Windows
Analysis Report
https://fast.b-cdn.net
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2008 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3548 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2192 --fi eld-trial- handle=184 0,i,117911 2176172415 5368,16919 5396778545 34214,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6404 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://fast. b-cdn.net" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false |
| unknown |
fast.b-cdn.net | 169.150.247.39 | true | false |
| unknown |
www.google.com | 142.250.185.228 | true | false |
| unknown |
bunnyfonts.b-cdn.net | 169.150.247.37 | true | false |
| unknown |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false |
| unknown |
fonts.bunny.net | unknown | unknown | false |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.184.196 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
169.150.247.39 | fast.b-cdn.net | United States | 2711 | SPIRITTEL-ASUS | false | |
169.150.247.37 | bunnyfonts.b-cdn.net | United States | 2711 | SPIRITTEL-ASUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524647 |
Start date and time: | 2024-10-03 03:02:23 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 4s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://fast.b-cdn.net |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@16/10@8/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.185.238, 173.194.76.84, 34.104.35.123, 20.114.59.183, 199.232.214.172, 192.229.221.95, 20.242.39.171, 13.95.31.18, 142.250.185.67
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 19140 |
Entropy (8bit): | 7.98695599617926 |
Encrypted: | false |
SSDEEP: | 384:oeibUjjYNnNrgPt2WA8klRZjFePRuJmd6Poy5MudXGA4heWhWYMnM9:o/gjMNrgPt2WAjlr8JaAy5MKXOeuW/o |
MD5: | 9D91C6D154DED95055BA9D8D8CD653C3 |
SHA1: | 9170307012D60109548247CE761FB5D71A45BEB2 |
SHA-256: | 7F9EA3A91849752F729CF003B4839B162DB15E3BCB57A4DD8FB2533FAB377AAD |
SHA-512: | 3411FE27CCC1E3F0F64307BEB9643A942530482ACFACB1F9ECC4EF27C23CB735024EAC0D5F87650CD8F18076C85362FF6FE2F8BE71B17516CF68B664BD55CC19 |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.bunny.net/rubik/files/rubik-latin-500-normal.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8838 |
Entropy (8bit): | 5.371741301113426 |
Encrypted: | false |
SSDEEP: | 192:cSWaqXXbptPAqjxTP8OQo0WrOXXbptPAqjsLmV0tfmWIeXXbptPAqjP/xutYTi2:w3XldBpKXld2t1XldjoYx |
MD5: | C7109943C72B6F70993065D42E20444C |
SHA1: | 6096326AFBD8649010CF33CAAECEC0FD75C2BE7E |
SHA-256: | 7AE06D682FF9B1802E85122331BD3FBA98A660347AED0755D8EF48F0930E70A0 |
SHA-512: | 13ED032A314A24CD8ECA477C5A96FD0CA02FFCBEF43FD1244D431584FADDC81D6B96509AF231DE1C86BD4DF7627FDAD788643A6AD22DAFA77AB781DC833DBA6B |
Malicious: | false |
Reputation: | low |
URL: | "https://fonts.bunny.net/css?family=Rubik:300,400,500" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 678 |
Entropy (8bit): | 5.1435496014689335 |
Encrypted: | false |
SSDEEP: | 12:kxRVrFjJRrZciWsGXmLFSHDSsz1X8lFamZ6k3hA1ZSZcsLvZ0mzegCoRwFjJUzk:kTlROi+WLojSw1MXlZ6M8QcslLCUzk |
MD5: | 0E3BDE19A08632F2E893BC2A835598BC |
SHA1: | 0BB50CBDED2D95B600B7437AD58AE8189C2A489B |
SHA-256: | F62504ABBB867B0D53B4D90D746313621819F2C5D39CEAB4695AC2B0EF8CF223 |
SHA-512: | 64048720AA563B780C491DA2C7C484D418DB508FB56B5D54A6AE9FD999308A96B75FD0149CE2E6459E7DF973F2535FE7D0CEAFDA79E5B48D96595999D575406D |
Malicious: | false |
Reputation: | low |
URL: | https://fast.b-cdn.net/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17556 |
Entropy (8bit): | 7.985973640781479 |
Encrypted: | false |
SSDEEP: | 384:IAWAX7otodyzgA8e1fZBmtpUaXovcAgVdXEIlO75sQHTkYmjxYPH+aVS:S64idB3Eu9EoK5lTkYoito |
MD5: | C26CC4BC55F4CC38E588B28BC6E8559D |
SHA1: | 662E36ABFDFA041420061CE216CE895E097655C1 |
SHA-256: | D447E3DDA790BF9638B928B14C0783BE54E5C8BB796E0F1D91DD6EE2E00351C0 |
SHA-512: | 7F7A5D84AC7740543A016D14ADFCBF2FDED8555B16C50782F47F7A9DF2E456EF73830101006C5330E235DF539A71758C11AEE34F8DAD398CDE69CB8CA55F2CFD |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.bunny.net/rubik/files/rubik-latin-300-normal.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2334 |
Entropy (8bit): | 5.810445084750524 |
Encrypted: | false |
SSDEEP: | 48:Q+1jSG5d4XREec7rxE49iFLBiQZFrxytYhcB0ZrZv4CO+8K:Q+1WsyqeurxudCyh/nOi |
MD5: | 4F8AFC2689243991DCEDE77EBC8B25C8 |
SHA1: | 4504BFB7458298826D7A09DCA4EDD4E8C520497D |
SHA-256: | 8609FBF6D25103698C09480062DD212A9F8E8ACBC3D320F599BD871CEF1A7048 |
SHA-512: | 4E2CDEC8A27A6BEC4704C8351FD1E8B05BDAB66798B67590D271CA48A0A8F36B394AC744E08E2E4B36F11BDA171F00B0ADDF71188E601AAD312CFEC8BFED5EC3 |
Malicious: | false |
Reputation: | low |
URL: | https://fast.b-cdn.net/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2024 03:03:07.931525946 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Oct 3, 2024 03:03:17.539721966 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Oct 3, 2024 03:03:18.777304888 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:18.777381897 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:18.777442932 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:18.777456045 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:18.777494907 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:18.777549028 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:18.777806044 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:18.777838945 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:18.778228998 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:18.778249025 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.503479004 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.503853083 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.503880024 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.504740953 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.504829884 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.506136894 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.506191969 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.506494999 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.506501913 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.514533997 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.514844894 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.514905930 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.518543005 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.518640041 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.519093990 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.519260883 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.557837009 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.573942900 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.573956966 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.620399952 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.776386976 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.776411057 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.776479959 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.776493073 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.776658058 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.777653933 CEST | 49736 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:19.777678013 CEST | 443 | 49736 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:19.872757912 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:19.872826099 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:19.872914076 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:19.873119116 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:19.873155117 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:20.622735977 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:20.664252043 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:20.810009003 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:20.810051918 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:20.813913107 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:20.813997984 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:20.818178892 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:20.818371058 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:20.819484949 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:20.819504023 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:20.859436035 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:20.885107040 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:20.885145903 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:20.885215044 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:20.889844894 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:20.889863968 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:21.009759903 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021186113 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021208048 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021255970 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021275043 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021281004 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.021367073 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021409035 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.021425009 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.021430969 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.021485090 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.027175903 CEST | 49739 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.027211905 CEST | 443 | 49739 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.305692911 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:21.314471006 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.314524889 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.314594030 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.315392971 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.315411091 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.318128109 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.318139076 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.318202972 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.319624901 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:21.319639921 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:21.351397991 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:21.533842087 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:21.534130096 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:21.534181118 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:21.561089993 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:21.602024078 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:21.642252922 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:21.642258883 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:21.646203995 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:21.646277905 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:21.649861097 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:21.650063038 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:21.656919956 CEST | 49735 | 443 | 192.168.2.4 | 169.150.247.39 |
Oct 3, 2024 03:03:21.656933069 CEST | 443 | 49735 | 169.150.247.39 | 192.168.2.4 |
Oct 3, 2024 03:03:21.695743084 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:21.695751905 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:21.742619991 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:22.041155100 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.078833103 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.086373091 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.097966909 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.097980976 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.098124981 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.098134041 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.101876020 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.101905107 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.101973057 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.102047920 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.104707956 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.104893923 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.105590105 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.105766058 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.105885029 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.105896950 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.105967045 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.105976105 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.144104004 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:22.144133091 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:22.144357920 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:22.147399902 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:22.147414923 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:22.149049044 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.149049044 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.317822933 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343689919 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343702078 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343738079 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343755007 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343766928 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343790054 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.343852997 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343889952 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.343889952 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.343893051 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.343929052 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.360095024 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385799885 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385823011 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385859966 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385869980 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.385878086 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385891914 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.385899067 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385915041 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.385927916 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.385940075 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.385962963 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.385991096 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.398859024 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.400914907 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.400974035 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.400983095 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.401061058 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.401117086 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.401413918 CEST | 49742 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.401429892 CEST | 443 | 49742 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.404434919 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.404509068 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.404516935 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.404617071 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.404674053 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.405008078 CEST | 49741 | 443 | 192.168.2.4 | 169.150.247.37 |
Oct 3, 2024 03:03:22.405013084 CEST | 443 | 49741 | 169.150.247.37 | 192.168.2.4 |
Oct 3, 2024 03:03:22.801759958 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:22.801893950 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.205233097 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.205271959 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.206226110 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.258244991 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.458250046 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.503411055 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.645718098 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.645875931 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.646030903 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.655554056 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.655554056 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.655575991 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.655587912 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.773701906 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.773802996 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:23.773883104 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.774225950 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:23.774256945 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.394634008 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.394731998 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:25.395880938 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:25.395910025 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.396250010 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.397201061 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:25.443408966 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.675012112 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.675115108 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:25.675438881 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:25.676104069 CEST | 49744 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 3, 2024 03:03:25.676150084 CEST | 443 | 49744 | 184.28.90.27 | 192.168.2.4 |
Oct 3, 2024 03:03:31.506141901 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:31.506289959 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:31.506365061 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:33.189214945 CEST | 49740 | 443 | 192.168.2.4 | 142.250.185.228 |
Oct 3, 2024 03:03:33.189234018 CEST | 443 | 49740 | 142.250.185.228 | 192.168.2.4 |
Oct 3, 2024 03:03:36.125895023 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 3, 2024 03:03:36.132726908 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Oct 3, 2024 03:03:36.132787943 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 3, 2024 03:04:21.005970955 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:21.006015062 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:21.006127119 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:21.006602049 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:21.006623983 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:21.661489010 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:21.662247896 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:21.662270069 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:21.663446903 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:21.663899899 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:21.664073944 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:21.711380005 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:25.230659962 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 3, 2024 03:04:25.236188889 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Oct 3, 2024 03:04:25.236258030 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 3, 2024 03:04:31.574350119 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:31.574501038 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Oct 3, 2024 03:04:31.574621916 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:33.409841061 CEST | 49753 | 443 | 192.168.2.4 | 142.250.184.196 |
Oct 3, 2024 03:04:33.409871101 CEST | 443 | 49753 | 142.250.184.196 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2024 03:03:17.006906033 CEST | 53 | 59189 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:17.011226892 CEST | 53 | 56796 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:18.135905981 CEST | 53 | 57954 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:18.765495062 CEST | 61863 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:03:18.765623093 CEST | 52672 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:03:18.776045084 CEST | 53 | 52672 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:18.776540041 CEST | 53 | 61863 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:19.862190008 CEST | 64704 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:03:19.862394094 CEST | 51665 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:03:19.871326923 CEST | 53 | 51665 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:19.871495008 CEST | 53 | 64704 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:20.874114990 CEST | 63059 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:03:20.874882936 CEST | 54351 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:03:20.881948948 CEST | 53 | 63059 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:20.881964922 CEST | 53 | 54351 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:35.610692024 CEST | 53 | 63647 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:03:36.779756069 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Oct 3, 2024 03:03:54.626017094 CEST | 53 | 54444 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:04:16.159560919 CEST | 53 | 59077 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:04:17.753338099 CEST | 53 | 50827 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:04:20.888922930 CEST | 56919 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:04:20.889354944 CEST | 63450 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 3, 2024 03:04:21.004338026 CEST | 53 | 56919 | 1.1.1.1 | 192.168.2.4 |
Oct 3, 2024 03:04:21.004354954 CEST | 53 | 63450 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 3, 2024 03:03:18.765495062 CEST | 192.168.2.4 | 1.1.1.1 | 0xef8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 03:03:18.765623093 CEST | 192.168.2.4 | 1.1.1.1 | 0xd25 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 03:03:19.862190008 CEST | 192.168.2.4 | 1.1.1.1 | 0xd2f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 03:03:19.862394094 CEST | 192.168.2.4 | 1.1.1.1 | 0x3350 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 03:03:20.874114990 CEST | 192.168.2.4 | 1.1.1.1 | 0x2b9c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 03:03:20.874882936 CEST | 192.168.2.4 | 1.1.1.1 | 0x6e55 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 03:04:20.888922930 CEST | 192.168.2.4 | 1.1.1.1 | 0xf08b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 03:04:20.889354944 CEST | 192.168.2.4 | 1.1.1.1 | 0x6c15 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 3, 2024 03:03:18.776540041 CEST | 1.1.1.1 | 192.168.2.4 | 0xef8 | No error (0) | 169.150.247.39 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:19.871326923 CEST | 1.1.1.1 | 192.168.2.4 | 0x3350 | No error (0) | bunnyfonts.b-cdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:19.871495008 CEST | 1.1.1.1 | 192.168.2.4 | 0xd2f8 | No error (0) | bunnyfonts.b-cdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:19.871495008 CEST | 1.1.1.1 | 192.168.2.4 | 0xd2f8 | No error (0) | 169.150.247.37 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:20.881948948 CEST | 1.1.1.1 | 192.168.2.4 | 0x2b9c | No error (0) | 142.250.185.228 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:20.881964922 CEST | 1.1.1.1 | 192.168.2.4 | 0x6e55 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 3, 2024 03:03:33.104669094 CEST | 1.1.1.1 | 192.168.2.4 | 0x25ec | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:33.104669094 CEST | 1.1.1.1 | 192.168.2.4 | 0x25ec | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:33.625948906 CEST | 1.1.1.1 | 192.168.2.4 | 0x2479 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:33.625948906 CEST | 1.1.1.1 | 192.168.2.4 | 0x2479 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:47.675474882 CEST | 1.1.1.1 | 192.168.2.4 | 0x5b41 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 03:03:47.675474882 CEST | 1.1.1.1 | 192.168.2.4 | 0x5b41 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:04:09.736052036 CEST | 1.1.1.1 | 192.168.2.4 | 0x9492 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 03:04:09.736052036 CEST | 1.1.1.1 | 192.168.2.4 | 0x9492 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:04:21.004338026 CEST | 1.1.1.1 | 192.168.2.4 | 0xf08b | No error (0) | 142.250.184.196 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 03:04:21.004354954 CEST | 1.1.1.1 | 192.168.2.4 | 0x6c15 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 3, 2024 03:04:29.251218081 CEST | 1.1.1.1 | 192.168.2.4 | 0x5e5e | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 03:04:29.251218081 CEST | 1.1.1.1 | 192.168.2.4 | 0x5e5e | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 169.150.247.39 | 443 | 3548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:19 UTC | 657 | OUT | |
2024-10-03 01:03:19 UTC | 324 | IN | |
2024-10-03 01:03:19 UTC | 2334 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49739 | 169.150.247.37 | 443 | 3548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:20 UTC | 555 | OUT | |
2024-10-03 01:03:21 UTC | 956 | IN | |
2024-10-03 01:03:21 UTC | 8838 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49735 | 169.150.247.39 | 443 | 3548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:21 UTC | 584 | OUT | |
2024-10-03 01:03:21 UTC | 584 | IN | |
2024-10-03 01:03:21 UTC | 685 | IN | |
2024-10-03 01:03:21 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49741 | 169.150.247.37 | 443 | 3548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:22 UTC | 609 | OUT | |
2024-10-03 01:03:22 UTC | 992 | IN | |
2024-10-03 01:03:22 UTC | 16384 | IN | |
2024-10-03 01:03:22 UTC | 2756 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49742 | 169.150.247.37 | 443 | 3548 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:22 UTC | 609 | OUT | |
2024-10-03 01:03:22 UTC | 992 | IN | |
2024-10-03 01:03:22 UTC | 16384 | IN | |
2024-10-03 01:03:22 UTC | 1172 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49743 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:23 UTC | 161 | OUT | |
2024-10-03 01:03:23 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49744 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 01:03:25 UTC | 239 | OUT | |
2024-10-03 01:03:25 UTC | 514 | IN | |
2024-10-03 01:03:25 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 21:03:12 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 21:03:15 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 21:03:17 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |