Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Credential Flusher
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Yara detected Credential Flusher
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Classification
- System is w10x64
- file.exe (PID: 6644 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: DCC55F9D576B4F7C3E10CE148A6B5573) - taskkill.exe (PID: 6564 cmdline:
taskkill / F /IM chro me.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD) - conhost.exe (PID: 6688 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - chrome.exe (PID: 3548 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://youtu be.com/acc ount?=http s://accoun ts.google. com/v3/sig nin/challe nge/pwd" - -start-ful lscreen -- no-first-r un --disab le-session -crashed-b ubble --di sable-info bars MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6964 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2272 --fi eld-trial- handle=222 0,i,968078 9941441355 712,141991 8958670403 505,262144 /prefetch :8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 8000 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=53 40 --field -trial-han dle=2220,i ,968078994 1441355712 ,141991895 8670403505 ,262144 /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 8008 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5412 --f ield-trial -handle=22 20,i,96807 8994144135 5712,14199 1895867040 3505,26214 4 /prefetc h:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialFlusher | Yara detected Credential Flusher | Joe Security |
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00ECDBBE | |
Source: | Code function: | 0_2_00ED68EE | |
Source: | Code function: | 0_2_00ED698F | |
Source: | Code function: | 0_2_00ECD076 | |
Source: | Code function: | 0_2_00ECD3A9 | |
Source: | Code function: | 0_2_00ED9642 | |
Source: | Code function: | 0_2_00ED979D | |
Source: | Code function: | 0_2_00ED9B2B | |
Source: | Code function: | 0_2_00ED5C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_00EDCE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00EDEAFF |
Source: | Code function: | 0_2_00EDED6A |
Source: | Code function: | 0_2_00EDEAFF |
Source: | Code function: | 0_2_00ECAA57 |
Source: | Code function: | 0_2_00EF9576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_d1287816-e | |
Source: | String found in binary or memory: | memstr_89955c38-7 | |
Source: | String found in binary or memory: | memstr_213ae10b-a | |
Source: | String found in binary or memory: | memstr_642cebb3-4 |
Source: | Code function: | 0_2_00ECD5EB |
Source: | Code function: | 0_2_00EC1201 |
Source: | Code function: | 0_2_00ECE8F6 |
Source: | Code function: | 0_2_00E6CAF0 | |
Source: | Code function: | 0_2_00E68060 | |
Source: | Code function: | 0_2_00ED2046 | |
Source: | Code function: | 0_2_00EC8298 | |
Source: | Code function: | 0_2_00E9E4FF | |
Source: | Code function: | 0_2_00E9676B | |
Source: | Code function: | 0_2_00EF4873 | |
Source: | Code function: | 0_2_00E8CAA0 | |
Source: | Code function: | 0_2_00E7CC39 | |
Source: | Code function: | 0_2_00E96DD9 | |
Source: | Code function: | 0_2_00E7D063 | |
Source: | Code function: | 0_2_00E691C0 | |
Source: | Code function: | 0_2_00E7B119 | |
Source: | Code function: | 0_2_00E81394 | |
Source: | Code function: | 0_2_00E81706 | |
Source: | Code function: | 0_2_00E8781B | |
Source: | Code function: | 0_2_00E819B0 | |
Source: | Code function: | 0_2_00E7997D | |
Source: | Code function: | 0_2_00E67920 | |
Source: | Code function: | 0_2_00E87A4A | |
Source: | Code function: | 0_2_00E87CA7 | |
Source: | Code function: | 0_2_00E81C77 | |
Source: | Code function: | 0_2_00E99EEE | |
Source: | Code function: | 0_2_00EEBE44 | |
Source: | Code function: | 0_2_00E81F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_00ED37B5 |
Source: | Code function: | 0_2_00EC10BF | |
Source: | Code function: | 0_2_00EC16C3 |
Source: | Code function: | 0_2_00ED51CD |
Source: | Code function: | 0_2_00EEA67C |
Source: | Code function: | 0_2_00ED648E |
Source: | Code function: | 0_2_00E642A2 |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | WMI Queries: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_00E642DE |
Source: | Code function: | 0_2_00E80A89 |
Source: | Code function: | 0_2_00E7F98E | |
Source: | Code function: | 0_2_00EF1C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-96263 |
Source: | API coverage: |
Source: | Last function: |
Source: | Code function: | 0_2_00ECDBBE | |
Source: | Code function: | 0_2_00ED68EE | |
Source: | Code function: | 0_2_00ED698F | |
Source: | Code function: | 0_2_00ECD076 | |
Source: | Code function: | 0_2_00ECD3A9 | |
Source: | Code function: | 0_2_00ED9642 | |
Source: | Code function: | 0_2_00ED979D | |
Source: | Code function: | 0_2_00ED9B2B | |
Source: | Code function: | 0_2_00ED5C97 |
Source: | Code function: | 0_2_00E642DE |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_0-95820 |
Source: | Code function: | 0_2_00EDEAA2 |
Source: | Code function: | 0_2_00E92622 |
Source: | Code function: | 0_2_00E642DE |
Source: | Code function: | 0_2_00E84CE8 |
Source: | Code function: | 0_2_00EC0B62 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 0_2_00E92622 | |
Source: | Code function: | 0_2_00E8083F | |
Source: | Code function: | 0_2_00E809D5 | |
Source: | Code function: | 0_2_00E80C21 |
Source: | Code function: | 0_2_00EC1201 |
Source: | Code function: | 0_2_00EA2BA5 |
Source: | Code function: | 0_2_00E7F98E |
Source: | Code function: | 0_2_00EE22DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_00EC0B62 |
Source: | Code function: | 0_2_00EC1663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00E80698 |
Source: | Code function: | 0_2_00ED8195 |
Source: | Code function: | 0_2_00EBD27A |
Source: | Code function: | 0_2_00E9BB6F |
Source: | Code function: | 0_2_00E642DE |
Stealing of Sensitive Information |
---|
Source: | File source: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Remote Access Functionality |
---|
Source: | File source: |
Source: | Code function: | 0_2_00EE1204 | |
Source: | Code function: | 0_2_00EE1806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Windows Management Instrumentation | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 2 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 1 Native API | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 16 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 2 Valid Accounts | LSA Secrets | 22 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 2 Virtualization/Sandbox Evasion | Cached Domain Credentials | 2 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
8% | ReversingLabs | |||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.181.238 | true | false | unknown | |
www3.l.google.com | 216.58.206.78 | true | false | unknown | |
play.google.com | 216.58.212.142 | true | false | unknown | |
www.google.com | 142.250.184.196 | true | false | unknown | |
youtube.com | 142.250.185.142 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.184.196 | www.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.212.142 | play.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.78 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.181.238 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.142 | youtube.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524418 |
Start date and time: | 2024-10-02 19:06:57 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 12 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal68.troj.evad.winEXE@34/30@12/7 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.131, 172.217.16.206, 108.177.15.84, 34.104.35.123, 142.250.186.99, 142.250.181.227, 142.250.185.170, 142.250.186.74, 172.217.16.138, 142.250.185.106, 172.217.18.10, 216.58.206.74, 142.250.186.138, 142.250.186.106, 142.250.186.42, 172.217.16.202, 142.250.185.74, 216.58.212.170, 142.250.185.138, 216.58.206.42, 142.250.186.170, 142.250.74.202, 142.250.184.234, 172.217.23.106, 142.250.181.234, 142.250.185.234, 142.250.185.202, 216.58.212.138, 172.217.18.106, 142.250.184.202, 93.184.221.240, 192.229.221.95, 172.217.18.3, 142.250.110.84, 172.217.18.14
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
Time | Type | Description |
---|---|---|
18:07:45 | Task Scheduler |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Credential Flusher | Browse | ||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Credential Flusher | Browse |
| |
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.298162049824456 |
Encrypted: | false |
SSDEEP: | 48:o7vGoolL3ALFKphnpiu7xOKAcfO/3d/rYh4vZorw:o/QLUFUL4KA+2y0Mw |
MD5: | CE055F881BDAB4EF6C1C8AA4B3890348 |
SHA1: | 2671741A70E9F5B608F690AAEEA4972003747654 |
SHA-256: | 9B91C23691D6032CDFE28863E369624B2EDB033E1487A1D1BB0977E3590E5462 |
SHA-512: | 8A22250628985C2E570E6FBADFC0D5CB6753F0735130F9E74962A409476C2859C5C81F8A0F5C427A9F13ED399C8E251FA43FF67AD5F16860640D45E7A538E857 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.355381206612617 |
Encrypted: | false |
SSDEEP: | 48:o7FEEM3MtH15jNQ8jsK3rnw0dkckTrKEp/OqLE9xz0W5Bzv3M6hIHYA+JITbwrF8:oq675jOArwoAmI/DLaxNPL5m+m6w |
MD5: | E2A7251AD83A0D0634FEA2703D10ED07 |
SHA1: | 90D72011F31FC40D3DA3748F2817F90A29EB5C01 |
SHA-256: | 1079B49C4AAF5C10E4F2E6A086623F40D200A71FF2A1F64E88AA6C91E4BE7A6F |
SHA-512: | CD6D75580EA8BD97CF7C7C0E0BD9D9A54FB6EA7DF1DDB5A95E94D38B260F9EE1425C640839ECD229B8D01E145CF2786CA374D31EC537EB8FE17FF415D5B985F5 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 698314 |
Entropy (8bit): | 5.595120835898624 |
Encrypted: | false |
SSDEEP: | 6144:TJvaKtQfcxene0F2HhPM8RGYcBlKmd5r6XISxi7SlncOpYMSrBg5X3O4mAEFD7:TJyKtkIct842ISxXJ09 |
MD5: | F82438F9EAD5F57493C673008EED9E09 |
SHA1: | E4681E68FD66D8C76C6ACBC21E2C45F36FD645BC |
SHA-256: | B4B092F54EAAA82BFAA159B8D61FB867B51C3067CBD60F4904A205A11F503250 |
SHA-512: | 89027A7B1B3A080D40411F2E6E3B62BF57AC60879223566E71BD41D900C17051F0A058EFE04F8F1FED5E05DC54617D7A86F83D21BDED0F79347795C8B980B4B2 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22833 |
Entropy (8bit): | 5.425034548615223 |
Encrypted: | false |
SSDEEP: | 384:7lFo6ZEdpgtmyiPixV9OX9gMBpHkHnfst9lZulagGcwYHiRFjJzN7:77o6ZviPixV8xpEHn89l4IgGcwYCRtb7 |
MD5: | 749B18538FE32BFE0815D75F899F5B21 |
SHA1: | AF95A019211AF69F752A43CAA54A83C2AFD41D28 |
SHA-256: | 116B2687C1D5E00DB56A79894AB0C12D4E2E000B9379B7E7AD751B84DF611F3F |
SHA-512: | E4B6F4556AA0FD9979BB52681508F5E26FFB256473803F74F7F5C8D93FA3636D7D0A5835618FBC6123022805CE0D9616A7451A0F302C665E28A6090B5D588505 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4066 |
Entropy (8bit): | 5.363016925556486 |
Encrypted: | false |
SSDEEP: | 96:G2CiFZX5BReR68ujioIRVrqtyzBeTV6SfyAKLif9c7w:bCMZXVeR6jiosVrqtyzBaImyAKw9x |
MD5: | FC5E597D923838E10390DADD12651A81 |
SHA1: | C9959F8D539DB5DF07B8246EC12539B6A9CC101F |
SHA-256: | A7EBD5280C50AE93C061EAE1E9727329E015E97531F8F2D82D0E3EA76ADB37B4 |
SHA-512: | 784CA572808F184A849388723FBB3701E6981D885BBA8A330A933F90BF0B36A2E4A491D4463A27911B1D9F7A7134F23E15F187FC7CB4554EAE9BC252513EED7C |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.404371326611379 |
Encrypted: | false |
SSDEEP: | 192:EEFZpeip4HzZlY0If0Ma23jcUcrhCx6VD1TYPi8:Es/p4jgjUhtD1TY68 |
MD5: | 21E893B65627B397E22619A9F5BB9662 |
SHA1: | F561B0F66211C1E7B22F94B4935C312AB7087E85 |
SHA-256: | FFA9B8BC8EF2CDFF5EB4BA1A0BA1710A253A5B42535E2A369D5026967DCF4673 |
SHA-512: | 3DE3CD6A4E9B06AB3EB324E90A40B5F2AEEA8D7D6A2651C310E993CF79EEB5AC6E2E33C587F46B2DD20CC862354FD1A61AEBB9B990E6805F6629404BA285F8FA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.291808298251231 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DuZvuhqCsNRxoYTY9/qoVk7hz1l2p6vDMW94uEQOeGbCx4VGbgCSFBV87OU:o7DuZWhv6oy12kvwKEeGbC6GbHSh/Hrw |
MD5: | 4CA7ADFE744A690411EA4D3EA8DB9E4B |
SHA1: | 2CF1777A199E25378D330DA68BED1871B5C5BC32 |
SHA-256: | 128129BA736B3094323499B0498A5B3A909C1529717461C34B70080A5B1603BD |
SHA-512: | 8BD3477AF41D1F0FE74AFFCB177BEC0F5F4FDCBBA6BD29D9C2567E6FFDEF5DEB7FF74BF348F33209C39D7BB4958E748DF6731D3DC8F6947352276BC92EAF9E79 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 743936 |
Entropy (8bit): | 5.791086230020914 |
Encrypted: | false |
SSDEEP: | 6144:YVXWBQkPdzg5pTX1ROv/duPzd8C3s891/N:Nfd8j91/N |
MD5: | 1A3606C746E7B1C949D9078E8E8C1244 |
SHA1: | 56A3EB1E93E61ACD7AAD39DC3526CB60E23651B1 |
SHA-256: | 5F49AE5162183E2EF6F082B29EC99F18DB0212B8ADDB03699B1BFB0AC7869742 |
SHA-512: | F2D15243311C472331C5F3F083BB6C18D38EC0247A3F3CBAFD96DBA40E4EAE489CDA04176672E39FE3760EF7347596B2A5EAB0FB0125E881EF514475C99863B9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlE6O04h0gj7Nu50q-nmaRKM6WWcJw/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3467 |
Entropy (8bit): | 5.514745431912774 |
Encrypted: | false |
SSDEEP: | 96:ozbld2fNUmeqJNizhNtt1W8t//loyIpXmdVE2w:onSKE8PWe/Cy4X3j |
MD5: | 8DEF399E8355ABC23E64505281005099 |
SHA1: | 24FF74C3AEFD7696D84FF148465DF4B1B60B1696 |
SHA-256: | F128D7218E1286B05DF11310AD3C8F4CF781402698E45448850D2A3A22F5F185 |
SHA-512: | 33721DD47658D8E12ADF6BD9E9316EB89F5B6297927F7FD60F954E04B829DCBF0E1AE6DDD9A3401F45E0011AE4B1397B960C218238A3D0F633A2173D8E604082 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.257113147606035 |
Encrypted: | false |
SSDEEP: | 48:o72ZrNZ4yNAbU+15fMxIdf5WENoBCbw7DbG2bEJrw:oyNNAY+1i4HoBNG2Ilw |
MD5: | F06E2DC5CC446B39F878B5F8E4D78418 |
SHA1: | 9F1F34FDD8F8DAB942A9B95D9F720587B6F6AD48 |
SHA-256: | 118E4D2FE7CEF205F9AFC87636554C6D8220882B158333EE3D1990282D158B8F |
SHA-512: | 893C4F883CD1C88C6AAF5A6E7F232D62823A53E1FFDE5C1C52BB066D75781DD041F4D281CDBF18070D921CE862652D8863E2B9D5E0190CFA4128890D62C44168 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5050 |
Entropy (8bit): | 5.289052544075544 |
Encrypted: | false |
SSDEEP: | 96:o4We0hP7OBFXYvB1sig3Fd8HkaXzLmUrv8Vh1WJlLQXT2v2gqw:655758Fd8HkaPZ0GmAD |
MD5: | 26E26FD11772DFF5C7004BEA334289CC |
SHA1: | 638DAAF541BDE31E95AEE4F8ADA677434D7051DB |
SHA-256: | ADFE3E4960982F5EF4C043052A9990D8683C5FC2B590E817B6B1A5774DDE2CE3 |
SHA-512: | C31929EB6D1C60D6A84A2574FF60490394A6D6F9B354972F3328952F570D80B3F2AEC916B0E1B66DDB1AC056EB75BFAC477E7AF631D0AD1810EDBAF025465D66 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32500 |
Entropy (8bit): | 5.378903546681047 |
Encrypted: | false |
SSDEEP: | 768:zYlbuROstb0e39nKGrkysU0smpu4OLOdzIf1p/5GeSsngurz6aKEEEGo/:zYl61Cysbu4OLOdzIfrIen72ZFo/ |
MD5: | BF4BF9728A7C302FBA5B14F3D0F1878B |
SHA1: | 2607CA7A93710D629400077FF3602CB207E6F53D |
SHA-256: | 8981E7B228DF7D6A8797C0CD1E9B0F1F88337D5F0E1C27A04E7A57D2C4309798 |
SHA-512: | AC9E170FC3AFDC0CF6BB8E926B93EF129A5FAD1BBA51B60BABCF3555E9B652E98F86A00FB099879DED35DD3FFE72ECFA597E20E6CA8CF402BEDEC40F78412EDA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
File type: | |
Entropy (8bit): | 6.582311838864741 |
TrID: |
|
File name: | file.exe |
File size: | 918'528 bytes |
MD5: | dcc55f9d576b4f7c3e10ce148a6b5573 |
SHA1: | 670551f9924140aa4e7fd6c4881902e87686cce8 |
SHA256: | 22a657c00ca607d94697d97c1b9fa774c7daaa4a7dee29e0f1e6afd8117f4e5d |
SHA512: | 0095471940fe15e1f7c87d758e016e8960046f765a11429fbcf91d92a5c0419c5dffb00a027cd4f0492fbc508610236b82fbdb4377fe514de0091e91bb5aaa6c |
SSDEEP: | 12288:5qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgayT+:5qDEvCTbMWu7rQYlBQcBiT6rprG8aS+ |
TLSH: | C8159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FD7880 [Wed Oct 2 16:44:48 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007FD3D973F6F3h |
jmp 00007FD3D973EFFFh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FD3D973F1DDh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FD3D973F1AAh |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007FD3D9741D9Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007FD3D9741DE8h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007FD3D9741DD1h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x9990 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x9990 | 0x9a00 | 94062f9a09f2d8301696eb0f4d902598 | False | 0.3059303977272727 | data | 5.281275157676861 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0xc56 | data | 1.0034832172260926 | ||
RT_GROUP_ICON | 0xdd410 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd488 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd49c | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd4b0 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd4c4 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd5a0 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 19:07:58.004426956 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.004477978 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.004542112 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.005942106 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.005953074 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.649652958 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.649847984 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.649880886 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.650284052 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.650341988 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.650958061 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.651005983 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.652318001 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.652375937 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.652467012 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.652476072 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.698482990 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.929960012 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.930041075 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.930088043 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.930883884 CEST | 49731 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:07:58.930900097 CEST | 443 | 49731 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:07:58.940747023 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:58.940778971 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:58.940829039 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:58.941021919 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:58.941031933 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.597903013 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.643558025 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.643573046 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.644285917 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.644346952 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.645028114 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.645062923 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.646147013 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.646214962 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.646470070 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.646476030 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.698470116 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.908118010 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.908173084 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.908243895 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.908293009 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.908355951 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:07:59.908420086 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.910453081 CEST | 49736 | 443 | 192.168.2.4 | 142.250.181.238 |
Oct 2, 2024 19:07:59.910486937 CEST | 443 | 49736 | 142.250.181.238 | 192.168.2.4 |
Oct 2, 2024 19:08:01.839097023 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:01.839169979 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:01.840094090 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:01.840094090 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:01.840150118 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:02.506840944 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:02.507201910 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:02.507229090 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:02.508434057 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:02.508497953 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:02.527414083 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:02.527638912 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:02.581310987 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:02.581340075 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:02.636873007 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:02.715449095 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:02.715486050 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:02.715567112 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:02.717243910 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:02.717272043 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.693916082 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.694051027 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.709557056 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.709583998 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.710134983 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.751219988 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.766571999 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.811399937 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.965688944 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.965761900 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.966006994 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.966557980 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.966579914 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:03.966677904 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:03.966686010 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.000293970 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.000329971 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.000451088 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.000742912 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.000752926 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.681962967 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.682040930 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.770987988 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.771020889 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.771374941 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.780844927 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.823407888 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.970088959 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.970160961 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.970221996 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.972178936 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.972206116 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:04.972222090 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 19:08:04.972229004 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 19:08:07.496762991 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:07.496825933 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:07.496906996 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:07.497138023 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:07.497169971 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.144625902 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.145073891 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.145142078 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.145575047 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.145652056 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.146296024 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.146344900 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.147450924 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.147521019 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.147857904 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.147877932 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.192392111 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.523643970 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523699045 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523731947 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523761034 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523777008 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.523777962 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.523792982 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523847103 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523875952 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523896933 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.523896933 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.523915052 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523924112 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.523968935 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.523982048 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.524039030 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.524063110 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.528395891 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.528460979 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.528486013 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.564250946 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.564299107 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.564322948 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.564336061 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.564347982 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.564378977 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.569339037 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.569385052 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.569395065 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.569417953 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.569463968 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.575651884 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.575730085 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.595937967 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.595997095 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.596035004 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.596055984 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.596107006 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.596160889 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.596226931 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.596271038 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.596285105 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.596468925 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.596514940 CEST | 443 | 49756 | 216.58.206.78 | 192.168.2.4 |
Oct 2, 2024 19:08:08.596566916 CEST | 49756 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 2, 2024 19:08:08.651913881 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:08.651942015 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:08.652000904 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:08.652230024 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:08.652245045 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:08.702177048 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:08.702274084 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:08.702361107 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:08.702805042 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:08.702836037 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.373992920 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.394360065 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.394368887 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.394907951 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.394969940 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.395932913 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.396001101 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.398215055 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.398288012 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.398957968 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.398964882 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.418442011 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.420366049 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.420389891 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.420763969 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.420818090 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.421483040 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.421523094 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.421827078 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.421876907 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.422498941 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.422504902 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.449925900 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.466286898 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.711884022 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.711988926 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.712100983 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.719655037 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.719779015 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.719852924 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.778326035 CEST | 49762 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.778358936 CEST | 443 | 49762 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.783322096 CEST | 49760 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.783358097 CEST | 443 | 49760 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.785311937 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.785362005 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.785433054 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.788463116 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.788522959 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.788676023 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.796225071 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.796255112 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:09.796359062 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:09.796381950 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.058722019 CEST | 49672 | 443 | 192.168.2.4 | 173.222.162.32 |
Oct 2, 2024 19:08:10.058825970 CEST | 443 | 49672 | 173.222.162.32 | 192.168.2.4 |
Oct 2, 2024 19:08:10.440073013 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.440453053 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.440488100 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.440579891 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.440836906 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.440865040 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.441911936 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.441972971 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.442086935 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.442142963 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.442702055 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.442754984 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.442920923 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.442922115 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.442964077 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.442991018 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.443068981 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.443093061 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.443120956 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.443188906 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.443272114 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.443285942 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.443308115 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.443344116 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.487409115 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.496341944 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.496370077 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.496397972 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.543232918 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.661823034 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.663376093 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.663439035 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.664402962 CEST | 49765 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.664426088 CEST | 443 | 49765 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.671633005 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.671958923 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.672030926 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.672636986 CEST | 49764 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:10.672660112 CEST | 443 | 49764 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:10.817652941 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:10.863404989 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.082688093 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:11.082710981 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:11.082794905 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:11.084754944 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:11.084767103 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:11.088651896 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.088701010 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.088731050 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.088762999 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.088778019 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:11.088793039 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.088814020 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:11.089215040 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.089320898 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:11.091403961 CEST | 49741 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:08:11.091419935 CEST | 443 | 49741 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:08:11.881483078 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:11.881551027 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:11.884877920 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:11.884886026 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:11.885169029 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:11.948357105 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:12.997939110 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:13.043399096 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257499933 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257520914 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257529020 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257544994 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257563114 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:13.257571936 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257587910 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:13.257594109 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257616997 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257637024 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:13.257642984 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.257662058 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:13.258078098 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.258132935 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:13.258140087 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.258277893 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:13.258318901 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:14.176211119 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:14.176211119 CEST | 49769 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:14.176238060 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:14.176243067 CEST | 443 | 49769 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:16.498702049 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:16.498755932 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:16.498814106 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:16.500372887 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:16.500386953 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.240262032 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.240675926 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:17.240721941 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.241261005 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.241579056 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:17.241667032 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.241728067 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:17.241744995 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:17.241761923 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.550843000 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.551059008 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:17.551105022 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:17.551753044 CEST | 49779 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:17.551779032 CEST | 443 | 49779 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:39.358917952 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:39.358963966 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:39.359127998 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:39.359700918 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:39.359714031 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:39.898570061 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:39.898621082 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:39.898823977 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:39.898983002 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:39.898998022 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.013752937 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.014086962 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.014168978 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.014518976 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.014844894 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.014920950 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.015014887 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.015053988 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.015068054 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.038497925 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.038557053 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.038657904 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.038887978 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.038897991 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.317161083 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.317514896 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.317601919 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.317842007 CEST | 49783 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.317888021 CEST | 443 | 49783 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.542823076 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.543102026 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.543126106 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.543498993 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.543777943 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.543845892 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.543951988 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.543972015 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.543982983 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.675051928 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.675375938 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.675422907 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.675757885 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.676037073 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.676094055 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.676186085 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.676207066 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.676214933 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.842154026 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.842804909 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.842917919 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.845032930 CEST | 49784 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.845052958 CEST | 443 | 49784 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.904489994 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.904609919 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:40.904687881 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.908869982 CEST | 49785 | 443 | 192.168.2.4 | 216.58.212.142 |
Oct 2, 2024 19:08:40.908917904 CEST | 443 | 49785 | 216.58.212.142 | 192.168.2.4 |
Oct 2, 2024 19:08:50.633042097 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:50.633141994 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:50.633223057 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:50.633554935 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:50.633590937 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.407753944 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.408066034 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.411726952 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.411741972 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.412003040 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.421642065 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.463399887 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.739331961 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.739356041 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.739439011 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.739500999 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.739525080 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.739552975 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.739574909 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.740439892 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.740474939 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.740506887 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.740511894 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.740534067 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.740537882 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.740587950 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.744827032 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.744842052 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:08:51.744853973 CEST | 49786 | 443 | 192.168.2.4 | 20.114.59.183 |
Oct 2, 2024 19:08:51.744858980 CEST | 443 | 49786 | 20.114.59.183 | 192.168.2.4 |
Oct 2, 2024 19:09:01.888168097 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:01.888293982 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:01.888417006 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:01.888662100 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:01.888695002 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:02.528027058 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:02.528865099 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:02.528892040 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:02.529354095 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:02.529644012 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:02.529755116 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:02.575290918 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:09.605787039 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:09.605828047 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:09.605897903 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:09.606061935 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:09.606086016 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.246675968 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.246997118 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:10.247035027 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.247574091 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.247860909 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:10.247936010 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.248034000 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:10.248058081 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:10.248065948 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.567142963 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.569106102 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:10.569189072 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:10.569580078 CEST | 49790 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:10.569602013 CEST | 443 | 49790 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:12.493989944 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:12.494062901 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:12.494118929 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:12.561664104 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:09:12.561711073 CEST | 443 | 49788 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:09:12.562000990 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:12.562100887 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:12.562194109 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:12.562477112 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:12.562517881 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.219430923 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.219779968 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:13.219810963 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.220169067 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.220633984 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:13.220719099 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.220818996 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:13.220865011 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:13.220890045 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.538187027 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.538316965 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:13.538405895 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:13.538873911 CEST | 49791 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:13.538901091 CEST | 443 | 49791 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:40.372940063 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:40.373027086 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:40.373126984 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:40.373575926 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:40.373608112 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.047610044 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.090858936 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.097275972 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.097290039 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.097855091 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.098469973 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.098536968 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.098697901 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.098723888 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.098728895 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.349783897 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.350497961 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:41.350610971 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.350769997 CEST | 49793 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:41.350796938 CEST | 443 | 49793 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.315779924 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.315834999 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.315933943 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.316344023 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.316365004 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.962802887 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.963175058 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.963192940 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.963761091 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.964143991 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.964236975 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:44.964358091 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.964395046 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:44.964405060 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:45.263124943 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:45.264413118 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:09:45.264810085 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:45.264909983 CEST | 49794 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 19:09:45.264951944 CEST | 443 | 49794 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 19:10:01.952799082 CEST | 49795 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:10:01.952867031 CEST | 443 | 49795 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:10:01.952944994 CEST | 49795 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:10:01.953330994 CEST | 49795 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:10:01.953346014 CEST | 443 | 49795 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:10:02.612844944 CEST | 443 | 49795 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:10:02.613177061 CEST | 49795 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:10:02.613231897 CEST | 443 | 49795 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:10:02.613713980 CEST | 443 | 49795 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:10:02.614156961 CEST | 49795 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 2, 2024 19:10:02.614242077 CEST | 443 | 49795 | 142.250.184.196 | 192.168.2.4 |
Oct 2, 2024 19:10:02.654340982 CEST | 49795 | 443 | 192.168.2.4 | 142.250.184.196 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 19:07:57.941554070 CEST | 53 | 54586 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:07:57.982687950 CEST | 63529 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:07:57.982840061 CEST | 55914 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:07:57.991305113 CEST | 53 | 55914 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:07:57.996385098 CEST | 53 | 52732 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:07:58.002360106 CEST | 53 | 63529 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:07:58.933322906 CEST | 64947 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:07:58.933468103 CEST | 62467 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:07:58.940129995 CEST | 53 | 64947 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:07:58.940398932 CEST | 53 | 62467 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:07:58.991235971 CEST | 53 | 59705 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:01.825097084 CEST | 50689 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:08:01.825146914 CEST | 56020 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:08:01.834147930 CEST | 53 | 50689 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:01.834165096 CEST | 53 | 56020 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:04.863596916 CEST | 53 | 63440 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:07.486665010 CEST | 60281 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:08:07.486829996 CEST | 61717 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:08:07.493500948 CEST | 53 | 60281 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:07.493640900 CEST | 53 | 61717 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:08.629462957 CEST | 58906 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:08:08.629621983 CEST | 49355 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:08:08.636389017 CEST | 53 | 58906 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:08.636974096 CEST | 53 | 49355 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:10.365333080 CEST | 53 | 60525 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:11.013300896 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Oct 2, 2024 19:08:15.982424974 CEST | 53 | 60664 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:34.722138882 CEST | 53 | 55188 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:57.771334887 CEST | 53 | 56736 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:08:57.772254944 CEST | 53 | 51150 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:09:09.507644892 CEST | 53 | 50591 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:09:09.598110914 CEST | 62490 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:09:09.598261118 CEST | 58533 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 19:09:09.605359077 CEST | 53 | 58533 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:09:09.605407000 CEST | 53 | 62490 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 19:09:25.926584959 CEST | 53 | 55507 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 19:07:57.982687950 CEST | 192.168.2.4 | 1.1.1.1 | 0x9b30 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 19:07:57.982840061 CEST | 192.168.2.4 | 1.1.1.1 | 0xf3fb | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 19:07:58.933322906 CEST | 192.168.2.4 | 1.1.1.1 | 0x48ae | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 19:07:58.933468103 CEST | 192.168.2.4 | 1.1.1.1 | 0x3fd3 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 19:08:01.825097084 CEST | 192.168.2.4 | 1.1.1.1 | 0xc79e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 19:08:01.825146914 CEST | 192.168.2.4 | 1.1.1.1 | 0x3799 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 19:08:07.486665010 CEST | 192.168.2.4 | 1.1.1.1 | 0x3341 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 19:08:07.486829996 CEST | 192.168.2.4 | 1.1.1.1 | 0x5db1 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 19:08:08.629462957 CEST | 192.168.2.4 | 1.1.1.1 | 0x701b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 19:08:08.629621983 CEST | 192.168.2.4 | 1.1.1.1 | 0xac20 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 19:09:09.598110914 CEST | 192.168.2.4 | 1.1.1.1 | 0x20ee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 19:09:09.598261118 CEST | 192.168.2.4 | 1.1.1.1 | 0x6ff5 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 19:07:57.991305113 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3fb | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 19:07:58.002360106 CEST | 1.1.1.1 | 192.168.2.4 | 0x9b30 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940129995 CEST | 1.1.1.1 | 192.168.2.4 | 0x48ae | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940398932 CEST | 1.1.1.1 | 192.168.2.4 | 0x3fd3 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 19:07:58.940398932 CEST | 1.1.1.1 | 192.168.2.4 | 0x3fd3 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 19:08:01.834147930 CEST | 1.1.1.1 | 192.168.2.4 | 0xc79e | No error (0) | 142.250.184.196 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:08:01.834165096 CEST | 1.1.1.1 | 192.168.2.4 | 0x3799 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 19:08:07.493500948 CEST | 1.1.1.1 | 192.168.2.4 | 0x3341 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 19:08:07.493500948 CEST | 1.1.1.1 | 192.168.2.4 | 0x3341 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:08:07.493640900 CEST | 1.1.1.1 | 192.168.2.4 | 0x5db1 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 19:08:08.636389017 CEST | 1.1.1.1 | 192.168.2.4 | 0x701b | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 19:09:09.605407000 CEST | 1.1.1.1 | 192.168.2.4 | 0x20ee | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49731 | 142.250.185.142 | 443 | 6964 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 17:07:58 UTC | 859 | OUT | |
2024-10-02 17:07:58 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 142.250.181.238 | 443 | 6964 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 17:07:59 UTC | 877 | OUT | |
2024-10-02 17:07:59 UTC | 2634 | IN |