Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 6916 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 67684FD9387321AABD2378BFADE0D6DB) - chrome.exe (PID: 6964 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ap p="https:/ /youtube.c om/account ?=https:// accounts.g oogle.com/ v3/signin/ challenge/ pwd" --sta rt-fullscr een --no-f irst-run - -disable-s ession-cra shed-bubbl e --disabl e-features =CrashReco very MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4632 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2084 --fi eld-trial- handle=204 4,i,183159 3705546742 0386,53020 9961681002 181,262144 --disable -features= CrashRecov ery /prefe tch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7884 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=52 92 --field -trial-han dle=2044,i ,183159370 5546742038 6,53020996 1681002181 ,262144 -- disable-fe atures=Cra shRecovery /prefetch :8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7892 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5420 --f ield-trial -handle=20 44,i,18315 9370554674 20386,5302 0996168100 2181,26214 4 --disabl e-features =CrashReco very /pref etch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0045DBBE | |
Source: | Code function: | 0_2_004668EE | |
Source: | Code function: | 0_2_0046698F | |
Source: | Code function: | 0_2_0045D076 | |
Source: | Code function: | 0_2_0045D3A9 | |
Source: | Code function: | 0_2_00469642 | |
Source: | Code function: | 0_2_0046979D | |
Source: | Code function: | 0_2_00469B2B | |
Source: | Code function: | 0_2_00465C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_0046CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0046EAFF |
Source: | Code function: | 0_2_0046ED6A |
Source: | Code function: | 0_2_0046EAFF |
Source: | Code function: | 0_2_0045AA57 |
Source: | Code function: | 0_2_00489576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_f733eef4-e | |
Source: | String found in binary or memory: | memstr_72654691-7 | |
Source: | String found in binary or memory: | memstr_d7a0685e-1 | |
Source: | String found in binary or memory: | memstr_7d5251f6-e |
Source: | Code function: | 0_2_0045D5EB |
Source: | Code function: | 0_2_00451201 |
Source: | Code function: | 0_2_0045E8F6 |
Source: | Code function: | 0_2_003FBF40 | |
Source: | Code function: | 0_2_00462046 | |
Source: | Code function: | 0_2_003F8060 | |
Source: | Code function: | 0_2_00458298 | |
Source: | Code function: | 0_2_0042E4FF | |
Source: | Code function: | 0_2_0042676B | |
Source: | Code function: | 0_2_00484873 | |
Source: | Code function: | 0_2_003FCAF0 | |
Source: | Code function: | 0_2_0041CAA0 | |
Source: | Code function: | 0_2_0040CC39 | |
Source: | Code function: | 0_2_00426DD9 | |
Source: | Code function: | 0_2_0040B119 | |
Source: | Code function: | 0_2_003F91C0 | |
Source: | Code function: | 0_2_00411394 | |
Source: | Code function: | 0_2_00411706 | |
Source: | Code function: | 0_2_0041781B | |
Source: | Code function: | 0_2_003F7920 | |
Source: | Code function: | 0_2_0040997D | |
Source: | Code function: | 0_2_004119B0 | |
Source: | Code function: | 0_2_00417A4A | |
Source: | Code function: | 0_2_00411C77 | |
Source: | Code function: | 0_2_00443CD2 | |
Source: | Code function: | 0_2_00417CA7 | |
Source: | Code function: | 0_2_0047BE44 | |
Source: | Code function: | 0_2_00429EEE | |
Source: | Code function: | 0_2_00411F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_004637B5 |
Source: | Code function: | 0_2_004510BF | |
Source: | Code function: | 0_2_004516C3 |
Source: | Code function: | 0_2_004651CD |
Source: | Code function: | 0_2_0045D4DC |
Source: | Code function: | 0_2_0046648E |
Source: | Code function: | 0_2_003F42A2 |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_003F42DE |
Source: | Code function: | 0_2_00410A89 |
Source: | Code function: | 0_2_0040F98E | |
Source: | Code function: | 0_2_00481C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-94939 |
Source: | API coverage: |
Source: | Code function: | 0_2_0045DBBE | |
Source: | Code function: | 0_2_004668EE | |
Source: | Code function: | 0_2_0046698F | |
Source: | Code function: | 0_2_0045D076 | |
Source: | Code function: | 0_2_0045D3A9 | |
Source: | Code function: | 0_2_00469642 | |
Source: | Code function: | 0_2_0046979D | |
Source: | Code function: | 0_2_00469B2B | |
Source: | Code function: | 0_2_00465C97 |
Source: | Code function: | 0_2_003F42DE |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_0046EAA2 |
Source: | Code function: | 0_2_00422622 |
Source: | Code function: | 0_2_003F42DE |
Source: | Code function: | 0_2_00414CE8 |
Source: | Code function: | 0_2_00450B62 |
Source: | Code function: | 0_2_00422622 | |
Source: | Code function: | 0_2_0041083F | |
Source: | Code function: | 0_2_004109D5 | |
Source: | Code function: | 0_2_00410C21 |
Source: | Code function: | 0_2_00451201 |
Source: | Code function: | 0_2_00432BA5 |
Source: | Code function: | 0_2_0045B226 |
Source: | Code function: | 0_2_004722DA |
Source: | Code function: | 0_2_00450B62 |
Source: | Code function: | 0_2_00451663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00410698 |
Source: | Code function: | 0_2_00468195 |
Source: | Code function: | 0_2_0044D27A |
Source: | Code function: | 0_2_0042BB6F |
Source: | Code function: | 0_2_003F42DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00471204 | |
Source: | Code function: | 0_2_00471806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 2 Valid Accounts | LSA Secrets | 12 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Virtualization/Sandbox Evasion | Cached Domain Credentials | 1 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 3 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
13% | ReversingLabs | |||
19% | Virustotal | Browse | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.185.174 | true | false |
| unknown |
www3.l.google.com | 172.217.16.206 | true | false |
| unknown |
play.google.com | 172.217.18.110 | true | false |
| unknown |
www.google.com | 142.250.185.132 | true | false |
| unknown |
youtube.com | 142.250.186.78 | true | false |
| unknown |
accounts.youtube.com | unknown | unknown | false |
| unknown |
www.youtube.com | unknown | unknown | false |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.68 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.78 | youtube.com | United States | 15169 | GOOGLEUS | false | |
172.217.16.206 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.174 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.206 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.18.110 | play.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523109 |
Start date and time: | 2024-10-01 05:15:08 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 35s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal64.evad.winEXE@31/30@14/10 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.227, 216.58.212.142, 142.251.168.84, 34.104.35.123, 142.250.185.195, 142.250.186.99, 142.250.186.74, 172.217.16.138, 142.250.185.74, 172.217.18.106, 142.250.186.42, 142.250.186.170, 216.58.206.74, 172.217.23.106, 142.250.185.106, 142.250.185.138, 216.58.206.42, 142.250.186.138, 172.217.18.10, 142.250.186.106, 142.250.185.170, 172.217.16.202, 142.250.181.234, 142.250.185.234, 142.250.184.234, 142.250.185.202, 142.250.184.202, 199.232.210.172, 192.229.221.95, 172.217.18.99, 173.194.76.84, 216.58.206.46
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 697429 |
Entropy (8bit): | 5.593310312179182 |
Encrypted: | false |
SSDEEP: | 6144:TYNlxfbDTYDhzCTNoygVWyJb5eGpbL2Mp15gI8seqfh53p+rrvV7i:T25bDTYB+qeGB+Nu |
MD5: | 92F0F5E28355D863ACB77313F1E675DE |
SHA1: | 8AD6F9B535D5B8952A4ADCCC57E4A4E0723F1E8D |
SHA-256: | F903AE346609A2872554A3D8FFBDB1836CB5C8B7AAAED4C3F8296B887E03D833 |
SHA-512: | 0C81A6CD850C6ACDBE9CCCBA00BBA34CDE1E09E8572814AE8E55DBED3C2B56F0B020359841F8217843B3403847DF46FA1C82229684F762A73C8110CE45898DAF |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4070 |
Entropy (8bit): | 5.362700670482359 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLaQOw:lpT+qXW1PFcn7tGnyWY1TGb |
MD5: | ED368A20CB303C0E7C6A3E6E43C2E14F |
SHA1: | 429A5C538B45221F80405163D1F87912DD73C05A |
SHA-256: | 93BA77AD4B11E0A70C0D36576F0DF24E27F50001EA02BAA6D357E034532D97F2 |
SHA-512: | DE74BBADE910475DD245FFEFD4E1FD10137DE710B1C920D33BA52554911496E1339EF3C1F6D9D315CBC98A60ABE5687A3E7D8BEE483708E18D25722E794BDBE9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603951 |
Entropy (8bit): | 5.789948381047936 |
Encrypted: | false |
SSDEEP: | 3072:W0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAT:WlgNmwwdnOsF98oNGuQRAYqXsI1+ |
MD5: | A97373CC3F8795654F3C8C6B57066AE7 |
SHA1: | F7BECFDDE230EF537E8745B598DCED737C490C3C |
SHA-256: | A1B0568D555DC4B4AF4CC5A6C41E838B702816445C04FF002C8A13058387F311 |
SHA-512: | 47C76D26F4F9F206F93186800E06D3DBE1FDD0A1BA23FB9A3556390DE7F86C1FFB2C78FE307FB944C690475BFBAE9738C38233E00FDDFA9775A3B2030081D7F1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEQAz5EZnBR6fK6LIn1v8ILsATM3g/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.280977407061266 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlENrpB3stYCIgMxILNH/wf7DVTBpdQrw:oApB8iDwYlGw |
MD5: | 4FB66582D37D04933F00E49C2FBA34D4 |
SHA1: | 3DB09C53BBEB1EEB045A001356E498D8EF30915D |
SHA-256: | A97DAC01ABFE3EB75C7C97D504E21BDDDADDB6EBE0B56B6A9A10CD3700CAB41B |
SHA-512: | 2AEB3A6CFFBF6EFA626EBDC9E11ACBAC04BFE986F98FBC050B2501898B289C67D392ED195D16ACC9565EF8784401ADA1E88188CDE3A7AB12D98BB5ED7D8A5711 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.316515499943097 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DduJqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7DQJopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | D97AB4594FC610665FF2763A650EE6A8 |
SHA1: | 5C7459CA838D27BE45745571D8D96D156F4B9F8D |
SHA-256: | 767D778369623FD8F5FB98D3BCC3130D05D02CBE0B9B88DD226F43281B14E9AF |
SHA-512: | CE4941B41C3A8CC983C1BBCC87EF682823CB9DB24EA7A570E35BBF832046340D433F7D47211384B61FA38F3527CC35C195A6068CCB24B48E1F492C5B4D4192A1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
File type: | |
Entropy (8bit): | 6.579777182525865 |
TrID: |
|
File name: | file.exe |
File size: | 917'504 bytes |
MD5: | 67684fd9387321aabd2378bfade0d6db |
SHA1: | ba8f565089f33037f2043cb10330f7e7244fa88b |
SHA256: | 5fe8904fa8fa7093dc5628e159812466ae91ee695f61b5ac587fcd05ca7a0de2 |
SHA512: | c0410199db6629ddee4e0bcdc3718d8f4cc60d17e8588501ad278900527aad569215276db607eec8df1f65ab40f5267672b6086095b6c9a3d475631b69711581 |
SSDEEP: | 12288:QqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgagTs:QqDEvCTbMWu7rQYlBQcBiT6rprG8a4s |
TLSH: | 03159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FB64BF [Tue Oct 1 02:55:59 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007FB340C0E653h |
jmp 00007FB340C0DF5Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FB340C0E13Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FB340C0E10Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007FB340C10CFDh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007FB340C10D48h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007FB340C10D31h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x95ac | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x95ac | 0x9600 | eae015d4fc9035341ffc85875eab3530 | False | 0.2860416666666667 | data | 5.163378231354932 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x874 | data | 1.005083179297597 | ||
RT_GROUP_ICON | 0xdd02c | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd0a4 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd0b8 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd0cc | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd0e0 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd1bc | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 05:16:03.691484928 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:03.691570997 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:03.691646099 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:03.691937923 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:03.691976070 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.339452982 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.342315912 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.342350006 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.342782021 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.342854023 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.343805075 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.343859911 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.374944925 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.375068903 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.381072998 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.381107092 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.421911955 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.630160093 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.630229950 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.630280018 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.631328106 CEST | 49731 | 443 | 192.168.2.4 | 142.250.186.78 |
Oct 1, 2024 05:16:04.631356001 CEST | 443 | 49731 | 142.250.186.78 | 192.168.2.4 |
Oct 1, 2024 05:16:04.642275095 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:04.642316103 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:04.642405987 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:04.642796993 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:04.642827034 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.291877031 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.292301893 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.292368889 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.292797089 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.292870998 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.293536901 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.293597937 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.294732094 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.294806957 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.294933081 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.294954062 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.339709044 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.595328093 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.595344067 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.595410109 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:05.595424891 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.595490932 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.599807024 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 05:16:05.599847078 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 05:16:06.433476925 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Oct 1, 2024 05:16:07.981014967 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:07.981086969 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:07.981165886 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:07.981396914 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:07.981431007 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:08.085094929 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.085177898 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.085263014 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.087059021 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.087096930 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.641736031 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:08.641952991 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:08.642007113 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:08.642868042 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:08.642935991 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:08.643984079 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:08.644052982 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:08.686548948 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:08.686573982 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:08.701791048 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.701864004 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.707691908 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.707706928 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.707962990 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.727401972 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:08.751652002 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.774208069 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.819406986 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.949002981 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.949059010 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.949105978 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.949388981 CEST | 49742 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.949413061 CEST | 443 | 49742 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.992240906 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.992283106 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:08.992350101 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.992891073 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:08.992918015 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.606076002 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.606134892 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:09.607981920 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:09.607990026 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.608222961 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.610116959 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:09.651401043 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.857567072 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.857623100 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:09.857671022 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:09.858522892 CEST | 49745 | 443 | 192.168.2.4 | 23.211.8.90 |
Oct 1, 2024 05:16:09.858531952 CEST | 443 | 49745 | 23.211.8.90 | 192.168.2.4 |
Oct 1, 2024 05:16:12.713098049 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:12.713124037 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:12.713176966 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:12.713378906 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:12.713392019 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.358474016 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.358769894 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.358791113 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.359328032 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.359401941 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.360342026 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.360395908 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.361381054 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.361460924 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.361650944 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.361660004 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.404356956 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.679361105 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.679508924 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.679580927 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.679594040 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.679609060 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.679636002 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.679642916 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.679678917 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.684959888 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.685045958 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.691297054 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.691386938 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.691381931 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.691426992 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.691482067 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.697550058 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.697630882 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.703819036 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.703905106 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.703924894 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.703968048 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.767548084 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.767611980 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.767671108 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.767715931 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.768393993 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.768440962 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.774597883 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.774660110 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.774698973 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.774758101 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.780829906 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.780881882 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.787144899 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.787204981 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.787230015 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.793427944 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.793482065 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.793490887 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.799690008 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.799767971 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.799774885 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.799972057 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.800029039 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.843449116 CEST | 49757 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 1, 2024 05:16:13.843457937 CEST | 443 | 49757 | 172.217.16.206 | 192.168.2.4 |
Oct 1, 2024 05:16:13.853595018 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:13.853612900 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:13.853674889 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:13.853929043 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:13.853940964 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.215090990 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.215117931 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.215210915 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.215617895 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.215629101 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.482702971 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.483084917 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.483102083 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.483630896 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.483711004 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.484672070 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.484739065 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.489490986 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.489587069 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.489937067 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.489944935 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.532082081 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.758668900 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.758759022 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.758835077 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.759346962 CEST | 49760 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.759356022 CEST | 443 | 49760 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.760426044 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.760463953 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.760540962 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.760859013 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.760885954 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.854485035 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.854705095 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.854715109 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.855034113 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.855086088 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.855640888 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.855685949 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.856030941 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.856087923 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.856467962 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:14.856476068 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:14.907319069 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.133229017 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.133786917 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.133919001 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.134253979 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.134274006 CEST | 443 | 49762 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.134283066 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.134324074 CEST | 49762 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.135339975 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.135394096 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.135472059 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.135768890 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.135782003 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.399246931 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.399569988 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.399591923 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.400141001 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.400218964 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.401138067 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.401210070 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.401318073 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.401403904 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.401474953 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.401474953 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.401494026 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.443447113 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.453664064 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.592832088 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.592986107 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.593070030 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.593851089 CEST | 49764 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.593868971 CEST | 443 | 49764 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.775456905 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.776177883 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.776213884 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.777431011 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.777520895 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.779745102 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.779839039 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.780257940 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.780342102 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.780591011 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.780591011 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.780610085 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.827419996 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.828552008 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.976151943 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.976480007 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:15.976682901 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.977617025 CEST | 49765 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:15.977652073 CEST | 443 | 49765 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:16.434602022 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:16.475430012 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.705719948 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.705750942 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.705785036 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.705792904 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:16.705820084 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.705851078 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:16.706274986 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.706336975 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:16.707298994 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:16.707329035 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 05:16:16.707354069 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:16.707429886 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 05:16:19.447685003 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:19.447765112 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:19.447840929 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:19.449085951 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:19.449116945 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:20.236875057 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:20.236953020 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:20.240168095 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:20.240176916 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:20.240583897 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:20.281491041 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:20.776281118 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:20.787508965 CEST | 49723 | 80 | 192.168.2.4 | 88.221.110.91 |
Oct 1, 2024 05:16:20.792623043 CEST | 80 | 49723 | 88.221.110.91 | 192.168.2.4 |
Oct 1, 2024 05:16:20.793118000 CEST | 49723 | 80 | 192.168.2.4 | 88.221.110.91 |
Oct 1, 2024 05:16:20.819433928 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033112049 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033170938 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033201933 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033241034 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033256054 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.033282042 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033293009 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033303022 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.033308983 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.033338070 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.033653975 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033801079 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.033807039 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.033932924 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.035732985 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.643543959 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:21.643587112 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:21.643838882 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:21.644840956 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:21.644870996 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:21.715230942 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.715248108 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:21.715260983 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:21.715265036 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:22.276793003 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.277214050 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:22.277235031 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.277674913 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.278140068 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:22.278225899 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.278794050 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:22.278794050 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:22.278836966 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.583105087 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.583487988 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:22.583544970 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:22.584525108 CEST | 49778 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:22.584534883 CEST | 443 | 49778 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:45.532835960 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.532886028 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:45.532974958 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.539300919 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.539315939 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:45.556305885 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.556317091 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:45.556372881 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.563215017 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.563226938 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:45.720432997 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.720463991 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:45.720513105 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.720860958 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:45.720874071 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.193185091 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.193507910 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.193537951 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.193900108 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.194200039 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.194259882 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.194365025 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.194381952 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.194392920 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.206176996 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.206412077 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.206423044 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.206780910 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.207046986 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.207113981 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.207168102 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.207556963 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.207571030 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.384617090 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.384844065 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.384857893 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.386037111 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.386096954 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.388561010 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.388612986 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.388753891 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.388890028 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.388895035 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.388907909 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.388926029 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.437247038 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.437259912 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.468668938 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.468803883 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.468956947 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.469448090 CEST | 49782 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.469470978 CEST | 443 | 49782 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.484714985 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.486330032 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.486435890 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.486485958 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.486690998 CEST | 49781 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.486700058 CEST | 443 | 49781 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.665920019 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.666244984 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:46.666317940 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.666766882 CEST | 49783 | 443 | 192.168.2.4 | 172.217.18.110 |
Oct 1, 2024 05:16:46.666781902 CEST | 443 | 49783 | 172.217.18.110 | 192.168.2.4 |
Oct 1, 2024 05:16:58.498298883 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:58.498317957 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:58.498383045 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:58.498825073 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:58.498836994 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.275054932 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.275142908 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.278785944 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.278795958 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.279022932 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.288079023 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.335405111 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.608867884 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.608887911 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.608901024 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.608958960 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.608978033 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.609025955 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.609750986 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.609780073 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.609802008 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.609808922 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.609818935 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.609827042 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.609869957 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.613846064 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.613856077 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:16:59.613866091 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 05:16:59.613869905 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 05:17:08.039226055 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:08.039324045 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:08.039414883 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:08.039634943 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:08.039669037 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:08.680327892 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:08.680635929 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:08.680686951 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:08.681020021 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:08.681354046 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:08.681421041 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:08.734055042 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:09.312268972 CEST | 49724 | 80 | 192.168.2.4 | 2.19.126.163 |
Oct 1, 2024 05:17:09.320898056 CEST | 80 | 49724 | 2.19.126.163 | 192.168.2.4 |
Oct 1, 2024 05:17:09.321032047 CEST | 49724 | 80 | 192.168.2.4 | 2.19.126.163 |
Oct 1, 2024 05:17:16.294318914 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.294343948 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:16.294401884 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.294655085 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.294667006 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:16.950145960 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:16.950520992 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.950540066 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:16.950845957 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:16.951148033 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.951200962 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:16.951333046 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.951606035 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:16.951611042 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:17.233839035 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:17.233957052 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:17.234031916 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:17.234438896 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:17.234446049 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:17.409813881 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:17.409861088 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:17.409928083 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:17.410274029 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:17.410289049 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.042628050 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.042948008 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:18.042958975 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.043312073 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.043654919 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:18.043724060 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.043859005 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:18.043876886 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:18.043888092 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.321990013 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.322097063 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.322185993 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:18.322704077 CEST | 49789 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:18.322726011 CEST | 443 | 49789 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:18.613797903 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:18.613866091 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:18.613993883 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:31.497858047 CEST | 49786 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:17:31.497879028 CEST | 443 | 49786 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:17:46.316095114 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.316188097 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:46.316318035 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.318284035 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.318317890 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:46.948990107 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:46.949321032 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.949357986 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:46.949877024 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:46.950175047 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.950259924 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:46.950324059 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.950342894 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:46.950357914 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:47.225008011 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:47.225123882 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:47.225172997 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:47.225656986 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:47.225680113 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:47.611876965 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:47.611965895 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:47.612062931 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:47.612329960 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:47.612365007 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.241384983 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.242526054 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:48.242558956 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.243097067 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.243371964 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:48.243458033 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.243514061 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:48.243539095 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:48.243596077 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.518785000 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.518924952 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:17:48.518996000 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:48.520644903 CEST | 49792 | 443 | 192.168.2.4 | 142.250.184.206 |
Oct 1, 2024 05:17:48.520714045 CEST | 443 | 49792 | 142.250.184.206 | 192.168.2.4 |
Oct 1, 2024 05:18:08.085717916 CEST | 49793 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:18:08.085757971 CEST | 443 | 49793 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:18:08.085835934 CEST | 49793 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:18:08.086136103 CEST | 49793 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:18:08.086148977 CEST | 443 | 49793 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:18:08.730103016 CEST | 443 | 49793 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:18:08.730408907 CEST | 49793 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:18:08.730428934 CEST | 443 | 49793 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:18:08.730750084 CEST | 443 | 49793 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:18:08.731060028 CEST | 49793 | 443 | 192.168.2.4 | 142.250.186.68 |
Oct 1, 2024 05:18:08.731118917 CEST | 443 | 49793 | 142.250.186.68 | 192.168.2.4 |
Oct 1, 2024 05:18:08.780544996 CEST | 49793 | 443 | 192.168.2.4 | 142.250.186.68 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 05:16:03.674165010 CEST | 53 | 62191 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:03.683958054 CEST | 52678 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:03.684125900 CEST | 65200 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:03.690433025 CEST | 53 | 52678 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:03.691104889 CEST | 53 | 65200 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:03.700258970 CEST | 53 | 64522 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:04.634928942 CEST | 56041 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:04.635409117 CEST | 64798 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:04.641638041 CEST | 53 | 56041 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:04.641839027 CEST | 53 | 64798 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:04.671154976 CEST | 53 | 63111 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:07.971021891 CEST | 54258 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:07.971158981 CEST | 60375 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:07.977627039 CEST | 53 | 60375 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:07.977637053 CEST | 53 | 54258 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:09.812935114 CEST | 53 | 54512 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:12.676702023 CEST | 56282 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:12.676853895 CEST | 59671 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:12.683196068 CEST | 53 | 56282 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:12.683453083 CEST | 53 | 59671 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:13.844566107 CEST | 57978 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:13.844722033 CEST | 56558 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:16:13.851432085 CEST | 53 | 56558 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:13.851445913 CEST | 53 | 57978 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:15.850754023 CEST | 53 | 58181 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:20.897146940 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Oct 1, 2024 05:16:21.741394997 CEST | 53 | 49711 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:16:40.545603037 CEST | 53 | 50238 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:03.299931049 CEST | 53 | 55350 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:03.381419897 CEST | 53 | 59666 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:08.031829119 CEST | 56019 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:17:08.031956911 CEST | 54739 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:17:08.038415909 CEST | 53 | 56019 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:08.038429976 CEST | 53 | 54739 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:14.619317055 CEST | 53 | 55387 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:16.284707069 CEST | 53369 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:17:16.284874916 CEST | 60043 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 05:17:16.291435003 CEST | 53 | 60043 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:16.293761969 CEST | 53 | 53369 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 05:17:31.513679981 CEST | 53 | 60854 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 1, 2024 05:16:03.683958054 CEST | 192.168.2.4 | 1.1.1.1 | 0x43d3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:16:03.684125900 CEST | 192.168.2.4 | 1.1.1.1 | 0x1735 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 05:16:04.634928942 CEST | 192.168.2.4 | 1.1.1.1 | 0xf8b4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:16:04.635409117 CEST | 192.168.2.4 | 1.1.1.1 | 0xeef9 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 05:16:07.971021891 CEST | 192.168.2.4 | 1.1.1.1 | 0x9b3d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:16:07.971158981 CEST | 192.168.2.4 | 1.1.1.1 | 0xec4a | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 05:16:12.676702023 CEST | 192.168.2.4 | 1.1.1.1 | 0xe2da | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:16:12.676853895 CEST | 192.168.2.4 | 1.1.1.1 | 0x9cc8 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 05:16:13.844566107 CEST | 192.168.2.4 | 1.1.1.1 | 0xe7df | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:16:13.844722033 CEST | 192.168.2.4 | 1.1.1.1 | 0xf158 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 05:17:08.031829119 CEST | 192.168.2.4 | 1.1.1.1 | 0x83e1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:17:08.031956911 CEST | 192.168.2.4 | 1.1.1.1 | 0xa960 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 05:17:16.284707069 CEST | 192.168.2.4 | 1.1.1.1 | 0x42f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 05:17:16.284874916 CEST | 192.168.2.4 | 1.1.1.1 | 0x888e | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 1, 2024 05:16:03.690433025 CEST | 1.1.1.1 | 192.168.2.4 | 0x43d3 | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:03.691104889 CEST | 1.1.1.1 | 192.168.2.4 | 0x1735 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 142.250.74.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641638041 CEST | 1.1.1.1 | 192.168.2.4 | 0xf8b4 | No error (0) | 172.217.23.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641839027 CEST | 1.1.1.1 | 192.168.2.4 | 0xeef9 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:04.641839027 CEST | 1.1.1.1 | 192.168.2.4 | 0xeef9 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 05:16:07.977627039 CEST | 1.1.1.1 | 192.168.2.4 | 0xec4a | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 05:16:07.977637053 CEST | 1.1.1.1 | 192.168.2.4 | 0x9b3d | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:12.683196068 CEST | 1.1.1.1 | 192.168.2.4 | 0xe2da | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:12.683196068 CEST | 1.1.1.1 | 192.168.2.4 | 0xe2da | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:12.683453083 CEST | 1.1.1.1 | 192.168.2.4 | 0x9cc8 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 05:16:13.851445913 CEST | 1.1.1.1 | 192.168.2.4 | 0xe7df | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:17:08.038415909 CEST | 1.1.1.1 | 192.168.2.4 | 0x83e1 | No error (0) | 142.250.186.68 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 05:17:08.038429976 CEST | 1.1.1.1 | 192.168.2.4 | 0xa960 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 05:17:16.293761969 CEST | 1.1.1.1 | 192.168.2.4 | 0x42f8 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49731 | 142.250.186.78 | 443 | 4632 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 03:16:04 UTC | 859 | OUT | |
2024-10-01 03:16:04 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 142.250.185.174 | 443 | 4632 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 03:16:05 UTC | 877 | OUT | |
2024-10-01 03:16:05 UTC | 2634 | IN |