.914177895 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.914177895 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.914197922 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:02.914347887 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:02.959395885 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:03.088661909 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:03.088854074 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:03.088978052 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:03.089133978 CEST | 65093 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:03.089150906 CEST | 443 | 65093 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:07.716029882 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:07.716075897 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:07.716142893 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:07.716687918 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:07.716706038 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:07.840720892 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:07.840771914 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:07.840846062 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:07.841162920 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:07.841176033 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.359702110 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.359966040 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.359987020 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.360393047 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.361007929 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.361100912 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.361177921 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.361196995 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.361257076 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.478533030 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.478904963 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.478923082 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.479285955 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.479895115 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.479958057 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.480053902 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.480067015 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.480077028 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.663680077 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.664417982 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.664499044 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.664808035 CEST | 65096 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.664859056 CEST | 443 | 65096 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.783194065 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.784226894 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:08.784291029 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.784387112 CEST | 65097 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:08.784415960 CEST | 443 | 65097 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:12.037664890 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:12.037733078 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:12.037775993 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:18.963325977 CEST | 65092 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 1, 2024 00:40:18.963366032 CEST | 443 | 65092 | 142.250.184.228 | 192.168.2.6 |
Oct 1, 2024 00:40:34.768708944 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:34.768752098 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:34.768846035 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:34.769485950 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:34.769499063 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.551378012 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.551461935 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.555322886 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.555334091 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.555605888 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.557615042 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.557698011 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.557703018 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.557849884 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.603413105 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.728847980 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.729028940 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:35.729115963 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.729646921 CEST | 65100 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 1, 2024 00:40:35.729674101 CEST | 443 | 65100 | 40.115.3.253 | 192.168.2.6 |
Oct 1, 2024 00:40:38.312830925 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.312886000 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.312962055 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.313055038 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.313064098 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.313111067 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.313286066 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.313297987 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.313436985 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.313443899 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.942612886 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.943085909 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.943118095 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.943538904 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.943718910 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.943835020 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.943900108 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.943969965 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.943979025 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.944130898 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.944147110 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.944155931 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.944633007 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.944901943 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.944967031 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:38.944993019 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.945031881 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:38.945040941 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:39.207122087 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:39.207263947 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:39.207329988 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:39.207786083 CEST | 65101 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:39.207803965 CEST | 443 | 65101 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:39.242428064 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:39.242813110 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:40:39.242906094 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:39.243050098 CEST | 65102 | 443 | 192.168.2.6 | 172.217.16.206 |
Oct 1, 2024 00:40:39.243067026 CEST | 443 | 65102 | 172.217.16.206 | 192.168.2.6 |
Oct 1, 2024 00:41:01.520482063 CEST | 65103 | 443 | 192.168.2.6 | 142.250.185.132 |
Oct 1, 2024 00:41:01.520524025 CEST | 443 | 65103 | 142.250.185.132 | 192.168.2.6 |
Oct 1, 2024 00:41:01.520608902 CEST | 65103 | 443 | 192.168.2.6 | 142.250.185.132 |
Oct 1, 2024 00:41:01.520901918 CEST | 65103 | 443 | 192.168.2.6 | 142.250.185.132 |
Oct 1, 2024 00:41:01.520912886 CEST | 443 | 65103 | 142.250.185.132 | 192.168.2.6 |
Oct 1, 2024 00:41:02.158684969 CEST | 443 | 65103 | 142.250.185.132 | 192.168.2.6 |
Oct 1, 2024 00:41:02.212719917 CEST | 65103 | 443 | 192.168.2.6 | 142.250.185.132 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 00:38:56.741986990 CEST | 54215 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:38:56.742110968 CEST | 57573 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:38:56.750277996 CEST | 53 | 59023 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:38:56.750441074 CEST | 53 | 54215 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:38:56.751630068 CEST | 53 | 57573 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:38:56.839469910 CEST | 53 | 55143 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:38:57.819016933 CEST | 65076 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:38:57.819180012 CEST | 65348 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:38:57.825865984 CEST | 53 | 65348 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:38:57.825879097 CEST | 53 | 65076 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:38:57.885138035 CEST | 53 | 53752 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:01.383759022 CEST | 59242 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:01.383892059 CEST | 57936 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:01.390444040 CEST | 53 | 59242 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:01.390650988 CEST | 53 | 57936 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:01.564065933 CEST | 53 | 56626 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:03.013132095 CEST | 53 | 54866 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:05.512748957 CEST | 58182 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:05.512985945 CEST | 54784 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:05.519844055 CEST | 53 | 58182 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:05.519951105 CEST | 53 | 54784 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:06.578556061 CEST | 56298 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:06.578713894 CEST | 59349 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:06.587083101 CEST | 53 | 56298 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:06.587357998 CEST | 53 | 59349 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:14.943376064 CEST | 53 | 64324 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:26.237538099 CEST | 53 | 52890 | 162.159.36.2 | 192.168.2.6 |
Oct 1, 2024 00:39:26.792673111 CEST | 59566 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:26.799649000 CEST | 53 | 59566 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:39:36.907588959 CEST | 53064 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:39:36.914195061 CEST | 53 | 53064 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:40:01.451545000 CEST | 50295 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:40:01.459719896 CEST | 53 | 50295 | 1.1.1.1 | 192.168.2.6 |
Oct 1, 2024 00:41:01.511082888 CEST | 58172 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 1, 2024 00:41:01.519368887 CEST | 53 | 58172 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 1, 2024 00:38:56.741986990 CEST | 192.168.2.6 | 1.1.1.1 | 0xae40 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:38:56.742110968 CEST | 192.168.2.6 | 1.1.1.1 | 0xadc5 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:38:57.819016933 CEST | 192.168.2.6 | 1.1.1.1 | 0xb973 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:38:57.819180012 CEST | 192.168.2.6 | 1.1.1.1 | 0x91f | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:39:01.383759022 CEST | 192.168.2.6 | 1.1.1.1 | 0x3350 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:39:01.383892059 CEST | 192.168.2.6 | 1.1.1.1 | 0x8b48 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:39:05.512748957 CEST | 192.168.2.6 | 1.1.1.1 | 0xc89b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:39:05.512985945 CEST | 192.168.2.6 | 1.1.1.1 | 0x2ca4 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:39:06.578556061 CEST | 192.168.2.6 | 1.1.1.1 | 0x9293 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:39:06.578713894 CEST | 192.168.2.6 | 1.1.1.1 | 0x6629 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:39:26.792673111 CEST | 192.168.2.6 | 1.1.1.1 | 0xb745 | Standard query (0) | PTR (Pointer record) | IN (0x0001) | false | |
Oct 1, 2024 00:39:36.907588959 CEST | 192.168.2.6 | 1.1.1.1 | 0x8097 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:40:01.451545000 CEST | 192.168.2.6 | 1.1.1.1 | 0x5754 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:41:01.511082888 CEST | 192.168.2.6 | 1.1.1.1 | 0xe4ab | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 1, 2024 00:38:56.750441074 CEST | 1.1.1.1 | 192.168.2.6 | 0xae40 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:56.751630068 CEST | 1.1.1.1 | 192.168.2.6 | 0xadc5 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 00:38:57.825865984 CEST | 1.1.1.1 | 192.168.2.6 | 0x91f | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825865984 CEST | 1.1.1.1 | 192.168.2.6 | 0x91f | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:38:57.825879097 CEST | 1.1.1.1 | 192.168.2.6 | 0xb973 | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:39:01.390444040 CEST | 1.1.1.1 | 192.168.2.6 | 0x3350 | No error (0) | 142.250.186.36 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:39:01.390650988 CEST | 1.1.1.1 | 192.168.2.6 | 0x8b48 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 00:39:05.519844055 CEST | 1.1.1.1 | 192.168.2.6 | 0xc89b | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:39:05.519844055 CEST | 1.1.1.1 | 192.168.2.6 | 0xc89b | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:39:05.519951105 CEST | 1.1.1.1 | 192.168.2.6 | 0x2ca4 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:39:06.587083101 CEST | 1.1.1.1 | 192.168.2.6 | 0x9293 | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:39:26.799649000 CEST | 1.1.1.1 | 192.168.2.6 | 0xb745 | Name error (3) | none | none | PTR (Pointer record) | IN (0x0001) | false | |
Oct 1, 2024 00:39:36.914195061 CEST | 1.1.1.1 | 192.168.2.6 | 0x8097 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:40:01.459719896 CEST | 1.1.1.1 | 192.168.2.6 | 0x5754 | No error (0) | 142.250.184.228 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:41:01.519368887 CEST | 1.1.1.1 | 192.168.2.6 | 0xe4ab | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.6 | 49712 | 142.250.185.238 | 443 | 6836 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 22:38:57 UTC | 839 | OUT | |
2024-09-30 22:38:57 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49714 | 142.250.185.238 | 443 | 6836 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 22:38:58 UTC | 857 | OUT | |
2024-09-30 22:38:58 UTC | 2634 | IN |