Windows
Analysis Report
https://trailer.web-view.net/Links/0X4BB1001D1630A0ED10642DF3B714350282BAE90647BD2B7BFD4C194AC960461AE6B703AF3C14FF76E051ECAB18E836AA033F35E314DF7571046ED1B003034C97CF9966854362669D.htm
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 6392 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7024 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2040 --fi eld-trial- handle=186 0,i,177289 3469230395 6724,46087 9420258271 1167,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6588 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://trail er.web-vie w.net/Link s/0X4BB100 1D1630A0ED 10642DF3B7 14350282BA E90647BD2B 7BFD4C194A C960461AE6 B703AF3C14 FF76E051EC AB18E836AA 033F35E314 DF7571046E D1B003034C 97CF996685 4362669D.h tm" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
AV Detection |
---|
Source: | SlashNext: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | SlashNext | Credential Stealing type: Phishing & Social Engineering |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
d2egg.x.incapdns.net | 45.60.47.135 | true | false | unknown | |
www.google.com | 216.58.206.68 | true | false | unknown | |
trailer.web-view.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
45.60.47.135 | d2egg.x.incapdns.net | United States | 19551 | INCAPSULAUS | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.16 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523624 |
Start date and time: | 2024-10-01 21:15:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 22s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://trailer.web-view.net/Links/0X4BB1001D1630A0ED10642DF3B714350282BAE90647BD2B7BFD4C194AC960461AE6B703AF3C14FF76E051ECAB18E836AA033F35E314DF7571046ED1B003034C97CF9966854362669D.htm |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@17/8@6/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.67, 64.233.184.84, 142.250.184.238, 34.104.35.123, 142.250.184.227, 142.250.185.110
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: https://trailer.web-view.net/Links/0X4BB1001D1630A0ED10642DF3B714350282BAE90647BD2B7BFD4C194AC960461AE6B703AF3C14FF76E051ECAB18E836AA033F35E314DF7571046ED1B003034C97CF9966854362669D.htm
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.983265319086724 |
Encrypted: | false |
SSDEEP: | 48:80dPTnPlfHPidAKZdA1FehwiZUklqehty+3:8IrDay |
MD5: | 12D0ACEA8ED5DC85737138CD1B70ED32 |
SHA1: | 92A9ECB0D78B2D2DB726742CC25CF1DDFE91C4F5 |
SHA-256: | 007BEE1DEFCC71766E7AB614367072D7C7A142B2E9DE874000354DFD765AB7E9 |
SHA-512: | 6FCB9DC53036A348D8233E0ECCB0BC4849635E456B93FC874E69AC864666A70848C834F6196815D0346C5C6B7C50CC7AA9FBD2AD933C9440A6F7A8488DE9B2FE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.9993978386191187 |
Encrypted: | false |
SSDEEP: | 48:8SdPTnPlfHPidAKZdA1seh/iZUkAQkqehKy+2:8erN9QLy |
MD5: | 852BDC80EF15B64846BB7335C0871FF4 |
SHA1: | 8FB57CB492547E853084F4FEF00E236FC928E246 |
SHA-256: | DC2195A304BA8FE19CE186CA0EA3DBAB47B72030D70A8164CEB4826708BC5C99 |
SHA-512: | CC454DC1E41206D9A9D927AEAAD0282B4A2F48E08CECEFCEAEE38D6D83FC8DDF35673691036A6BE4201846882EBBAB7CB8ED2333A0FBDA43F3ECD9B881098BE6 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.01178592699406 |
Encrypted: | false |
SSDEEP: | 48:8ydPTnPAHPidAKZdA14meh7sFiZUkmgqeh7sAy+BX:8+rSnWy |
MD5: | 9AB8CC8044F7B3E5DA5B795207322563 |
SHA1: | 6F63305BCD37D18033BC3C0ED5B5B1B625746134 |
SHA-256: | 4381B0B29A618E9827F372F1CBCB78D376705439C372AC112F87BC415A6D2B4B |
SHA-512: | EC47CCE1B6F89A72E06F3B7E695EA4FF0AEEB4FEF63669D9CF8EFAA29783CA60D88AD76D83039F014FD40424D305A91D359F62D5F3723304F4873FAE01380AF7 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.999239637819936 |
Encrypted: | false |
SSDEEP: | 48:8GdPTnPlfHPidAKZdA1TehDiZUkwqehOy+R:8ar+Yy |
MD5: | 23F76E9BCAEF9AF9F99029EDC88B32FF |
SHA1: | AA1C244EE44887EF1C72FBB41A7498B959C3B51F |
SHA-256: | 1556CEDD304A12686ED2650368FD1A432E0810353970F155748540889052CEE3 |
SHA-512: | FCBD87FA2AD57833A118006220D7B7F9EFFC202120EC46A3AC8C92E5CB141320F00E48646BFF87CDE23D42B598078F8FECE73054D8DF31CCF2C446B8B3B53F20 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9861185230171694 |
Encrypted: | false |
SSDEEP: | 48:8tdPTnPlfHPidAKZdA1dehBiZUk1W1qeh8y+C:8vru9cy |
MD5: | 55A48EB98159A6C793A94A3C9892E5B5 |
SHA1: | 4DDB4D22C9EE2A46C77EA32E902AE888F627B885 |
SHA-256: | 59BF75EDB1B781FF522DE3FD6F63896328DA1D245A01C0784AA255C031AA24AF |
SHA-512: | 8DF10FC6B497F900E9CC68BB3F27495B3D0625992A570B53A581480791E9123BD78A7CAECFDB399D793D54DC7C6B2C0E054FA90B534B7E8CFEC24364B07CF496 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9937152176850246 |
Encrypted: | false |
SSDEEP: | 48:8vdPTnPlfHPidAKZdA1duTeehOuTbbiZUk5OjqehOuTbWy+yT+:8prETfTbxWOvTbWy7T |
MD5: | 8200F828A98391AA5D1B97635FF669C6 |
SHA1: | 9C8B91FA43C2790EBF7B0DF9F1A18220A9FCDBD9 |
SHA-256: | 5DF157D8BC1522315FC411D228FAC38CAFC6A88F9D8D4C06B9605A938200CDCD |
SHA-512: | E2996D15207D6C72F8C84E18D89B6A3ED7EF1DBD755C1A6CD2250427674130E527B07703D439C43F98F70A99905994F93018FFD83093DF26D83579B3E9DB1F6D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1245 |
Entropy (8bit): | 5.462849750105637 |
Encrypted: | false |
SSDEEP: | 24:hM0mIAvy4Wvsqs1Ra7JZRGNeHX+AYcvP2wk1RjdEF3qpMk5:lmIAq1UqsziJZ+eHX+AdP2TvpMk5 |
MD5: | 5343C1A8B203C162A3BF3870D9F50FD4 |
SHA1: | 04B5B886C20D88B57EEA6D8FF882624A4AC1E51D |
SHA-256: | DC1D54DAB6EC8C00F70137927504E4F222C8395F10760B6BEECFCFA94E08249F |
SHA-512: | E0F50ACB6061744E825A4051765CEBF23E8C489B55B190739409D8A79BB08DAC8F919247A4E5F65A015EA9C57D326BBEF7EA045163915129E01F316C4958D949 |
Malicious: | false |
Reputation: | low |
URL: | https://trailer.web-view.net/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 21:15:58.726229906 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:58.726269960 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:58.726331949 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:58.726552010 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:58.726605892 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:58.726655960 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:58.726753950 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:58.726764917 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:58.727586031 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:58.727602959 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.211030006 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.211318016 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.211342096 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.212292910 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.212372065 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.213290930 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.213346004 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.213442087 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.213449955 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.216685057 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.216872931 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.216912031 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.218478918 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.218534946 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.219307899 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.219404936 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.263290882 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.263304949 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.263322115 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.312315941 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.620731115 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.620830059 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.620897055 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.623006105 CEST | 49706 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.623024940 CEST | 443 | 49706 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:15:59.659102917 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:15:59.703396082 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:00.141954899 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:00.143965960 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:00.144073963 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:00.144687891 CEST | 49707 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:00.144712925 CEST | 443 | 49707 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:01.753705025 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:02.055392027 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:02.624392033 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:02.624452114 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:02.624533892 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:02.624747038 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:02.624761105 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:02.663341045 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:03.290026903 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:03.290303946 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:03.290330887 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:03.291286945 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:03.291374922 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:03.292422056 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:03.292476892 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:03.332314014 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:03.332326889 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:03.380305052 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:03.870309114 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:04.414855957 CEST | 49689 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:06.281326056 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:07.420665979 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:07.420710087 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:07.420794964 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:07.422321081 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:07.422334909 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.027146101 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:08.027170897 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:08.027251959 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:08.028301001 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:08.028312922 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:08.254199028 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.254272938 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.257049084 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.257056952 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.257888079 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.309334040 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.313388109 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.359394073 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589809895 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589843035 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589852095 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589869022 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589880943 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589889050 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589916945 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.589940071 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.589955091 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.589988947 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.590173006 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.590234041 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.590241909 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.590671062 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.590733051 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.600713015 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.600728989 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.600754023 CEST | 49713 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:08.600759983 CEST | 443 | 49713 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:08.689013958 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:08.689091921 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:08.691471100 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:08.691481113 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:08.691714048 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:08.725828886 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:08.767411947 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.133255005 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.133438110 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.133464098 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.133474112 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.133586884 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.133618116 CEST | 443 | 49714 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.133670092 CEST | 49714 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.175117016 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.175144911 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.175236940 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.176035881 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.176045895 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.823992014 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.824071884 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.825376034 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.825381994 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.825608969 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.826960087 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:09.867428064 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:09.922785044 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:10.104444981 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:10.104533911 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:10.104604006 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:10.105252028 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:10.105252028 CEST | 49715 | 443 | 192.168.2.16 | 184.28.90.27 |
Oct 1, 2024 21:16:10.105271101 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:10.105282068 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.16 |
Oct 1, 2024 21:16:10.224333048 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:10.829329014 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:11.082340956 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:12.041344881 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:13.180566072 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:13.180732965 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:13.180880070 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:14.067873001 CEST | 49709 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:16:14.067888975 CEST | 443 | 49709 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:16:14.386444092 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:14.450413942 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:14.690427065 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:15.298372030 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:16.512350082 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:18.930263996 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:19.258341074 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:20.696417093 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Oct 1, 2024 21:16:23.743446112 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:27.362454891 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.362561941 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.362651110 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.362694979 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.362757921 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.362829924 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.362926960 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.362966061 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.363080978 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.363101006 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.827898979 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.828212023 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.828279018 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.828643084 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.828977108 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.829050064 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.829123974 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.836601019 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.836837053 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.836858034 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.837233067 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.837503910 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:27.837558985 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.871402979 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:27.877444983 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:28.232985973 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:28.233050108 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:28.233110905 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:28.233762980 CEST | 49716 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:16:28.233786106 CEST | 443 | 49716 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:16:28.862473011 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Oct 1, 2024 21:16:33.353399038 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Oct 1, 2024 21:16:45.023365974 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:45.023411989 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:45.023494959 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:45.023833036 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:45.023849010 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:45.848248959 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:45.848352909 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:45.849966049 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:45.849976063 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:45.850305080 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:45.852005005 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:45.899410963 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.178292990 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.178313971 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.178328037 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.178389072 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.178405046 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.178419113 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.178463936 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.179342031 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.179374933 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.179400921 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.179409027 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.179423094 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.179446936 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.179506063 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.181062937 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.181078911 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.181087971 CEST | 49718 | 443 | 192.168.2.16 | 20.114.59.183 |
Oct 1, 2024 21:16:46.181094885 CEST | 443 | 49718 | 20.114.59.183 | 192.168.2.16 |
Oct 1, 2024 21:16:46.485517025 CEST | 49697 | 80 | 192.168.2.16 | 93.184.221.240 |
Oct 1, 2024 21:16:46.485575914 CEST | 49698 | 80 | 192.168.2.16 | 93.184.221.240 |
Oct 1, 2024 21:16:46.490789890 CEST | 80 | 49697 | 93.184.221.240 | 192.168.2.16 |
Oct 1, 2024 21:16:46.490861893 CEST | 49697 | 80 | 192.168.2.16 | 93.184.221.240 |
Oct 1, 2024 21:16:46.491081953 CEST | 80 | 49698 | 93.184.221.240 | 192.168.2.16 |
Oct 1, 2024 21:16:46.491133928 CEST | 49698 | 80 | 192.168.2.16 | 93.184.221.240 |
Oct 1, 2024 21:17:02.670480967 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:02.670526028 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:02.670612097 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:02.670841932 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:02.670856953 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:03.318986893 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:03.319295883 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:03.319325924 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:03.319652081 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:03.319940090 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:03.320000887 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:03.372502089 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:12.852463007 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:17:12.852509022 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:17:13.231333971 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:13.231400967 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:13.231472969 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:14.068852901 CEST | 49720 | 443 | 192.168.2.16 | 216.58.206.68 |
Oct 1, 2024 21:17:14.068875074 CEST | 443 | 49720 | 216.58.206.68 | 192.168.2.16 |
Oct 1, 2024 21:17:27.931828976 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:17:27.931902885 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:17:27.932019949 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:17:28.076596975 CEST | 49717 | 443 | 192.168.2.16 | 45.60.47.135 |
Oct 1, 2024 21:17:28.076643944 CEST | 443 | 49717 | 45.60.47.135 | 192.168.2.16 |
Oct 1, 2024 21:17:35.636610031 CEST | 49700 | 80 | 192.168.2.16 | 192.229.221.95 |
Oct 1, 2024 21:17:35.885763884 CEST | 80 | 49700 | 192.229.221.95 | 192.168.2.16 |
Oct 1, 2024 21:17:35.886087894 CEST | 49700 | 80 | 192.168.2.16 | 192.229.221.95 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 21:15:57.810318947 CEST | 53 | 56995 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:15:57.813879967 CEST | 53 | 55572 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:15:58.711417913 CEST | 60652 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 1, 2024 21:15:58.711658001 CEST | 63826 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 1, 2024 21:15:58.719605923 CEST | 53 | 60652 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:15:58.729192972 CEST | 53 | 63826 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:15:58.788377047 CEST | 53 | 59682 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:16:02.616316080 CEST | 57626 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 1, 2024 21:16:02.616475105 CEST | 51463 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 1, 2024 21:16:02.623492956 CEST | 53 | 51463 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:16:02.623569012 CEST | 53 | 57626 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:16:15.722631931 CEST | 53 | 60575 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:16:34.655333042 CEST | 53 | 60594 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:16:57.840167046 CEST | 53 | 65412 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:16:57.841087103 CEST | 53 | 60748 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:17:06.093502045 CEST | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
Oct 1, 2024 21:17:26.980473995 CEST | 53 | 55341 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:18:02.729298115 CEST | 64476 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 1, 2024 21:18:02.729343891 CEST | 50706 | 53 | 192.168.2.16 | 1.1.1.1 |
Oct 1, 2024 21:18:03.677206993 CEST | 53 | 50706 | 1.1.1.1 | 192.168.2.16 |
Oct 1, 2024 21:18:03.677236080 CEST | 53 | 64476 | 1.1.1.1 | 192.168.2.16 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 1, 2024 21:15:58.729293108 CEST | 192.168.2.16 | 1.1.1.1 | c1f6 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 1, 2024 21:15:58.711417913 CEST | 192.168.2.16 | 1.1.1.1 | 0xa5db | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 21:15:58.711658001 CEST | 192.168.2.16 | 1.1.1.1 | 0x4cdf | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 21:16:02.616316080 CEST | 192.168.2.16 | 1.1.1.1 | 0xb825 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 21:16:02.616475105 CEST | 192.168.2.16 | 1.1.1.1 | 0x7a26 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 21:18:02.729298115 CEST | 192.168.2.16 | 1.1.1.1 | 0xac41 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 21:18:02.729343891 CEST | 192.168.2.16 | 1.1.1.1 | 0xcc68 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 1, 2024 21:15:58.719605923 CEST | 1.1.1.1 | 192.168.2.16 | 0xa5db | No error (0) | d2egg.x.incapdns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 21:15:58.719605923 CEST | 1.1.1.1 | 192.168.2.16 | 0xa5db | No error (0) | 45.60.47.135 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 21:15:58.729192972 CEST | 1.1.1.1 | 192.168.2.16 | 0x4cdf | Server failure (2) | none | none | 65 | IN (0x0001) | false | |
Oct 1, 2024 21:16:02.623492956 CEST | 1.1.1.1 | 192.168.2.16 | 0x7a26 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 21:16:02.623569012 CEST | 1.1.1.1 | 192.168.2.16 | 0xb825 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 21:18:03.677206993 CEST | 1.1.1.1 | 192.168.2.16 | 0xcc68 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 21:18:03.677236080 CEST | 1.1.1.1 | 192.168.2.16 | 0xac41 | No error (0) | 142.250.186.132 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49706 | 45.60.47.135 | 443 | 7024 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:15:59 UTC | 819 | OUT | |
2024-10-01 19:15:59 UTC | 759 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49707 | 45.60.47.135 | 443 | 7024 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:15:59 UTC | 984 | OUT | |
2024-10-01 19:16:00 UTC | 380 | IN | |
2024-10-01 19:16:00 UTC | 1072 | IN | |
2024-10-01 19:16:00 UTC | 173 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.16 | 49713 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:16:08 UTC | 306 | OUT | |
2024-10-01 19:16:08 UTC | 560 | IN | |
2024-10-01 19:16:08 UTC | 15824 | IN | |
2024-10-01 19:16:08 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49714 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:16:08 UTC | 161 | OUT | |
2024-10-01 19:16:09 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.16 | 49715 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:16:09 UTC | 239 | OUT | |
2024-10-01 19:16:10 UTC | 515 | IN | |
2024-10-01 19:16:10 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.16 | 49716 | 45.60.47.135 | 443 | 7024 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:16:27 UTC | 1077 | OUT | |
2024-10-01 19:16:28 UTC | 351 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.16 | 49718 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 19:16:45 UTC | 306 | OUT | |
2024-10-01 19:16:46 UTC | 560 | IN | |
2024-10-01 19:16:46 UTC | 15824 | IN | |
2024-10-01 19:16:46 UTC | 14181 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 15:15:55 |
Start date: | 01/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 15:15:56 |
Start date: | 01/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 15:15:57 |
Start date: | 01/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |