Edit tour
Windows
Analysis Report
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Classification
- System is w7x64
- chrome.exe (PID: 1456 cmdline:
"C:\Progra m Files (x 86)\Google \Chrome\Ap plication\ chrome.exe " --start- maximized "about:bla nk" MD5: FFA2B8E17F645BCC20F0E0201FEF83ED) - chrome.exe (PID: 1020 cmdline:
"C:\Progra m Files (x 86)\Google \Chrome\Ap plication\ chrome.exe " --type=u tility --u tility-sub -type=netw ork.mojom. NetworkSer vice --lan g=en-US -- service-sa ndbox-type =none --mo jo-platfor m-channel- handle=144 4 --field- trial-hand le=1072,i, 8817321110 583036791, 1347856903 8220876855 ,131072 -- disable-fe atures=Opt imizationG uideModelD ownloading ,Optimizat ionHints,O ptimizatio nHintsFetc hing,Optim izationTar getPredict ion /prefe tch:8 MD5: FFA2B8E17F645BCC20F0E0201FEF83ED)
- chrome.exe (PID: 236 cmdline:
"C:\Progra m Files (x 86)\Google \Chrome\Ap plication\ chrome.exe " "https:/ /srfed-my. sharepoint .com/:f:/p /paul_scac e/EtC5e2Xq uN9Fp0K3Sw 7IAUsB1jH1 1BqdCOET9B KLSlV1Tw?e =jPSkP9" MD5: FFA2B8E17F645BCC20F0E0201FEF83ED)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | SlashNext: |
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 2 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | SlashNext | Credential Stealing type: Phishing & Social Engineering |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dual-spo-0005.spo-msedge.net | 13.107.138.10 | true | false | unknown | |
www.google.com | 142.250.186.164 | true | false | unknown | |
srfed-my.sharepoint.com | unknown | unknown | false | unknown | |
spo.nel.measure.office.net | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
true | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
13.107.138.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
13.107.136.10 | unknown | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.164 | www.google.com | United States | 15169 | GOOGLEUS | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524541 |
Start date and time: | 2024-10-02 23:53:59 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9 |
Analysis system description: | Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2) |
Number of analysed new started processes analysed: | 3 |
Number of new started drivers analysed: | 2 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@18/15@10/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): vga.dll
- Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.185.142, 172.217.218.84, 34.104.35.123, 2.20.220.159, 184.25.50.137, 184.25.50.147, 92.123.27.42, 92.123.27.114, 142.250.74.195
- Excluded domains from analysis (whitelisted): accounts.google.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, e19254.dscg.akamaiedge.net, a1894.dscb.akamai.net, shell.cdn.office.net-c.edgekey.net.globalredir.akadns.net, shell.cdn.office.net-c.edgekey.net, clients2.google.com, 193809-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, shell.cdn.office.net, update.googleapis.com, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9
⊘No simulations
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 154125 |
Entropy (8bit): | 5.343629115736869 |
Encrypted: | false |
SSDEEP: | 1536:oh2UFoIdKn9cKwN5V+GueB9G/nBDbu4k+q1vj/qIpk2k45UMX8AR+tG+ZVff9rv:ohlndhN5wGRarkP1vjPC+8b8Uff9z |
MD5: | 2AC9ADF0B8ED584D25575F9FE777ABEF |
SHA1: | 49C9A2A9C51860D91F895DE8B71E67903D3680D2 |
SHA-256: | 15975C387FD4817FDAB9E9C396F0F708FE2559350AA663B9E4469E27ED6CDA44 |
SHA-512: | B17FD6A96DC45A6601B2139AD112438143476F55E45906670F7E28F46974B1890DD4DF16D282869FD168D85F33A38ACF6EAA7D355F86FDC3DABF7AAF36EE7BD8 |
Malicious: | false |
Reputation: | low |
URL: | https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.006/spwebworker.js |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 145434 |
Entropy (8bit): | 5.560600996516305 |
Encrypted: | false |
SSDEEP: | 1536:2+Y7Z+r9uWzPQXR2hn873PZRy3UDzNRvLJxdiEFcyk4LoS2NboMVVgzru/GdKMml:2+3T8F9diEFJifVgvu7MyL3kIv3bnQa |
MD5: | 7CF1AEC902630162F89426350428DCAE |
SHA1: | 6E9D02319AF01FC4C590118C571C1CB3440F8E07 |
SHA-256: | A227FC4681776C73982750137A235033BB6649B13B07A2DA0B124AFB4D960C6C |
SHA-512: | 56CCEB133C95B2C89F859FD78AB0F3FB9D0662E49C66E92A2A6215521667B5F745A34ECEF2181D8A684DA333AF976C9323B5D3A07D31A3BA440D5CE17BCA8E36 |
Malicious: | false |
Reputation: | low |
URL: | https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 30974 |
Entropy (8bit): | 5.174742651757589 |
Encrypted: | false |
SSDEEP: | 192:ep0dJ6NBN1q+QyBf2v66ey0l9XQXrkIImmwSPtrUkEWMy/7n6xfq17afMYmft1TQ:3+QSAqSOynVnGr67VY/6TTjZZGEjlr |
MD5: | 265B0D37911105398C2B14E2440BAF30 |
SHA1: | 8EDBE4E14173C7D008E07533671BB97967D578F4 |
SHA-256: | 0F22A97159530F76BA75214EE6F9B3A77FFD97665A511917E54775737A3ADD1D |
SHA-512: | BCDEC0EA2CBA80BEA01F672A56F27AA5AD4B21DA8BE0951B080EA5606EFEEEA784289064190AD9E3EC5D84208E583739CC9430FB646372056C21CCC59D550D00 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17147 |
Entropy (8bit): | 4.926675206527061 |
Encrypted: | false |
SSDEEP: | 384:r3GhH6oaSwSaPQsPq3Qf3/U/8vFwoJbr2wKodV4vzJ9YaikHcL2MQk7:rgzwSkQWjU/8BqOaikMKu |
MD5: | 8D75B8E85D749610931E168F2EFCF555 |
SHA1: | 11410945A27700DBE941C030189C637792AAC2CE |
SHA-256: | 485A60AD5AF1CEFF60C50A9BFB08A03F0C42B984034A2255820356938B82B2A0 |
SHA-512: | EA2196C089F4F10ABB20FBDB41E097C67211734F1C1919595E163CB5D90EAD00DF8D44629ADF854F84C666B2C0D8916DDDDA2F6555F495FDCEAE1BAB5419ECA0 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 145434 |
Entropy (8bit): | 5.560600996516305 |
Encrypted: | false |
SSDEEP: | 1536:2+Y7Z+r9uWzPQXR2hn873PZRy3UDzNRvLJxdiEFcyk4LoS2NboMVVgzru/GdKMml:2+3T8F9diEFJifVgvu7MyL3kIv3bnQa |
MD5: | 7CF1AEC902630162F89426350428DCAE |
SHA1: | 6E9D02319AF01FC4C590118C571C1CB3440F8E07 |
SHA-256: | A227FC4681776C73982750137A235033BB6649B13B07A2DA0B124AFB4D960C6C |
SHA-512: | 56CCEB133C95B2C89F859FD78AB0F3FB9D0662E49C66E92A2A6215521667B5F745A34ECEF2181D8A684DA333AF976C9323B5D3A07D31A3BA440D5CE17BCA8E36 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 154125 |
Entropy (8bit): | 5.343629115736869 |
Encrypted: | false |
SSDEEP: | 1536:oh2UFoIdKn9cKwN5V+GueB9G/nBDbu4k+q1vj/qIpk2k45UMX8AR+tG+ZVff9rv:ohlndhN5wGRarkP1vjPC+8b8Uff9z |
MD5: | 2AC9ADF0B8ED584D25575F9FE777ABEF |
SHA1: | 49C9A2A9C51860D91F895DE8B71E67903D3680D2 |
SHA-256: | 15975C387FD4817FDAB9E9C396F0F708FE2559350AA663B9E4469E27ED6CDA44 |
SHA-512: | B17FD6A96DC45A6601B2139AD112438143476F55E45906670F7E28F46974B1890DD4DF16D282869FD168D85F33A38ACF6EAA7D355F86FDC3DABF7AAF36EE7BD8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 742 |
Entropy (8bit): | 5.239217359293787 |
Encrypted: | false |
SSDEEP: | 12:ZYEjHRE3jbLwvBMHRE3jaadb/M8b5YJIs4sIs4x7JR1/M8bZ:ZN+veq+WK/MQKIsVIs+31/MQZ |
MD5: | 9D878396119C486ABAC5B12D57CF911B |
SHA1: | D94BAC3E2D3DA227E9C30E93888741233DC8040F |
SHA-256: | 44B9CE868B6D3916C2C95E400F60A0D03F0E684CC3344AEFE080C7651279404C |
SHA-512: | 120367920140F61E80E5B0E178C00C18FF6CB34A88002D90CA573BA0C42DC1359AEFD5431467B1D587CC1F78CDE13C471CFFBBF810EE7C5ABF7A5786CEE87A27 |
Malicious: | false |
Reputation: | low |
URL: | https://srfed-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 30974 |
Entropy (8bit): | 5.174742651757589 |
Encrypted: | false |
SSDEEP: | 192:ep0dJ6NBN1q+QyBf2v66ey0l9XQXrkIImmwSPtrUkEWMy/7n6xfq17afMYmft1TQ:3+QSAqSOynVnGr67VY/6TTjZZGEjlr |
MD5: | 265B0D37911105398C2B14E2440BAF30 |
SHA1: | 8EDBE4E14173C7D008E07533671BB97967D578F4 |
SHA-256: | 0F22A97159530F76BA75214EE6F9B3A77FFD97665A511917E54775737A3ADD1D |
SHA-512: | BCDEC0EA2CBA80BEA01F672A56F27AA5AD4B21DA8BE0951B080EA5606EFEEEA784289064190AD9E3EC5D84208E583739CC9430FB646372056C21CCC59D550D00 |
Malicious: | false |
Reputation: | low |
URL: | https://shell.cdn.office.net/shellux/api/ShellBootInfo/business/OneShell/en-us |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 742 |
Entropy (8bit): | 5.239217359293787 |
Encrypted: | false |
SSDEEP: | 12:ZYEjHRE3jbLwvBMHRE3jaadb/M8b5YJIs4sIs4x7JR1/M8bZ:ZN+veq+WK/MQKIsVIs+31/MQZ |
MD5: | 9D878396119C486ABAC5B12D57CF911B |
SHA1: | D94BAC3E2D3DA227E9C30E93888741233DC8040F |
SHA-256: | 44B9CE868B6D3916C2C95E400F60A0D03F0E684CC3344AEFE080C7651279404C |
SHA-512: | 120367920140F61E80E5B0E178C00C18FF6CB34A88002D90CA573BA0C42DC1359AEFD5431467B1D587CC1F78CDE13C471CFFBBF810EE7C5ABF7A5786CEE87A27 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17147 |
Entropy (8bit): | 4.926675206527061 |
Encrypted: | false |
SSDEEP: | 384:r3GhH6oaSwSaPQsPq3Qf3/U/8vFwoJbr2wKodV4vzJ9YaikHcL2MQk7:rgzwSkQWjU/8BqOaikMKu |
MD5: | 8D75B8E85D749610931E168F2EFCF555 |
SHA1: | 11410945A27700DBE941C030189C637792AAC2CE |
SHA-256: | 485A60AD5AF1CEFF60C50A9BFB08A03F0C42B984034A2255820356938B82B2A0 |
SHA-512: | EA2196C089F4F10ABB20FBDB41E097C67211734F1C1919595E163CB5D90EAD00DF8D44629ADF854F84C666B2C0D8916DDDDA2F6555F495FDCEAE1BAB5419ECA0 |
Malicious: | false |
Reputation: | low |
URL: | https://shell.cdn.office.net/shellux/en/shellstrings.8d75b8e85d749610931e168f2efcf555.json |
Preview: |
⊘No static file info
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 23:54:52.356915951 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.357011080 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.357080936 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.357456923 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.357502937 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.357553959 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.357983112 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.358016968 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.358298063 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.358319044 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.953799009 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.955727100 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.955756903 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.957300901 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.957483053 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.958638906 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.958746910 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.958784103 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.963707924 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.966087103 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.966145039 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.967750072 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.967818975 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.968827963 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:52.968919039 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:52.999439955 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.158893108 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.158922911 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.168785095 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.168843985 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.334160089 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.334276915 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.334306002 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.334655046 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.335443974 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.335455894 CEST | 443 | 49165 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.335469961 CEST | 49165 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.341528893 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.341696978 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667078018 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667090893 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667156935 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667161942 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.667161942 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.667171001 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667195082 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667253971 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.667304993 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.667304993 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.667434931 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667443991 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.667501926 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.756690979 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.758452892 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.758471012 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.758497000 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.758517981 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.758517981 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.758553028 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.758884907 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.758893013 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.758913994 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.758938074 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.758938074 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.758960962 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.759599924 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.759608030 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.759653091 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.759681940 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.759784937 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.759840965 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.759855032 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.760694027 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.760713100 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.760770082 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.760782003 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.760816097 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.850925922 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.851073980 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.851111889 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.851144075 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.851186037 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.851921082 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.851938963 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.851979017 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.852010965 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.852046967 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.852694988 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.852735996 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.852766037 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.852785110 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.853538036 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.853604078 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.853617907 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.853682995 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.853738070 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.853748083 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.854553938 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.854619980 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.854630947 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.943011045 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.944678068 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.944708109 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.944756031 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.944756031 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.944798946 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.944832087 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.944850922 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.944889069 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.944905043 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.944992065 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.945369959 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.945389032 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.945445061 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.945738077 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.945796013 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.945806980 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.946130037 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.946178913 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.946191072 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.946439028 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.947149038 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.947169065 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.947285891 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.947285891 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.947300911 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.948152065 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.948178053 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.948221922 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.948239088 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.948267937 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.949099064 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.949111938 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.949168921 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.949168921 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.949183941 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.949620008 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.949637890 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.949681044 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.949697971 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.949721098 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:53.950465918 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.950479031 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:53.950541019 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070318937 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070379972 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070437908 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070467949 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070501089 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070501089 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070527077 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070561886 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070581913 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070636988 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070637941 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.070664883 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070725918 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.070777893 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.075119019 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.083013058 CEST | 49164 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.083080053 CEST | 443 | 49164 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.171686888 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.171783924 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.171844006 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.199692965 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.199732065 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.757514954 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.757951021 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.757987976 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.758364916 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.758722067 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.758786917 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.759082079 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.759114981 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.955600977 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.955643892 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.955683947 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.955709934 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.955759048 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.959685087 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.959886074 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:54.959935904 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.976761103 CEST | 49171 | 443 | 192.168.2.22 | 13.107.138.10 |
Oct 2, 2024 23:54:54.976792097 CEST | 443 | 49171 | 13.107.138.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.021327019 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.021408081 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.021476030 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.022085905 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.022126913 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.255928993 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:54:55.255973101 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:55.256035089 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:54:55.256711960 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:54:55.256742954 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:55.612457037 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.618992090 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.619050980 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.622668028 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.622867107 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.625200987 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.625423908 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.625533104 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.625639915 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.822715044 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.822777987 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.822803974 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.822868109 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.822935104 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.826569080 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.827121973 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.827197075 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.828572035 CEST | 49177 | 443 | 192.168.2.22 | 13.107.136.10 |
Oct 2, 2024 23:54:55.828598976 CEST | 443 | 49177 | 13.107.136.10 | 192.168.2.22 |
Oct 2, 2024 23:54:55.898123980 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:55.907833099 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:54:55.907891989 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:55.909487009 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:55.909569025 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:54:56.055061102 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:54:56.055260897 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:56.259413004 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:54:56.262270927 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:05.802416086 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:05.802572012 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:05.802642107 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:07.552567005 CEST | 49179 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:07.552632093 CEST | 443 | 49179 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:55.299835920 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:55.299860001 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:55.300026894 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:55.300168991 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:55.300173044 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:55.944020987 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:55.944315910 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:55.944327116 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:55.945404053 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:55.946284056 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:55:55.946456909 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:55:56.141382933 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:56:05.858441114 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:56:05.858573914 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Oct 2, 2024 23:56:05.858617067 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:56:07.548597097 CEST | 49189 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 2, 2024 23:56:07.548618078 CEST | 443 | 49189 | 142.250.186.164 | 192.168.2.22 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 23:54:50.675538063 CEST | 53 | 54821 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:54:50.838198900 CEST | 53 | 52781 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:54:52.324939966 CEST | 65510 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:52.330487967 CEST | 62672 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:52.373635054 CEST | 53 | 49384 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:54:54.103727102 CEST | 58095 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:54.164067984 CEST | 54261 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:54.993227005 CEST | 49608 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:54.993527889 CEST | 61486 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:55.242640018 CEST | 62453 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:55.247910976 CEST | 50568 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:54:55.249387980 CEST | 53 | 62453 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:54:55.254930019 CEST | 53 | 50568 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:55:10.027798891 CEST | 53 | 49750 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:55:17.086186886 CEST | 53 | 51014 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:55:27.720530987 CEST | 53 | 54738 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:55:45.792783976 CEST | 53 | 49520 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:55:50.651746035 CEST | 53 | 61549 | 8.8.8.8 | 192.168.2.22 |
Oct 2, 2024 23:55:54.989042997 CEST | 61564 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 2, 2024 23:55:54.989144087 CEST | 51384 | 53 | 192.168.2.22 | 8.8.8.8 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 2, 2024 23:54:54.353106022 CEST | 192.168.2.22 | 8.8.8.8 | d0e0 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 23:54:52.324939966 CEST | 192.168.2.22 | 8.8.8.8 | 0xfd8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 23:54:52.330487967 CEST | 192.168.2.22 | 8.8.8.8 | 0xb142 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 23:54:54.103727102 CEST | 192.168.2.22 | 8.8.8.8 | 0x3018 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 23:54:54.164067984 CEST | 192.168.2.22 | 8.8.8.8 | 0xf695 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 23:54:54.993227005 CEST | 192.168.2.22 | 8.8.8.8 | 0xaf23 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 23:54:54.993527889 CEST | 192.168.2.22 | 8.8.8.8 | 0x63e9 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 23:54:55.242640018 CEST | 192.168.2.22 | 8.8.8.8 | 0xe299 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 23:54:55.247910976 CEST | 192.168.2.22 | 8.8.8.8 | 0xe25c | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 23:55:54.989042997 CEST | 192.168.2.22 | 8.8.8.8 | 0x10f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 23:55:54.989144087 CEST | 192.168.2.22 | 8.8.8.8 | 0xa95a | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | srfed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | 2754-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | 193809-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | 193809-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.340787888 CEST | 8.8.8.8 | 192.168.2.22 | 0xfd8 | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.347964048 CEST | 8.8.8.8 | 192.168.2.22 | 0xb142 | No error (0) | srfed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.347964048 CEST | 8.8.8.8 | 192.168.2.22 | 0xb142 | No error (0) | 2754-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.347964048 CEST | 8.8.8.8 | 192.168.2.22 | 0xb142 | No error (0) | 193809-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:52.347964048 CEST | 8.8.8.8 | 192.168.2.22 | 0xb142 | No error (0) | 193809-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:54.112832069 CEST | 8.8.8.8 | 192.168.2.22 | 0x3018 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:54.171463013 CEST | 8.8.8.8 | 192.168.2.22 | 0xf695 | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.009973049 CEST | 8.8.8.8 | 192.168.2.22 | 0x63e9 | No error (0) | srfed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.009973049 CEST | 8.8.8.8 | 192.168.2.22 | 0x63e9 | No error (0) | 2754-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.009973049 CEST | 8.8.8.8 | 192.168.2.22 | 0x63e9 | No error (0) | 193809-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.009973049 CEST | 8.8.8.8 | 192.168.2.22 | 0x63e9 | No error (0) | 193809-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | srfed.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | 2754-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | 193809-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | 193809-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | dual-spo-0005.spo-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | 13.107.136.10 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.018296003 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf23 | No error (0) | 13.107.138.10 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.249387980 CEST | 8.8.8.8 | 192.168.2.22 | 0xe299 | No error (0) | 142.250.186.164 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 23:54:55.254930019 CEST | 8.8.8.8 | 192.168.2.22 | 0xe25c | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 23:55:54.997332096 CEST | 8.8.8.8 | 192.168.2.22 | 0xa95a | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 23:55:54.998358011 CEST | 8.8.8.8 | 192.168.2.22 | 0x10f | No error (0) | nel.measure.office.net.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.22 | 49165 | 13.107.138.10 | 443 | 1020 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 21:54:52 UTC | 739 | OUT | |
2024-10-02 21:54:53 UTC | 3763 | IN |