Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Credential Flusher
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Yara detected Credential Flusher
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Classification
- System is w10x64
- file.exe (PID: 3468 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 6695B4F09FE9D39C9BE1FD74E89ECC19) - taskkill.exe (PID: 7068 cmdline:
taskkill / F /IM chro me.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD) - conhost.exe (PID: 6024 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - chrome.exe (PID: 3768 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://youtu be.com/acc ount?=http s://accoun ts.google. com/v3/sig nin/challe nge/pwd" - -start-ful lscreen -- no-first-r un --disab le-session -crashed-b ubble --di sable-info bars MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 2784 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2132 --fi eld-trial- handle=192 0,i,157750 6394369942 7180,18124 1236593807 23990,2621 44 /prefet ch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 6116 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=54 28 --field -trial-han dle=1920,i ,157750639 4369942718 0,18124123 6593807239 90,262144 /prefetch: 8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 6536 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=3244 --f ield-trial -handle=19 20,i,15775 0639436994 27180,1812 4123659380 723990,262 144 /prefe tch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialFlusher | Yara detected Credential Flusher | Joe Security |
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0058DBBE | |
Source: | Code function: | 0_2_0055C2A2 | |
Source: | Code function: | 0_2_005968EE | |
Source: | Code function: | 0_2_0059698F | |
Source: | Code function: | 0_2_0058D076 | |
Source: | Code function: | 0_2_0058D3A9 | |
Source: | Code function: | 0_2_00599642 | |
Source: | Code function: | 0_2_0059979D | |
Source: | Code function: | 0_2_00599B2B | |
Source: | Code function: | 0_2_00595C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_0059CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0059EAFF |
Source: | Code function: | 0_2_0059ED6A |
Source: | Code function: | 0_2_0059EAFF |
Source: | Code function: | 0_2_0058AA57 |
Source: | Code function: | 0_2_005B9576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_e8368bbd-b | |
Source: | String found in binary or memory: | memstr_d0aa0fd1-4 | |
Source: | String found in binary or memory: | memstr_17678812-8 | |
Source: | String found in binary or memory: | memstr_739842fc-8 |
Source: | Code function: | 0_2_0058D5EB |
Source: | Code function: | 0_2_00581201 |
Source: | Code function: | 0_2_0058E8F6 |
Source: | Code function: | 0_2_0052BF40 | |
Source: | Code function: | 0_2_00592046 | |
Source: | Code function: | 0_2_00528060 | |
Source: | Code function: | 0_2_00588298 | |
Source: | Code function: | 0_2_0055E4FF | |
Source: | Code function: | 0_2_0055676B | |
Source: | Code function: | 0_2_005B4873 | |
Source: | Code function: | 0_2_0052CAF0 | |
Source: | Code function: | 0_2_0054CAA0 | |
Source: | Code function: | 0_2_0053CC39 | |
Source: | Code function: | 0_2_00556DD9 | |
Source: | Code function: | 0_2_0053B119 | |
Source: | Code function: | 0_2_005291C0 | |
Source: | Code function: | 0_2_00541394 | |
Source: | Code function: | 0_2_0054781B | |
Source: | Code function: | 0_2_0053997D | |
Source: | Code function: | 0_2_00527920 | |
Source: | Code function: | 0_2_00547A4A | |
Source: | Code function: | 0_2_00547CA7 | |
Source: | Code function: | 0_2_005ABE44 | |
Source: | Code function: | 0_2_00559EEE |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_005937B5 |
Source: | Code function: | 0_2_005810BF | |
Source: | Code function: | 0_2_005816C3 |
Source: | Code function: | 0_2_005951CD |
Source: | Code function: | 0_2_005AA67C |
Source: | Code function: | 0_2_0059648E |
Source: | Code function: | 0_2_005242A2 |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | WMI Queries: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_005242DE |
Source: | Code function: | 0_2_00540A89 |
Source: | Code function: | 0_2_0053F98E | |
Source: | Code function: | 0_2_005B1C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-96003 |
Source: | API coverage: |
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior |
Source: | Last function: |
Source: | Code function: | 0_2_0058DBBE | |
Source: | Code function: | 0_2_0055C2A2 | |
Source: | Code function: | 0_2_005968EE | |
Source: | Code function: | 0_2_0059698F | |
Source: | Code function: | 0_2_0058D076 | |
Source: | Code function: | 0_2_0058D3A9 | |
Source: | Code function: | 0_2_00599642 | |
Source: | Code function: | 0_2_0059979D | |
Source: | Code function: | 0_2_00599B2B | |
Source: | Code function: | 0_2_00595C97 |
Source: | Code function: | 0_2_005242DE |
Source: | Process information queried: | Jump to behavior |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_0-95316 |
Source: | Code function: | 0_2_0059EAA2 |
Source: | Code function: | 0_2_00552622 |
Source: | Code function: | 0_2_005242DE |
Source: | Code function: | 0_2_00544CE8 |
Source: | Code function: | 0_2_00580B62 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 0_2_00552622 | |
Source: | Code function: | 0_2_0054083F | |
Source: | Code function: | 0_2_005409D5 | |
Source: | Code function: | 0_2_00540C21 |
Source: | Code function: | 0_2_00581201 |
Source: | Code function: | 0_2_00562BA5 |
Source: | Code function: | 0_2_0058B226 |
Source: | Code function: | 0_2_005A22DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_00580B62 |
Source: | Code function: | 0_2_00581663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00540698 |
Source: | Code function: | 0_2_00598195 |
Source: | Code function: | 0_2_0057D27A |
Source: | Code function: | 0_2_0055B952 |
Source: | Code function: | 0_2_005242DE |
Stealing of Sensitive Information |
---|
Source: | File source: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Remote Access Functionality |
---|
Source: | File source: |
Source: | Code function: | 0_2_005A1204 | |
Source: | Code function: | 0_2_005A1806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Windows Management Instrumentation | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 2 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 1 Native API | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 16 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 2 Valid Accounts | LSA Secrets | 22 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 21 Virtualization/Sandbox Evasion | Cached Domain Credentials | 21 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 3 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
11% | ReversingLabs | |||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.185.174 | true | false | unknown | |
www3.l.google.com | 216.58.206.78 | true | false | unknown | |
play.google.com | 172.217.18.110 | true | false | unknown | |
www.google.com | 142.250.184.228 | true | false | unknown | |
youtube.com | 142.250.181.238 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
216.58.206.78 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.181.238 | youtube.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.174 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.18.110 | play.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.6 |
192.168.2.13 |
192.168.2.23 |
192.168.2.14 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524374 |
Start date and time: | 2024-10-02 18:21:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 33s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal68.troj.evad.winEXE@40/30@12/10 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.99, 172.217.18.14, 74.125.206.84, 34.104.35.123, 172.217.18.106, 172.217.18.10, 142.250.186.42, 142.250.74.202, 172.217.23.106, 172.217.16.202, 142.250.186.138, 142.250.185.138, 142.250.185.74, 142.250.185.106, 142.250.186.74, 216.58.206.42, 142.250.186.106, 216.58.206.74, 216.58.212.138, 172.217.16.138, 142.250.185.163, 142.250.186.170, 142.250.181.234, 216.58.212.170, 93.184.221.240, 192.229.221.95, 74.125.133.84, 172.217.23.110
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.298162049824456 |
Encrypted: | false |
SSDEEP: | 48:o7vGoolL3ALFKphnpiu7xOKAcfO/3d/rYh4vZorw:o/QLUFUL4KA+2y0Mw |
MD5: | CE055F881BDAB4EF6C1C8AA4B3890348 |
SHA1: | 2671741A70E9F5B608F690AAEEA4972003747654 |
SHA-256: | 9B91C23691D6032CDFE28863E369624B2EDB033E1487A1D1BB0977E3590E5462 |
SHA-512: | 8A22250628985C2E570E6FBADFC0D5CB6753F0735130F9E74962A409476C2859C5C81F8A0F5C427A9F13ED399C8E251FA43FF67AD5F16860640D45E7A538E857 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 744362 |
Entropy (8bit): | 5.7913337944729175 |
Encrypted: | false |
SSDEEP: | 6144:HVXWBQkPdzg5pTX1ROv/duPzd8C3s891/Q:gfd8j91/Q |
MD5: | C6E31A4B08FC2DF9191AA47785B3FB31 |
SHA1: | 5094D16F35D927EBE73D715F95E199BB2112BFA6 |
SHA-256: | 67CA532191F69C2FF20D2A015493D6A4AB7ADC9C584A86F1E10E272FD72100E9 |
SHA-512: | 6C6E78717D44F86CA4FBCA84534810D6432913D9D61BC13FE010D03775F6FE5C4705B4D1965641C858DE68DBA7D1B306CE12FF62E4C38995C1EE3EA0541F9565 |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlHMmP29tNFN_V7bhU8rapgP9PTgBw/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.404371326611379 |
Encrypted: | false |
SSDEEP: | 192:EEFZpeip4HzZlY0If0Ma23jcUcrhCx6VD1TYPi8:Es/p4jgjUhtD1TY68 |
MD5: | 21E893B65627B397E22619A9F5BB9662 |
SHA1: | F561B0F66211C1E7B22F94B4935C312AB7087E85 |
SHA-256: | FFA9B8BC8EF2CDFF5EB4BA1A0BA1710A253A5B42535E2A369D5026967DCF4673 |
SHA-512: | 3DE3CD6A4E9B06AB3EB324E90A40B5F2AEEA8D7D6A2651C310E993CF79EEB5AC6E2E33C587F46B2DD20CC862354FD1A61AEBB9B990E6805F6629404BA285F8FA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 698791 |
Entropy (8bit): | 5.595243292922648 |
Encrypted: | false |
SSDEEP: | 6144:TJvaKtQfcxene0F2HhPM8RGYcBlKmd5r6XIQqS7SlncOpYMSrBg5X3O4mAEFD7:TJyKtkIct842IQqHJ09 |
MD5: | 7A4AEFC2F596D19F522738DB34C5A680 |
SHA1: | 7F6E9BE8B3C1450075365A31FF6E4B49F1D35BA7 |
SHA-256: | 61D7FF7565945545C0D823CCFC5DB5D09C8714FBF8AD77994F389F08289124B2 |
SHA-512: | 7D80188B002DB3ED7360B9B236DE435F2008345ECEC00FDE39412BE39DE5C08FD80CBD2D7370D0DBB98F4BCCA0CEF147AD9E7935AC2894DB55D81C1B32EB647E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22833 |
Entropy (8bit): | 5.425034548615223 |
Encrypted: | false |
SSDEEP: | 384:7lFo6ZEdpgtmyiPixV9OX9gMBpHkHnfst9lZulagGcwYHiRFjJzN7:77o6ZviPixV8xpEHn89l4IgGcwYCRtb7 |
MD5: | 749B18538FE32BFE0815D75F899F5B21 |
SHA1: | AF95A019211AF69F752A43CAA54A83C2AFD41D28 |
SHA-256: | 116B2687C1D5E00DB56A79894AB0C12D4E2E000B9379B7E7AD751B84DF611F3F |
SHA-512: | E4B6F4556AA0FD9979BB52681508F5E26FFB256473803F74F7F5C8D93FA3636D7D0A5835618FBC6123022805CE0D9616A7451A0F302C665E28A6090B5D588505 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4067 |
Entropy (8bit): | 5.363457972758152 |
Encrypted: | false |
SSDEEP: | 96:G2CiFZX5BReR68ujioIRVrqtyzBeTV6SfyAKLif9cLw:bCMZXVeR6jiosVrqtyzBaImyAKw9z |
MD5: | B027BF10F968F37628EB698B2CF46D8E |
SHA1: | 0C9801E4FF3BE18102E6E22246B4262FCC6CE011 |
SHA-256: | 98608C8414932B6F029948A323B1236EFB96861306FD1EDEB6CE47E180392B47 |
SHA-512: | 3B1E5A3B247273F025EACF389F98BC139F8453ECEC7A2EC762A4E3279F220B7BED2CB23CD5630E92ED03187C514956DF814E9450FFAA10BFE312633B445DBEF1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.355381206612617 |
Encrypted: | false |
SSDEEP: | 48:o7FEEM3MtH15jNQ8jsK3rnw0dkckTrKEp/OqLE9xz0W5Bzv3M6hIHYA+JITbwrF8:oq675jOArwoAmI/DLaxNPL5m+m6w |
MD5: | E2A7251AD83A0D0634FEA2703D10ED07 |
SHA1: | 90D72011F31FC40D3DA3748F2817F90A29EB5C01 |
SHA-256: | 1079B49C4AAF5C10E4F2E6A086623F40D200A71FF2A1F64E88AA6C91E4BE7A6F |
SHA-512: | CD6D75580EA8BD97CF7C7C0E0BD9D9A54FB6EA7DF1DDB5A95E94D38B260F9EE1425C640839ECD229B8D01E145CF2786CA374D31EC537EB8FE17FF415D5B985F5 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.257113147606035 |
Encrypted: | false |
SSDEEP: | 48:o72ZrNZ4yNAbU+15fMxIdf5WENoBCbw7DbG2bEJrw:oyNNAY+1i4HoBNG2Ilw |
MD5: | F06E2DC5CC446B39F878B5F8E4D78418 |
SHA1: | 9F1F34FDD8F8DAB942A9B95D9F720587B6F6AD48 |
SHA-256: | 118E4D2FE7CEF205F9AFC87636554C6D8220882B158333EE3D1990282D158B8F |
SHA-512: | 893C4F883CD1C88C6AAF5A6E7F232D62823A53E1FFDE5C1C52BB066D75781DD041F4D281CDBF18070D921CE862652D8863E2B9D5E0190CFA4128890D62C44168 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32500 |
Entropy (8bit): | 5.378903546681047 |
Encrypted: | false |
SSDEEP: | 768:zYlbuROstb0e39nKGrkysU0smpu4OLOdzIf1p/5GeSsngurz6aKEEEGo/:zYl61Cysbu4OLOdzIfrIen72ZFo/ |
MD5: | BF4BF9728A7C302FBA5B14F3D0F1878B |
SHA1: | 2607CA7A93710D629400077FF3602CB207E6F53D |
SHA-256: | 8981E7B228DF7D6A8797C0CD1E9B0F1F88337D5F0E1C27A04E7A57D2C4309798 |
SHA-512: | AC9E170FC3AFDC0CF6BB8E926B93EF129A5FAD1BBA51B60BABCF3555E9B652E98F86A00FB099879DED35DD3FFE72ECFA597E20E6CA8CF402BEDEC40F78412EDA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.291808298251231 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DuZvuhqCsNRxoYTY9/qoVk7hz1l2p6vDMW94uEQOeGbCx4VGbgCSFBV87OU:o7DuZWhv6oy12kvwKEeGbC6GbHSh/Hrw |
MD5: | 4CA7ADFE744A690411EA4D3EA8DB9E4B |
SHA1: | 2CF1777A199E25378D330DA68BED1871B5C5BC32 |
SHA-256: | 128129BA736B3094323499B0498A5B3A909C1529717461C34B70080A5B1603BD |
SHA-512: | 8BD3477AF41D1F0FE74AFFCB177BEC0F5F4FDCBBA6BD29D9C2567E6FFDEF5DEB7FF74BF348F33209C39D7BB4958E748DF6731D3DC8F6947352276BC92EAF9E79 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3467 |
Entropy (8bit): | 5.514745431912774 |
Encrypted: | false |
SSDEEP: | 96:ozbld2fNUmeqJNizhNtt1W8t//loyIpXmdVE2w:onSKE8PWe/Cy4X3j |
MD5: | 8DEF399E8355ABC23E64505281005099 |
SHA1: | 24FF74C3AEFD7696D84FF148465DF4B1B60B1696 |
SHA-256: | F128D7218E1286B05DF11310AD3C8F4CF781402698E45448850D2A3A22F5F185 |
SHA-512: | 33721DD47658D8E12ADF6BD9E9316EB89F5B6297927F7FD60F954E04B829DCBF0E1AE6DDD9A3401F45E0011AE4B1397B960C218238A3D0F633A2173D8E604082 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5050 |
Entropy (8bit): | 5.289052544075544 |
Encrypted: | false |
SSDEEP: | 96:o4We0hP7OBFXYvB1sig3Fd8HkaXzLmUrv8Vh1WJlLQXT2v2gqw:655758Fd8HkaPZ0GmAD |
MD5: | 26E26FD11772DFF5C7004BEA334289CC |
SHA1: | 638DAAF541BDE31E95AEE4F8ADA677434D7051DB |
SHA-256: | ADFE3E4960982F5EF4C043052A9990D8683C5FC2B590E817B6B1A5774DDE2CE3 |
SHA-512: | C31929EB6D1C60D6A84A2574FF60490394A6D6F9B354972F3328952F570D80B3F2AEC916B0E1B66DDB1AC056EB75BFAC477E7AF631D0AD1810EDBAF025465D66 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEH54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFteMt5kl2HRMM5sgqzMrw2LMDjOg/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
File type: | |
Entropy (8bit): | 6.58246531777093 |
TrID: |
|
File name: | file.exe |
File size: | 918'528 bytes |
MD5: | 6695b4f09fe9d39c9be1fd74e89ecc19 |
SHA1: | 20621918295bb2f7da03bcc9d80e0ff23a35fabc |
SHA256: | 6a06f869eb3cb873f69ff529c2c58d39461c529cbfaa779a2b73d600d5900daf |
SHA512: | cf446b7dbb673481675ea192fc87ebb49b00dba9e65cc12a039f0489b2d6a425fc36717ef929b8ff3eef5aa6e6179479064b84b704ec89cd548afd8bacae9212 |
SSDEEP: | 12288:5qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgatTP:5qDEvCTbMWu7rQYlBQcBiT6rprG8apP |
TLSH: | 72159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FD6C6C [Wed Oct 2 15:53:16 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F5908630363h |
jmp 00007F590862FC6Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F590862FE4Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F590862FE1Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F5908632A0Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F5908632A58h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F5908632A41h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x9958 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x9958 | 0x9a00 | 6cca709c24274a11716e34ce06145b6a | False | 0.30420556006493504 | data | 5.278355328625398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0xc20 | data | 1.0035438144329898 | ||
RT_GROUP_ICON | 0xdd3d8 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd450 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd464 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd478 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd48c | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd568 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 18:22:13.698535919 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:13.698535919 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:14.026611090 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:19.949489117 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:19.949553967 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:19.949615002 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:19.950594902 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:19.950609922 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.588692904 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.588851929 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.588860989 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.589215994 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.589282990 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.589862108 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.589917898 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.591202974 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.591260910 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.591590881 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.591598988 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.638758898 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.893904924 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.895302057 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.895690918 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.897267103 CEST | 49699 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:22:20.897284031 CEST | 443 | 49699 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:22:20.907830000 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:20.907857895 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:20.908056974 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:20.908344030 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:20.908356905 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.566262007 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.567053080 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.567069054 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.567419052 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.567560911 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.568049908 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.568129063 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.569438934 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.569438934 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.569446087 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.569483995 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.619071007 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.619083881 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.667629957 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.891791105 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.891808987 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.891901970 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.891916037 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.891971111 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:21.892018080 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.894936085 CEST | 49705 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:22:21.894953012 CEST | 443 | 49705 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:22:23.306591988 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:23.306591988 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:23.634639025 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:24.238629103 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.238676071 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.238897085 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.238897085 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.238941908 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.454282999 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:24.454320908 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:24.454400063 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:24.456316948 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:24.456331015 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:24.896425009 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.896703005 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.896734953 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.897783041 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.897845030 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.898960114 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.899065018 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.947025061 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:24.947060108 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:24.993916988 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:25.104700089 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.104773998 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.108688116 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.108696938 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.109433889 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.150162935 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.183285952 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.227400064 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.313709974 CEST | 443 | 49698 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:22:25.313803911 CEST | 49698 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:22:25.376317978 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.376394033 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.376436949 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.376657963 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.376671076 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.376687050 CEST | 49712 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.376692057 CEST | 443 | 49712 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.466447115 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.466485023 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:25.466541052 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.467442036 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:25.467451096 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.140883923 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.141153097 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:26.173731089 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:26.173752069 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.174117088 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.175420046 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:26.219402075 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.416783094 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.416857958 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.421701908 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:26.588534117 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:26.588565111 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:26.588592052 CEST | 49717 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:22:26.588599920 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:22:29.429735899 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:29.429795980 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:29.429989100 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:29.430314064 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:29.430330992 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.061398029 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.061655998 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.061682940 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.062222004 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.062278032 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.063241005 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.063302040 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.064436913 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.064517021 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.064603090 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.108597994 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.108630896 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.155729055 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.375617981 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:30.375648022 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:30.375705957 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:30.375901937 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:30.375911951 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:30.410933018 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.410979033 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.411040068 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.411048889 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.411067009 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.411108017 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.415648937 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.415699959 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.422204018 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.422259092 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.422278881 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.422290087 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.422312021 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.428318977 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.429076910 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.429085970 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.432420015 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.432447910 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.432471991 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.432477951 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.432533026 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.438401937 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:30.438426018 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:30.438508987 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:30.438843966 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:30.438853979 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:30.497751951 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.497807026 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.497941017 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.497955084 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.498008966 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.499087095 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.499140978 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.505548000 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.505621910 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.505650043 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.505702019 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.511833906 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.511895895 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.520416975 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.520473957 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.521413088 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.525700092 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.529927015 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.529936075 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.531898022 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.531953096 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.531960011 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.532182932 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:30.532218933 CEST | 443 | 49731 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:22:30.532259941 CEST | 49731 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:22:31.246467113 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.250432014 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.291459084 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.293051004 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.305337906 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.305360079 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.305434942 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.305448055 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.306202888 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.306267023 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.306705952 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.306772947 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.307228088 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.307275057 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.309206963 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.309257984 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.437951088 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.438034058 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.438368082 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.438412905 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.439665079 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.439683914 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.439980030 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.439996958 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.482151985 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.482165098 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.650233984 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.650422096 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.650487900 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.650639057 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.650657892 CEST | 443 | 49735 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.650667906 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.650702000 CEST | 49735 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.651837111 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.651874065 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.651926041 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.652276039 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.652287006 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.654043913 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.654350042 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.654397964 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.654469967 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.654488087 CEST | 443 | 49734 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.654501915 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.654531956 CEST | 49734 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.655078888 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.655114889 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:31.655169010 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.655443907 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:31.655462027 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.292793989 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.293158054 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.293183088 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.293638945 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.293710947 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.294346094 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.294482946 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.294676065 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.294775963 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.294936895 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.294950962 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.294974089 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.298491955 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.298990011 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.299009085 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.300342083 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.300422907 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.301624060 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.301686049 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.301906109 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.301983118 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.302086115 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.302118063 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.302126884 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.338960886 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.338975906 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.354573965 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.511653900 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.512890100 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.512959957 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.513988018 CEST | 49741 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.514019012 CEST | 443 | 49741 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.527906895 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.529083967 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.529156923 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.530174017 CEST | 49740 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:32.530189037 CEST | 443 | 49740 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:32.952187061 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:32.999413967 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:33.224534035 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:33.224586010 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:33.224626064 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:33.224651098 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:33.224766970 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:33.224795103 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:33.224850893 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:33.226867914 CEST | 49711 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:22:33.226891994 CEST | 443 | 49711 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:22:34.303323984 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:34.303364992 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:34.303445101 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:34.304570913 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:34.304585934 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:35.604157925 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:35.604290962 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:35.606332064 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:35.606343985 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:35.606584072 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:35.651336908 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:36.465415955 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:36.507410049 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097212076 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097234964 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097243071 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097254992 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097290039 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097309113 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.097331047 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097343922 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.097388029 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.097487926 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.097539902 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.097548008 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.098258972 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.098323107 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.815764904 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.815798044 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:37.815812111 CEST | 49747 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:22:37.815818071 CEST | 443 | 49747 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:22:38.497706890 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:38.497731924 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:38.497982979 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:38.498358965 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:38.498373032 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.126595020 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.126913071 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:39.126940966 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.127269030 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.127620935 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:39.127686024 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.127829075 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:39.127856016 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:39.127861023 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.454559088 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.455588102 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:22:39.455647945 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:39.456629038 CEST | 49753 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:22:39.456653118 CEST | 443 | 49753 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:00.685596943 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:00.685656071 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:00.685735941 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:00.686032057 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:00.686048985 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:00.687362909 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:00.687419891 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:00.687479973 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:00.687706947 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:00.687716961 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.325175047 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.325447083 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.325464964 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.325963974 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.326237917 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.326301098 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.326391935 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.326440096 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.326445103 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.330272913 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.330487013 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.330513000 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.331149101 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.331399918 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.331464052 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.331567049 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.331605911 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.331619978 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.626987934 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.627813101 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.627996922 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.628035069 CEST | 49754 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.628051043 CEST | 443 | 49754 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.731484890 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.731532097 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:01.731640100 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.731897116 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:01.731905937 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.402355909 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.402957916 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:02.402971029 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.403287888 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.403640985 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:02.403683901 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.403928041 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:02.403944969 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:02.403949022 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.620558977 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.620738029 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:02.620908022 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:02.621248960 CEST | 49756 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:02.621260881 CEST | 443 | 49756 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:03.981842995 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:03.981952906 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:03.982007027 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:03.982773066 CEST | 49755 | 443 | 192.168.2.6 | 172.217.18.110 |
Oct 2, 2024 18:23:03.982786894 CEST | 443 | 49755 | 172.217.18.110 | 192.168.2.6 |
Oct 2, 2024 18:23:14.276968956 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:14.277015924 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:14.277139902 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:14.277662039 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:14.277674913 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.053504944 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.053702116 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.063230038 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.063275099 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.063756943 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.103478909 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.103986979 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.147417068 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387058020 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387096882 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387106895 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387125015 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387162924 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387236118 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.387253046 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387316942 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.387340069 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.387801886 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387840986 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387871981 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.387880087 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387903929 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.387907982 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.387954950 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.391501904 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.391530037 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:15.391544104 CEST | 49757 | 443 | 192.168.2.6 | 20.114.59.183 |
Oct 2, 2024 18:23:15.391550064 CEST | 443 | 49757 | 20.114.59.183 | 192.168.2.6 |
Oct 2, 2024 18:23:24.282174110 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:24.282221079 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:24.282296896 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:24.282529116 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:24.282543898 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:24.974391937 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:24.975122929 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:24.975169897 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:24.975466967 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:24.975774050 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:24.975838900 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:25.025242090 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:31.231367111 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:31.231417894 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:31.231497049 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:31.231688023 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:31.231703043 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.108753920 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.110603094 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:32.110635042 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.111004114 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.111351013 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:32.111428976 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.111517906 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:32.111535072 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:32.111547947 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.328784943 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.329458952 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:32.329579115 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:32.330034971 CEST | 49760 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:32.330053091 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:33.763446093 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:33.763497114 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:33.763708115 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:33.767460108 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:33.767479897 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.401551962 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.405400038 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:34.405424118 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.405759096 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.412484884 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:34.412539005 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.416094065 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:34.416115999 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:34.416121006 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.732630014 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.734431028 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.734505892 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:34.734621048 CEST | 49762 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:23:34.734632969 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:23:34.853408098 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:34.853467941 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:23:34.853636980 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:48.140551090 CEST | 49759 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:23:48.140594006 CEST | 443 | 49759 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:24:03.627870083 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:03.627963066 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:03.628060102 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:03.630044937 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:03.630081892 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:03.858216047 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:03.858241081 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:03.858314037 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:03.858583927 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:03.858591080 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.260653973 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.261167049 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.261229992 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.261770964 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.262059927 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.262146950 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.262219906 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.262257099 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.262269020 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.492510080 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.492969036 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.492984056 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.493504047 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.493818998 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.493901014 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.494000912 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.494060040 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.494066000 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.561606884 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.564029932 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.564085007 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.564213037 CEST | 49764 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.564225912 CEST | 443 | 49764 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.792844057 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.793417931 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Oct 2, 2024 18:24:04.793483019 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.793814898 CEST | 49765 | 443 | 192.168.2.6 | 216.58.206.78 |
Oct 2, 2024 18:24:04.793828011 CEST | 443 | 49765 | 216.58.206.78 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 18:22:19.930222034 CEST | 52549 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:19.930413008 CEST | 50920 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:19.938134909 CEST | 53 | 50056 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:19.938204050 CEST | 53 | 52549 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:19.938529968 CEST | 53 | 50920 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:19.951302052 CEST | 53 | 60741 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:20.899168015 CEST | 60359 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:20.899564981 CEST | 52905 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:20.906644106 CEST | 53 | 60359 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:20.906783104 CEST | 53 | 52905 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:20.954464912 CEST | 53 | 52001 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:24.223083019 CEST | 53 | 58798 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:24.229392052 CEST | 61696 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:24.230101109 CEST | 50032 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:24.237813950 CEST | 53 | 61696 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:24.237832069 CEST | 53 | 50032 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:26.576288939 CEST | 53 | 57832 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:29.420106888 CEST | 58784 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:29.420209885 CEST | 57506 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:29.426978111 CEST | 53 | 58784 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:29.427607059 CEST | 53 | 57506 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:30.365206957 CEST | 51799 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:30.365365982 CEST | 51581 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:22:30.375026941 CEST | 53 | 51799 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:30.375153065 CEST | 53 | 51581 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:37.987365007 CEST | 53 | 50986 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:22:56.754354000 CEST | 53 | 52409 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:23:19.479489088 CEST | 53 | 52925 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:23:19.520138025 CEST | 53 | 52001 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:23:31.220417976 CEST | 61869 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:23:31.223731041 CEST | 59423 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:23:31.228344917 CEST | 53 | 61869 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:23:31.230909109 CEST | 53 | 59423 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:23:31.508780003 CEST | 53 | 65194 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:23:48.150736094 CEST | 53 | 63129 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 18:22:19.930222034 CEST | 192.168.2.6 | 1.1.1.1 | 0x7fb0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:22:19.930413008 CEST | 192.168.2.6 | 1.1.1.1 | 0xc0b5 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:22:20.899168015 CEST | 192.168.2.6 | 1.1.1.1 | 0x7562 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:22:20.899564981 CEST | 192.168.2.6 | 1.1.1.1 | 0x3e2c | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:22:24.229392052 CEST | 192.168.2.6 | 1.1.1.1 | 0xe664 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:22:24.230101109 CEST | 192.168.2.6 | 1.1.1.1 | 0xfb7 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:22:29.420106888 CEST | 192.168.2.6 | 1.1.1.1 | 0xb765 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:22:29.420209885 CEST | 192.168.2.6 | 1.1.1.1 | 0x58a7 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:22:30.365206957 CEST | 192.168.2.6 | 1.1.1.1 | 0xd2f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:22:30.365365982 CEST | 192.168.2.6 | 1.1.1.1 | 0x40c6 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:23:31.220417976 CEST | 192.168.2.6 | 1.1.1.1 | 0xb59 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:23:31.223731041 CEST | 192.168.2.6 | 1.1.1.1 | 0xea10 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 18:22:19.938204050 CEST | 1.1.1.1 | 192.168.2.6 | 0x7fb0 | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:19.938529968 CEST | 1.1.1.1 | 192.168.2.6 | 0xc0b5 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 172.217.23.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906644106 CEST | 1.1.1.1 | 192.168.2.6 | 0x7562 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906783104 CEST | 1.1.1.1 | 192.168.2.6 | 0x3e2c | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:20.906783104 CEST | 1.1.1.1 | 192.168.2.6 | 0x3e2c | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 18:22:24.237813950 CEST | 1.1.1.1 | 192.168.2.6 | 0xe664 | No error (0) | 142.250.184.228 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:24.237832069 CEST | 1.1.1.1 | 192.168.2.6 | 0xfb7 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 18:22:29.426978111 CEST | 1.1.1.1 | 192.168.2.6 | 0xb765 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:29.426978111 CEST | 1.1.1.1 | 192.168.2.6 | 0xb765 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:29.427607059 CEST | 1.1.1.1 | 192.168.2.6 | 0x58a7 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:22:30.375026941 CEST | 1.1.1.1 | 192.168.2.6 | 0xd2f8 | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:23:31.228344917 CEST | 1.1.1.1 | 192.168.2.6 | 0xb59 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.6 | 49699 | 142.250.181.238 | 443 | 2784 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 16:22:20 UTC | 839 | OUT | |
2024-10-02 16:22:20 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49705 | 142.250.185.174 | 443 | 2784 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 16:22:21 UTC | 857 | OUT | |
2024-10-02 16:22:21 UTC | 2634 | IN |