Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Uses taskkill to terminate processes
Classification
- System is w10x64
- file.exe (PID: 988 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: A58015BC46C585AE2B5C5F865221C456) - taskkill.exe (PID: 6940 cmdline:
taskkill / F /IM chro me.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD) - conhost.exe (PID: 712 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - chrome.exe (PID: 4416 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://youtu be.com/acc ount?=http s://accoun ts.google. com/v3/sig nin/challe nge/pwd" - -start-ful lscreen -- no-first-r un --disab le-session -crashed-b ubble --di sable-info bars MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 1460 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2448 --fi eld-trial- handle=234 0,i,872095 4307453147 582,628580 4185776578 347,262144 /prefetch :8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 7892 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=54 16 --field -trial-han dle=2340,i ,872095430 7453147582 ,628580418 5776578347 ,262144 /p refetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 7900 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5460 --f ield-trial -handle=23 40,i,87209 5430745314 7582,62858 0418577657 8347,26214 4 /prefetc h:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_005ADBBE | |
Source: | Code function: | 0_2_0057C2A2 | |
Source: | Code function: | 0_2_005B68EE | |
Source: | Code function: | 0_2_005B698F | |
Source: | Code function: | 0_2_005AD076 | |
Source: | Code function: | 0_2_005AD3A9 | |
Source: | Code function: | 0_2_005B9642 | |
Source: | Code function: | 0_2_005B979D | |
Source: | Code function: | 0_2_005B9B2B | |
Source: | Code function: | 0_2_005B5C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_005BCE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_005BEAFF |
Source: | Code function: | 0_2_005BED6A |
Source: | Code function: | 0_2_005BEAFF |
Source: | Code function: | 0_2_005AAA57 |
Source: | Code function: | 0_2_005D9576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_98b2b08d-d | |
Source: | String found in binary or memory: | memstr_fecb9b31-6 | |
Source: | String found in binary or memory: | memstr_e344a7e0-f | |
Source: | String found in binary or memory: | memstr_f1cf0a49-4 |
Source: | Code function: | 0_2_005AD5EB |
Source: | Code function: | 0_2_005A1201 |
Source: | Code function: | 0_2_005AE8F6 |
Source: | Code function: | 0_2_0054CAF0 | |
Source: | Code function: | 0_2_0054BF40 | |
Source: | Code function: | 0_2_005B2046 | |
Source: | Code function: | 0_2_00548060 | |
Source: | Code function: | 0_2_005A8298 | |
Source: | Code function: | 0_2_0057E4FF | |
Source: | Code function: | 0_2_0057676B | |
Source: | Code function: | 0_2_005D4873 | |
Source: | Code function: | 0_2_0056CAA0 | |
Source: | Code function: | 0_2_0055CC39 | |
Source: | Code function: | 0_2_00576DD9 | |
Source: | Code function: | 0_2_0055B119 | |
Source: | Code function: | 0_2_005491C0 | |
Source: | Code function: | 0_2_00561394 | |
Source: | Code function: | 0_2_0056781B | |
Source: | Code function: | 0_2_0055997D | |
Source: | Code function: | 0_2_00547920 | |
Source: | Code function: | 0_2_00567A4A | |
Source: | Code function: | 0_2_00567CA7 | |
Source: | Code function: | 0_2_005CBE44 | |
Source: | Code function: | 0_2_00579EEE |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_005B37B5 |
Source: | Code function: | 0_2_005A10BF | |
Source: | Code function: | 0_2_005A16C3 |
Source: | Code function: | 0_2_005B51CD |
Source: | Code function: | 0_2_005CA67C |
Source: | Code function: | 0_2_005B648E |
Source: | Code function: | 0_2_005442A2 |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | WMI Queries: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_005442DE |
Source: | Code function: | 0_2_00560A89 |
Source: | Code function: | 0_2_0055F98E | |
Source: | Code function: | 0_2_005D1C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-96531 |
Source: | API coverage: |
Source: | Last function: |
Source: | Code function: | 0_2_005ADBBE | |
Source: | Code function: | 0_2_0057C2A2 | |
Source: | Code function: | 0_2_005B68EE | |
Source: | Code function: | 0_2_005B698F | |
Source: | Code function: | 0_2_005AD076 | |
Source: | Code function: | 0_2_005AD3A9 | |
Source: | Code function: | 0_2_005B9642 | |
Source: | Code function: | 0_2_005B979D | |
Source: | Code function: | 0_2_005B9B2B | |
Source: | Code function: | 0_2_005B5C97 |
Source: | Code function: | 0_2_005442DE |
Source: | Code function: | 0_2_005BEAA2 |
Source: | Code function: | 0_2_00572622 |
Source: | Code function: | 0_2_005442DE |
Source: | Code function: | 0_2_00564CE8 |
Source: | Code function: | 0_2_005A0B62 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 0_2_00572622 | |
Source: | Code function: | 0_2_0056083F | |
Source: | Code function: | 0_2_005609D5 | |
Source: | Code function: | 0_2_00560C21 |
Source: | Code function: | 0_2_005A1201 |
Source: | Code function: | 0_2_00582BA5 |
Source: | Code function: | 0_2_0055F98E |
Source: | Code function: | 0_2_005C22DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_005A0B62 |
Source: | Code function: | 0_2_005A1663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00560698 |
Source: | Code function: | 0_2_005B8195 |
Source: | Code function: | 0_2_0059D27A |
Source: | Code function: | 0_2_0057B952 |
Source: | Code function: | 0_2_005442DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_005C1204 | |
Source: | Code function: | 0_2_005C1806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Windows Management Instrumentation | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 2 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 1 Native API | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 16 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 2 Valid Accounts | LSA Secrets | 12 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Virtualization/Sandbox Evasion | Cached Domain Credentials | 1 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
11% | ReversingLabs | |||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 172.217.16.142 | true | false | unknown | |
www3.l.google.com | 142.250.185.174 | true | false | unknown | |
play.google.com | 142.250.181.238 | true | false | unknown | |
www.google.com | 142.250.184.228 | true | false | unknown | |
youtube.com | 142.250.185.206 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.185.206 | youtube.com | United States | 15169 | GOOGLEUS | false | |
142.250.181.238 | play.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.174 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.142 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.184.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.16.142 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.6 |
192.168.2.23 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524405 |
Start date and time: | 2024-10-02 18:56:01 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal56.evad.winEXE@40/30@12/9 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.131, 216.58.206.78, 64.233.167.84, 34.104.35.123, 142.250.185.99, 142.250.181.234, 142.250.74.202, 172.217.16.138, 142.250.186.170, 142.250.185.234, 142.250.186.74, 142.250.186.138, 142.250.185.202, 216.58.206.74, 142.250.186.42, 142.250.186.106, 142.250.184.234, 172.217.16.202, 172.217.18.10, 216.58.206.42, 142.250.184.202, 142.250.185.195, 142.250.185.106, 142.250.185.138, 142.250.185.170, 172.217.18.106, 142.250.185.74, 192.229.221.95, 2.19.126.137, 142.250.74.195, 74.125.71.84, 199.232.210.172, 142.250.186.174
- Excluded domains from analysis (whitelisted): clients1.google.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Credential Flusher | Browse | ||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
1138de370e523e824bbca92d049a3777 | Get hash | malicious | Credential Flusher | Browse |
| |
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Babadeda | Browse |
| ||
Get hash | malicious | Babadeda | Browse |
| ||
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Credential Flusher | Browse |
| |
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Credential Flusher | Browse |
| |
Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Snake Keylogger, VIP Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3467 |
Entropy (8bit): | 5.514745431912774 |
Encrypted: | false |
SSDEEP: | 96:ozbld2fNUmeqJNizhNtt1W8t//loyIpXmdVE2w:onSKE8PWe/Cy4X3j |
MD5: | 8DEF399E8355ABC23E64505281005099 |
SHA1: | 24FF74C3AEFD7696D84FF148465DF4B1B60B1696 |
SHA-256: | F128D7218E1286B05DF11310AD3C8F4CF781402698E45448850D2A3A22F5F185 |
SHA-512: | 33721DD47658D8E12ADF6BD9E9316EB89F5B6297927F7FD60F954E04B829DCBF0E1AE6DDD9A3401F45E0011AE4B1397B960C218238A3D0F633A2173D8E604082 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5050 |
Entropy (8bit): | 5.289052544075544 |
Encrypted: | false |
SSDEEP: | 96:o4We0hP7OBFXYvB1sig3Fd8HkaXzLmUrv8Vh1WJlLQXT2v2gqw:655758Fd8HkaPZ0GmAD |
MD5: | 26E26FD11772DFF5C7004BEA334289CC |
SHA1: | 638DAAF541BDE31E95AEE4F8ADA677434D7051DB |
SHA-256: | ADFE3E4960982F5EF4C043052A9990D8683C5FC2B590E817B6B1A5774DDE2CE3 |
SHA-512: | C31929EB6D1C60D6A84A2574FF60490394A6D6F9B354972F3328952F570D80B3F2AEC916B0E1B66DDB1AC056EB75BFAC477E7AF631D0AD1810EDBAF025465D66 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 743936 |
Entropy (8bit): | 5.791086737110097 |
Encrypted: | false |
SSDEEP: | 6144:HVXWBQkPdzg5pTX1ROv/duPzd8C3s891/N:gfd8j91/N |
MD5: | F9F15F21696A09965757714D00305D14 |
SHA1: | C7292420A092BF5C277A68B6E42971190AD63C82 |
SHA-256: | EE66751937B1179DF56A5A789EB36D98B6A53116EABFEC2B35F93894EF71966E |
SHA-512: | 751EB98B9E8ED75FC72569C6887C348847E0A1D7889A7C4254D96AA54D30C3A57CE1F2F42797A55996EBD6AAB58026EC623BCD9AEEB2672857B2081141021B78 |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlFJRy1OqtUmLpt_G_DWG-oJaagYwQ/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.404371326611379 |
Encrypted: | false |
SSDEEP: | 192:EEFZpeip4HzZlY0If0Ma23jcUcrhCx6VD1TYPi8:Es/p4jgjUhtD1TY68 |
MD5: | 21E893B65627B397E22619A9F5BB9662 |
SHA1: | F561B0F66211C1E7B22F94B4935C312AB7087E85 |
SHA-256: | FFA9B8BC8EF2CDFF5EB4BA1A0BA1710A253A5B42535E2A369D5026967DCF4673 |
SHA-512: | 3DE3CD6A4E9B06AB3EB324E90A40B5F2AEEA8D7D6A2651C310E993CF79EEB5AC6E2E33C587F46B2DD20CC862354FD1A61AEBB9B990E6805F6629404BA285F8FA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.257113147606035 |
Encrypted: | false |
SSDEEP: | 48:o72ZrNZ4yNAbU+15fMxIdf5WENoBCbw7DbG2bEJrw:oyNNAY+1i4HoBNG2Ilw |
MD5: | F06E2DC5CC446B39F878B5F8E4D78418 |
SHA1: | 9F1F34FDD8F8DAB942A9B95D9F720587B6F6AD48 |
SHA-256: | 118E4D2FE7CEF205F9AFC87636554C6D8220882B158333EE3D1990282D158B8F |
SHA-512: | 893C4F883CD1C88C6AAF5A6E7F232D62823A53E1FFDE5C1C52BB066D75781DD041F4D281CDBF18070D921CE862652D8863E2B9D5E0190CFA4128890D62C44168 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22833 |
Entropy (8bit): | 5.425034548615223 |
Encrypted: | false |
SSDEEP: | 384:7lFo6ZEdpgtmyiPixV9OX9gMBpHkHnfst9lZulagGcwYHiRFjJzN7:77o6ZviPixV8xpEHn89l4IgGcwYCRtb7 |
MD5: | 749B18538FE32BFE0815D75F899F5B21 |
SHA1: | AF95A019211AF69F752A43CAA54A83C2AFD41D28 |
SHA-256: | 116B2687C1D5E00DB56A79894AB0C12D4E2E000B9379B7E7AD751B84DF611F3F |
SHA-512: | E4B6F4556AA0FD9979BB52681508F5E26FFB256473803F74F7F5C8D93FA3636D7D0A5835618FBC6123022805CE0D9616A7451A0F302C665E28A6090B5D588505 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 698314 |
Entropy (8bit): | 5.595120835898624 |
Encrypted: | false |
SSDEEP: | 6144:TJvaKtQfcxene0F2HhPM8RGYcBlKmd5r6XISxi7SlncOpYMSrBg5X3O4mAEFD7:TJyKtkIct842ISxXJ09 |
MD5: | F82438F9EAD5F57493C673008EED9E09 |
SHA1: | E4681E68FD66D8C76C6ACBC21E2C45F36FD645BC |
SHA-256: | B4B092F54EAAA82BFAA159B8D61FB867B51C3067CBD60F4904A205A11F503250 |
SHA-512: | 89027A7B1B3A080D40411F2E6E3B62BF57AC60879223566E71BD41D900C17051F0A058EFE04F8F1FED5E05DC54617D7A86F83D21BDED0F79347795C8B980B4B2 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.291808298251231 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DuZvuhqCsNRxoYTY9/qoVk7hz1l2p6vDMW94uEQOeGbCx4VGbgCSFBV87OU:o7DuZWhv6oy12kvwKEeGbC6GbHSh/Hrw |
MD5: | 4CA7ADFE744A690411EA4D3EA8DB9E4B |
SHA1: | 2CF1777A199E25378D330DA68BED1871B5C5BC32 |
SHA-256: | 128129BA736B3094323499B0498A5B3A909C1529717461C34B70080A5B1603BD |
SHA-512: | 8BD3477AF41D1F0FE74AFFCB177BEC0F5F4FDCBBA6BD29D9C2567E6FFDEF5DEB7FF74BF348F33209C39D7BB4958E748DF6731D3DC8F6947352276BC92EAF9E79 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32500 |
Entropy (8bit): | 5.378903546681047 |
Encrypted: | false |
SSDEEP: | 768:zYlbuROstb0e39nKGrkysU0smpu4OLOdzIf1p/5GeSsngurz6aKEEEGo/:zYl61Cysbu4OLOdzIfrIen72ZFo/ |
MD5: | BF4BF9728A7C302FBA5B14F3D0F1878B |
SHA1: | 2607CA7A93710D629400077FF3602CB207E6F53D |
SHA-256: | 8981E7B228DF7D6A8797C0CD1E9B0F1F88337D5F0E1C27A04E7A57D2C4309798 |
SHA-512: | AC9E170FC3AFDC0CF6BB8E926B93EF129A5FAD1BBA51B60BABCF3555E9B652E98F86A00FB099879DED35DD3FFE72ECFA597E20E6CA8CF402BEDEC40F78412EDA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4066 |
Entropy (8bit): | 5.363016925556486 |
Encrypted: | false |
SSDEEP: | 96:G2CiFZX5BReR68ujioIRVrqtyzBeTV6SfyAKLif9c7w:bCMZXVeR6jiosVrqtyzBaImyAKw9x |
MD5: | FC5E597D923838E10390DADD12651A81 |
SHA1: | C9959F8D539DB5DF07B8246EC12539B6A9CC101F |
SHA-256: | A7EBD5280C50AE93C061EAE1E9727329E015E97531F8F2D82D0E3EA76ADB37B4 |
SHA-512: | 784CA572808F184A849388723FBB3701E6981D885BBA8A330A933F90BF0B36A2E4A491D4463A27911B1D9F7A7134F23E15F187FC7CB4554EAE9BC252513EED7C |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.298162049824456 |
Encrypted: | false |
SSDEEP: | 48:o7vGoolL3ALFKphnpiu7xOKAcfO/3d/rYh4vZorw:o/QLUFUL4KA+2y0Mw |
MD5: | CE055F881BDAB4EF6C1C8AA4B3890348 |
SHA1: | 2671741A70E9F5B608F690AAEEA4972003747654 |
SHA-256: | 9B91C23691D6032CDFE28863E369624B2EDB033E1487A1D1BB0977E3590E5462 |
SHA-512: | 8A22250628985C2E570E6FBADFC0D5CB6753F0735130F9E74962A409476C2859C5C81F8A0F5C427A9F13ED399C8E251FA43FF67AD5F16860640D45E7A538E857 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.355381206612617 |
Encrypted: | false |
SSDEEP: | 48:o7FEEM3MtH15jNQ8jsK3rnw0dkckTrKEp/OqLE9xz0W5Bzv3M6hIHYA+JITbwrF8:oq675jOArwoAmI/DLaxNPL5m+m6w |
MD5: | E2A7251AD83A0D0634FEA2703D10ED07 |
SHA1: | 90D72011F31FC40D3DA3748F2817F90A29EB5C01 |
SHA-256: | 1079B49C4AAF5C10E4F2E6A086623F40D200A71FF2A1F64E88AA6C91E4BE7A6F |
SHA-512: | CD6D75580EA8BD97CF7C7C0E0BD9D9A54FB6EA7DF1DDB5A95E94D38B260F9EE1425C640839ECD229B8D01E145CF2786CA374D31EC537EB8FE17FF415D5B985F5 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBimEQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFwPDENALwio0taw23fxitsQJhhiA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
File type: | |
Entropy (8bit): | 6.58221928263921 |
TrID: |
|
File name: | file.exe |
File size: | 918'528 bytes |
MD5: | a58015bc46c585ae2b5c5f865221c456 |
SHA1: | bce6af797b2e61a75381ea1a2d329281a0dd0dac |
SHA256: | ef56b64524f304085da2403cb4a67c8fe19c9d0389b3ae749f3fce8d8efb69ad |
SHA512: | 2f6b1376d5de5c9133bb8e3289a4c07bd2b056b2dd0fa471aa4422c16d9d1fa8062a8e304654b8d6581406b6ef1e1e690d00bb526cf57424fd4a68ec16294ade |
SSDEEP: | 12288:hqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDganTf:hqDEvCTbMWu7rQYlBQcBiT6rprG8aTf |
TLSH: | 51159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FD7188 [Wed Oct 2 16:15:04 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007FD70CD0B9C3h |
jmp 00007FD70CD0B2CFh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FD70CD0B4ADh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FD70CD0B47Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007FD70CD0E06Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007FD70CD0E0B8h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007FD70CD0E0A1h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x9900 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x9900 | 0x9a00 | e2e5d7e76ec32fd73e2c899ef184883c | False | 0.3019987824675325 | data | 5.276832040543936 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0xbc6 | data | 1.0036496350364963 | ||
RT_GROUP_ICON | 0xdd380 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd3f8 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd40c | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd420 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd434 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd510 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 18:56:50.138813972 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:56:50.138813972 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:56:50.451287985 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:56:56.652728081 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:56.652779102 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:56.652888060 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:56.653559923 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:56.653578043 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:56.987377882 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:56.987421036 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:56.987472057 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:56.988241911 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:56.988255978 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.447242022 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.447315931 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.453346968 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.453360081 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.453682899 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.456466913 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.456526041 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.456533909 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.456665039 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.499407053 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.626754045 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.627005100 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.627058029 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.627258062 CEST | 49710 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:56:57.627274990 CEST | 443 | 49710 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:56:57.631192923 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.631464005 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.631472111 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.632078886 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.632147074 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.632781029 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.632834911 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.633780003 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.633848906 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.634026051 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.634035110 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.685504913 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.939680099 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.939915895 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.939969063 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.941299915 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.206 |
Oct 2, 2024 18:56:57.941322088 CEST | 443 | 49714 | 142.250.185.206 | 192.168.2.6 |
Oct 2, 2024 18:56:57.952260971 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:57.952301025 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:57.952363968 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:57.952625036 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:57.952636003 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.582395077 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.582895041 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.582967997 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.583744049 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.583841085 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.584462881 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.584525108 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.586447954 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.586518049 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.586838961 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.586847067 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.637231112 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.893043041 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.893059015 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.893151045 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.893183947 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.893395901 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.893549919 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.896025896 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.896045923 CEST | 443 | 49717 | 172.217.16.142 | 192.168.2.6 |
Oct 2, 2024 18:56:58.896058083 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:58.896301985 CEST | 49717 | 443 | 192.168.2.6 | 172.217.16.142 |
Oct 2, 2024 18:56:59.746613979 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:56:59.746613979 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:00.059099913 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:01.455008030 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:01.455064058 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:01.455152035 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:01.455400944 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:01.455415010 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:01.759751081 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:01.759896040 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:02.028163910 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.028189898 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.028318882 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.030396938 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.030416012 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.097619057 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:02.097893000 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:02.097904921 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:02.098969936 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:02.099045038 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:02.100559950 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:02.100626945 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:02.153819084 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:02.153832912 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:02.203396082 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:02.672251940 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.672344923 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.675796032 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.675806046 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.676064968 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.715548992 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.719625950 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.767401934 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.944381952 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.944550037 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.944613934 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.946109056 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.946126938 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.946147919 CEST | 49725 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.946155071 CEST | 443 | 49725 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.990947008 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.990984917 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:02.991064072 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.991491079 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:02.991504908 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:03.624835968 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:03.624938965 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:03.907696009 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:03.907716990 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:03.907998085 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:03.909547091 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:03.955399036 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:04.099435091 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:04.099505901 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:04.099674940 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:04.109028101 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:04.109081030 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:04.109111071 CEST | 49728 | 443 | 192.168.2.6 | 184.28.90.27 |
Oct 2, 2024 18:57:04.109128952 CEST | 443 | 49728 | 184.28.90.27 | 192.168.2.6 |
Oct 2, 2024 18:57:04.927989006 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:04.928009033 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:04.928281069 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:04.928945065 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:04.928952932 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.722731113 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.722798109 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.725430965 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.725436926 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.725655079 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.727484941 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.727586985 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.727591038 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.727732897 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.771408081 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.902900934 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.903549910 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:05.906171083 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.906622887 CEST | 49734 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:05.906640053 CEST | 443 | 49734 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:06.416629076 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:06.416660070 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:06.416850090 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:06.417280912 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:06.417293072 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.163666964 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.163957119 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.163981915 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.164374113 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.164442062 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.165087938 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.165148020 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.166369915 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.166429996 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.166729927 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.166737080 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.214845896 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.487000942 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.487046957 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.487107992 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.487127066 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.487165928 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.487165928 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.487175941 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.487220049 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.493171930 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.493226051 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.499146938 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.499203920 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.499273062 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.499317884 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.505582094 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.505665064 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.526556015 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.526590109 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.526654959 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.526663065 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.526710033 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.535017014 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:07.535053968 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:07.535114050 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:07.535664082 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:07.535672903 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:07.577445030 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.577485085 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.577502012 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.577521086 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.577538967 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.577553034 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.582525015 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.582559109 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.582601070 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.582612038 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.582663059 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.588896990 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.588985920 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.595263958 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.595326900 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.595357895 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.601648092 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.601728916 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.601737976 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.605220079 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:07.605258942 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:07.605341911 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:07.605693102 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:07.605712891 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:07.608697891 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.608769894 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.608777046 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.608810902 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:07.608875990 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.608899117 CEST | 49743 | 443 | 192.168.2.6 | 142.250.185.174 |
Oct 2, 2024 18:57:07.608911037 CEST | 443 | 49743 | 142.250.185.174 | 192.168.2.6 |
Oct 2, 2024 18:57:08.354252100 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.354403019 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.354422092 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.354617119 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.354759932 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.354810953 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.354940891 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.354949951 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.355297089 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.355350018 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.355458021 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.355513096 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.356004000 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.356123924 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.358952045 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.359016895 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.359172106 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.359328985 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.359637022 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.359644890 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.359841108 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.359853029 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.403552055 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.403565884 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.659970045 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.660413980 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.660470963 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.660939932 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.660957098 CEST | 443 | 49746 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.660967112 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.661056042 CEST | 49746 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.661379099 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.661640882 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.661765099 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.662167072 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.662201881 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.662261963 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.662929058 CEST | 49748 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.662938118 CEST | 443 | 49748 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.663657904 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.663672924 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.664499044 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.664542913 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:08.664634943 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.665287971 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:08.665302992 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.326435089 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.326867104 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.326878071 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.327399969 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.327460051 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.328392982 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.328448057 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.328603983 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.328684092 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.328780890 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.328788042 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.328804970 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.335983038 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.336193085 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.336241007 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.336565018 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.336633921 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.337157965 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.337225914 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.337356091 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.337419033 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.337600946 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.337625027 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.337671041 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.371762037 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.371769905 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.383402109 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.387350082 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.545598984 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.545741081 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.545787096 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.555411100 CEST | 49751 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.555438995 CEST | 443 | 49751 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.559053898 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.560266972 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.560328007 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.568738937 CEST | 49752 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:09.568753958 CEST | 443 | 49752 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:09.949330091 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:09.995405912 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.216490984 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.216535091 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.216573000 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.216612101 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:10.216646910 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.216664076 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:10.217137098 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.220376015 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:10.226744890 CEST | 49722 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:57:10.226767063 CEST | 443 | 49722 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:57:10.330883980 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:10.330936909 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:10.331293106 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:10.332561970 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:10.332577944 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:11.295411110 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:11.295507908 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:11.403446913 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:11.403465986 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:11.403927088 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:11.456110001 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:11.569665909 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:11.611423969 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:11.741457939 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:11.741564989 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:11.742243052 CEST | 49761 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:11.742284060 CEST | 443 | 49761 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:11.742337942 CEST | 49761 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:11.742687941 CEST | 49761 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:11.742703915 CEST | 443 | 49761 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:11.746321917 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:11.746382952 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230725050 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230752945 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230763912 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230772972 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230789900 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230798960 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230848074 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.230873108 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230887890 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230921030 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.230927944 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230957031 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.230983019 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.230995893 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.231050014 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.246300936 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.246318102 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.246351957 CEST | 49756 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:12.246366024 CEST | 443 | 49756 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:12.351068974 CEST | 443 | 49761 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:12.351142883 CEST | 49761 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:15.534228086 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:15.534334898 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:15.534425020 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:15.535276890 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:15.535305977 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.288090944 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.288347960 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:16.288367987 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.288746119 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.289066076 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:16.289115906 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.289401054 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:16.289427042 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:16.289433002 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.620279074 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.623493910 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:16.623550892 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:16.624696970 CEST | 49764 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:16.624730110 CEST | 443 | 49764 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:18.243266106 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:18.243318081 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:18.243405104 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:18.244124889 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:18.244141102 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.067307949 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.067446947 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.073662043 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.073689938 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.073976040 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.076076984 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.076138973 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.076143980 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.076293945 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.119410038 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.258233070 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.258768082 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:19.259346008 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.259951115 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.259951115 CEST | 49765 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:19.259970903 CEST | 443 | 49765 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:31.500835896 CEST | 443 | 49761 | 173.222.162.64 | 192.168.2.6 |
Oct 2, 2024 18:57:31.500947952 CEST | 49761 | 443 | 192.168.2.6 | 173.222.162.64 |
Oct 2, 2024 18:57:37.791477919 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:37.791522026 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:37.791588068 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:37.792625904 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:37.792640924 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.281366110 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.281420946 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.281519890 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.281964064 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.281979084 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.511145115 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.511538982 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.511564016 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.511905909 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.512288094 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.512346029 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.512567997 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.512592077 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.512600899 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.734039068 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.734078884 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.734181881 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.734730005 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.734745026 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.740394115 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.740852118 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.741022110 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.741153002 CEST | 49766 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.741167068 CEST | 443 | 49766 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.940398932 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.940893888 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.940969944 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.941355944 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.941781044 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.941854000 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:38.941970110 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.942022085 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:38.942035913 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:39.867053032 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:39.867158890 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:39.867304087 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:39.867909908 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:39.867928982 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:40.238071918 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.238204956 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.238282919 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.241113901 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.273123026 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.273140907 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.273175955 CEST | 49767 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.273205042 CEST | 443 | 49767 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.273646116 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.274693012 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.274776936 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.275805950 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.275829077 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.275851011 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.497893095 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.498020887 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:40.498078108 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.498536110 CEST | 49768 | 443 | 192.168.2.6 | 142.250.181.238 |
Oct 2, 2024 18:57:40.498555899 CEST | 443 | 49768 | 142.250.181.238 | 192.168.2.6 |
Oct 2, 2024 18:57:41.131613016 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.131778002 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.133589983 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.133626938 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.133892059 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.135761023 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.135834932 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.135848999 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.135962963 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.183398008 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.306586027 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.306659937 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:41.306922913 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.307101011 CEST | 49769 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:57:41.307121992 CEST | 443 | 49769 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:57:48.784313917 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:48.784420967 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:48.784533978 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:48.784881115 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:48.784917116 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.556164026 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.556315899 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.558588028 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.558619022 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.558881998 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.572979927 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.615437984 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.879556894 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.879652023 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.879695892 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.879729986 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.879764080 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.879779100 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.879812002 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.879924059 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.879997015 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.880023956 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.880057096 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.880114079 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.880176067 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.880232096 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.900451899 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.900494099 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:57:49.900510073 CEST | 49770 | 443 | 192.168.2.6 | 4.245.163.56 |
Oct 2, 2024 18:57:49.900516987 CEST | 443 | 49770 | 4.245.163.56 | 192.168.2.6 |
Oct 2, 2024 18:58:01.498621941 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:01.498723984 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:01.498858929 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:01.499716043 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:01.499759912 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:02.130968094 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:02.152050018 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:02.152118921 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:02.153024912 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:02.153342009 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:02.153443098 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:02.200143099 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:02.336643934 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:02.336687088 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:02.336779118 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:02.337635040 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:02.337651968 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:03.919589996 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:03.920332909 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:03.922488928 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:03.922497988 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:03.923253059 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:03.925405979 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:03.925405979 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:03.925422907 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:03.925785065 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:03.971405983 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:04.097992897 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:04.098200083 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:04.098278999 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:04.098483086 CEST | 49773 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:04.098515987 CEST | 443 | 49773 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:08.071369886 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.071500063 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:08.071744919 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.071997881 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.072036028 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:08.725538015 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:08.725982904 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.726053953 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:08.726952076 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:08.727332115 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.727446079 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:08.727531910 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.727570057 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:08.727586985 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.018927097 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.018990040 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.019094944 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.019524097 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.019563913 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.041820049 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.042155981 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.042382956 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.042639017 CEST | 49774 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.042687893 CEST | 443 | 49774 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.754406929 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.805619955 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.805659056 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.806288958 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.806683064 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.806770086 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:09.806955099 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.806991100 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:09.806998014 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:10.059367895 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:10.059541941 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:10.059611082 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:10.069549084 CEST | 49776 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:10.069570065 CEST | 443 | 49776 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:12.038762093 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:12.038824081 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:12.039011002 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:25.515801907 CEST | 49772 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:58:25.515897989 CEST | 443 | 49772 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:58:28.322177887 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:28.322232962 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:28.322438002 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:28.323061943 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:28.323071957 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.333923101 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.334054947 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.340117931 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.340132952 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.340368986 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.343128920 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.343221903 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.343226910 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.343439102 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.387409925 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.529499054 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.530551910 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.530659914 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.531018972 CEST | 49779 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:58:29.531063080 CEST | 443 | 49779 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:58:29.959249020 CEST | 49704 | 80 | 192.168.2.6 | 88.221.110.106 |
Oct 2, 2024 18:58:29.965492010 CEST | 80 | 49704 | 88.221.110.106 | 192.168.2.6 |
Oct 2, 2024 18:58:29.965600967 CEST | 49704 | 80 | 192.168.2.6 | 88.221.110.106 |
Oct 2, 2024 18:58:38.674257994 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:38.674326897 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:38.674432039 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:38.674823999 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:38.674845934 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.322586060 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.323056936 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:39.323095083 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.324445009 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.324917078 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:39.325103998 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.325489044 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:39.325531960 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:39.325550079 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.623226881 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.626118898 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:39.626317978 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:39.626395941 CEST | 49780 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:39.626414061 CEST | 443 | 49780 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.346777916 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.346884012 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.347026110 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.347603083 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.347642899 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.987864017 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.988387108 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.988449097 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.988801956 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.989228010 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.989310026 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:41.989473104 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.989473104 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:41.989521027 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:42.290519953 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:42.290662050 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:58:42.290879965 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:42.291182995 CEST | 49781 | 443 | 192.168.2.6 | 142.250.185.142 |
Oct 2, 2024 18:58:42.291229010 CEST | 443 | 49781 | 142.250.185.142 | 192.168.2.6 |
Oct 2, 2024 18:59:01.561369896 CEST | 49782 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:59:01.561418056 CEST | 443 | 49782 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:59:01.561508894 CEST | 49782 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:59:01.561788082 CEST | 49782 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:59:01.561801910 CEST | 443 | 49782 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:59:02.209718943 CEST | 443 | 49782 | 142.250.184.228 | 192.168.2.6 |
Oct 2, 2024 18:59:02.265271902 CEST | 49782 | 443 | 192.168.2.6 | 142.250.184.228 |
Oct 2, 2024 18:59:02.401113987 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:02.401170015 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:02.401426077 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:02.402050018 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:02.402071953 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.179567099 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.179647923 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.181598902 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.181612015 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.181840897 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.183914900 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.183979034 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.183984995 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.184101105 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.227404118 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.356070042 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.356154919 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Oct 2, 2024 18:59:03.356239080 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.356512070 CEST | 49783 | 443 | 192.168.2.6 | 40.115.3.253 |
Oct 2, 2024 18:59:03.356534004 CEST | 443 | 49783 | 40.115.3.253 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 18:56:56.954125881 CEST | 56870 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:56:56.954298973 CEST | 50884 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:56:56.960988998 CEST | 53 | 56870 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:56:56.962789059 CEST | 53 | 50884 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:56:56.964744091 CEST | 53 | 59991 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:56:56.969954014 CEST | 53 | 60297 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:56:57.944406986 CEST | 49491 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:56:57.944679022 CEST | 58404 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:56:57.951459885 CEST | 53 | 58404 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:56:57.951658010 CEST | 53 | 49491 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:56:57.976387024 CEST | 53 | 58556 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:01.446821928 CEST | 62679 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:57:01.447114944 CEST | 49911 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:57:01.453968048 CEST | 53 | 49911 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:01.454169989 CEST | 53 | 62679 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:01.964812994 CEST | 53 | 61768 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:03.879333019 CEST | 53 | 58559 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:06.407569885 CEST | 51690 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:57:06.407849073 CEST | 61201 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:57:06.414679050 CEST | 53 | 51690 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:06.416052103 CEST | 53 | 61201 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:07.526140928 CEST | 57230 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:57:07.526140928 CEST | 59155 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:57:07.532824039 CEST | 53 | 59155 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:07.532937050 CEST | 53 | 57230 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:14.912221909 CEST | 53 | 60753 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:33.668469906 CEST | 53 | 61686 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:56.334428072 CEST | 53 | 50276 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:57:56.884026051 CEST | 53 | 63369 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:58:08.063215971 CEST | 54376 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:58:08.063215971 CEST | 51947 | 53 | 192.168.2.6 | 1.1.1.1 |
Oct 2, 2024 18:58:08.070660114 CEST | 53 | 54376 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:58:08.070683956 CEST | 53 | 51947 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:58:08.542292118 CEST | 53 | 55924 | 1.1.1.1 | 192.168.2.6 |
Oct 2, 2024 18:58:25.525451899 CEST | 53 | 55146 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 18:56:56.954125881 CEST | 192.168.2.6 | 1.1.1.1 | 0xdac4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:56:56.954298973 CEST | 192.168.2.6 | 1.1.1.1 | 0xf1d7 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:56:57.944406986 CEST | 192.168.2.6 | 1.1.1.1 | 0x98cb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:56:57.944679022 CEST | 192.168.2.6 | 1.1.1.1 | 0xb1ab | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:57:01.446821928 CEST | 192.168.2.6 | 1.1.1.1 | 0x1e5e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:57:01.447114944 CEST | 192.168.2.6 | 1.1.1.1 | 0xcdc8 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:57:06.407569885 CEST | 192.168.2.6 | 1.1.1.1 | 0x295b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:57:06.407849073 CEST | 192.168.2.6 | 1.1.1.1 | 0xcfa4 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:57:07.526140928 CEST | 192.168.2.6 | 1.1.1.1 | 0x4d4f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:57:07.526140928 CEST | 192.168.2.6 | 1.1.1.1 | 0x1aa3 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 18:58:08.063215971 CEST | 192.168.2.6 | 1.1.1.1 | 0x3787 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 18:58:08.063215971 CEST | 192.168.2.6 | 1.1.1.1 | 0xd914 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 18:56:56.960988998 CEST | 1.1.1.1 | 192.168.2.6 | 0xdac4 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:56.962789059 CEST | 1.1.1.1 | 192.168.2.6 | 0xf1d7 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 18:56:57.951459885 CEST | 1.1.1.1 | 192.168.2.6 | 0xb1ab | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951459885 CEST | 1.1.1.1 | 192.168.2.6 | 0xb1ab | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.74.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 216.58.212.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:56:57.951658010 CEST | 1.1.1.1 | 192.168.2.6 | 0x98cb | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:57:01.453968048 CEST | 1.1.1.1 | 192.168.2.6 | 0xcdc8 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 18:57:01.454169989 CEST | 1.1.1.1 | 192.168.2.6 | 0x1e5e | No error (0) | 142.250.184.228 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:57:06.414679050 CEST | 1.1.1.1 | 192.168.2.6 | 0x295b | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:57:06.414679050 CEST | 1.1.1.1 | 192.168.2.6 | 0x295b | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:57:06.416052103 CEST | 1.1.1.1 | 192.168.2.6 | 0xcfa4 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 18:57:07.532937050 CEST | 1.1.1.1 | 192.168.2.6 | 0x4d4f | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 18:58:08.070660114 CEST | 1.1.1.1 | 192.168.2.6 | 0x3787 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
0 | 192.168.2.6 | 49710 | 40.115.3.253 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 16:56:57 UTC | 71 | OUT | |
2024-10-02 16:56:57 UTC | 249 | OUT | |
2024-10-02 16:56:57 UTC | 1084 | OUT | |
2024-10-02 16:56:57 UTC | 218 | OUT | |
2024-10-02 16:56:57 UTC | 14 | IN | |
2024-10-02 16:56:57 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49714 | 142.250.185.206 | 443 | 1460 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 16:56:57 UTC | 839 | OUT | |
2024-10-02 16:56:57 UTC | 1726 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.6 | 49717 | 172.217.16.142 | 443 | 1460 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 16:56:58 UTC | 857 | OUT | |
2024-10-02 16:56:58 UTC | 2634 | IN |