Windows
Analysis Report
http://API.BEAMBENEFITS.COM
Overview
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6640 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" --sta rt-maximiz ed "about: blank MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5268 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2096 --fi eld-trial- handle=186 4,i,142423 3194288173 0238,11876 6668986524 34801,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 3624 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" "http ://API.BEA MBENEFITS. COM MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 11 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
api.beambenefits.com | 3.227.174.248 | true | false | unknown | |
accounts.google.com | 172.253.63.84 | true | false | high | |
app.beambenefits.com | 35.172.198.133 | true | false | unknown | |
www.google.com | 142.251.35.164 | true | false | high | |
clients.l.google.com | 142.250.65.206 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
windowsupdatebg.s.llnwi.net | 69.164.46.128 | true | false | unknown | |
clients2.google.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false | high | ||
false |
| unknown | |
false | unknown | ||
false |
| unknown | |
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.65.206 | clients.l.google.com | United States | 15169 | GOOGLEUS | false | |
23.23.11.185 | unknown | United States | 14618 | AMAZON-AESUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
3.227.174.248 | api.beambenefits.com | United States | 14618 | AMAZON-AESUS | false | |
172.253.63.84 | accounts.google.com | United States | 15169 | GOOGLEUS | false | |
35.172.198.133 | app.beambenefits.com | United States | 14618 | AMAZON-AESUS | false | |
142.251.35.164 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1396491 |
Start date and time: | 2024-02-21 21:29:34 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 9s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://API.BEAMBENEFITS.COM |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/14@16/8 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.72.99, 34.104.35.123, 192.229.211.108, 40.68.123.157, 23.46.156.133, 23.46.156.174, 23.46.156.172, 23.46.156.167, 23.46.156.134, 23.46.156.145, 23.46.156.164, 23.46.156.159, 23.46.156.147, 20.3.187.198, 72.21.81.240, 20.166.126.56, 142.251.40.99, 23.46.156.158, 23.46.156.143, 23.46.156.135, 23.46.156.177, 23.46.156.175, 23.46.156.176
- Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, wu.azureedge.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://API.BEAMBENEFITS.COM
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9774761710624826 |
Encrypted: | false |
SSDEEP: | 48:8FudWTSG3HLidAKZdA19ehwiZUklqehAy+3:8FXHt/y |
MD5: | 9467372CEDAF4F60054670554D5DD4A2 |
SHA1: | 0D65251C88608BED276B50F7B01BD23114D998F8 |
SHA-256: | 4B5972A9121E24CCFAF4818E3DF62F2C04D8EF10E00B1AD8DAEE7E1D90675F2A |
SHA-512: | 96536F8B0C3C3A3C18193C6A286AD15403CBB61F3AC67DD10F2530A311D9FFFC4A8FFF8485ECC18685B8EEDE9A686E44D0671893ED4236E7615E2BC95A084851 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.993328793075595 |
Encrypted: | false |
SSDEEP: | 48:82udWTSG3HLidAKZdA1weh/iZUkAQkqehvy+2:82XHH9Qay |
MD5: | DCCFF27D42162B03E45EFAF41A99CA58 |
SHA1: | 15CEF94C8196903884FFBF10E0F655371D15E4B5 |
SHA-256: | 9C3DAEEF15D6F6F119697EBE933B34B6CC9375DDBA47951A8EE0338EF24CA09A |
SHA-512: | FF6A327CDAA087563D2B6E8C389121CBE6E6ED12C83D6457BD01518D401C8F180FFA17476021B64AEF25874FCED5920B41BE205CF25B9F399F7380B5E095C7C3 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.007278904857374 |
Encrypted: | false |
SSDEEP: | 48:8xndWTSGsHLidAKZdA14tseh7sFiZUkmgqeh7sZy+BX:8xYHKnby |
MD5: | F1CE81D611E8B32281130ADCC6539B2D |
SHA1: | 2419834433C6B079EA9F78F098B0C4BAD6B68FBA |
SHA-256: | 9A54469D6C7ABE81E6CF824C4C6D5707FD392F5699DF9EA45B9705B6391BE545 |
SHA-512: | D0DF4959A251BD7AD4DFCB91B6726CF7E03D393A31AB5BA8A5E783CEDB8290D54D2D32EF2FFDE034F03AD579F2276B4FA07CE2AC8AD03E2AD8CFC67BCFC30973 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.990738052456772 |
Encrypted: | false |
SSDEEP: | 48:8QudWTSG3HLidAKZdA1vehDiZUkwqehTy+R:8QXHkRy |
MD5: | A4E508FC1557C4FD8EFE6D096862398F |
SHA1: | FF1F4724567CC57234079E876BF75EBAAD5DBB8F |
SHA-256: | D4A8F29E8F20775DF62138627BDFA1697E0190171498D3AC8B1127BF6A77C0F4 |
SHA-512: | 3D5272ACE153E2FA065EAAC43C614CCD94C7DC6A1D2A5654B842645AACAD4D002DB7E487D9FDFF42D768BBFB619BFD859FE17690E1F289B97AC1426987EA3982 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9808551621259873 |
Encrypted: | false |
SSDEEP: | 48:82udWTSG3HLidAKZdA1hehBiZUk1W1qehFy+C:82XHk9ly |
MD5: | 229ED3BB67A947D92611BE2A6F28EBAD |
SHA1: | 74EB18AE92AA6D230B80DC4097A1BC20CC87C2F1 |
SHA-256: | 1D4ADE2CA52F3968BBEF70E84E55B3CB0FA5EED4C75305DA7FA8D58626D36C36 |
SHA-512: | 3CD75F71722A03B05397651B7C007C63A9B98121F54EF0962BE1BA85AD06546D886BB0D918905105732BE688CA7807B00D7F1A850895A01D66D9068E1AC713CE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9915393016868443 |
Encrypted: | false |
SSDEEP: | 48:87udWTSG3HLidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbby+yT+:87XHKT/TbxWOvTbby7T |
MD5: | 358F652021996C9821837A5970B2AD9C |
SHA1: | A08666FB33F4BA553279F5322F1A2088FED4437F |
SHA-256: | 9381E6B0E420420A480BB351509126239EE2BEBE3565FA8EC4A0AB0816CD1C73 |
SHA-512: | D9519427C6D070994F81EBB7BADC07D8ECF3C67971464357DB101304AA7DED20FF691019F8DD7A47E19A4A5E66A74E4347EA2829E1A74DEBF12EF99E18E452A6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9865 |
Entropy (8bit): | 3.9154230679551443 |
Encrypted: | false |
SSDEEP: | 192:J3Q/J+mE3gMr9NpO/vfkXZ/N9y1W12dIGOS5V/+lkO8RcFEKv:FQ/S3TN+v8XH9y+gPgkjctv |
MD5: | C411B5D4D410DB5976835788BFB48300 |
SHA1: | 8F5FCEF8854732D130EED03F9BE32F7031D3FAF1 |
SHA-256: | E0083E8B25B0FF25E307BBE4AA8594CAA6BDB871154749F91B2B86A8865F2F81 |
SHA-512: | 9C00E9B861215CC03BA008407A32BCC868F813E87470465B9EBE5D8A050F53EB1407591F546E1AE488FEBB805F9BB579CAE7E3979638A76E61654B9F3880E11A |
Malicious: | false |
Reputation: | low |
URL: | https://app.beambenefits.com/admin/images/beam_logo_navy.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1150 |
Entropy (8bit): | 2.820322190495294 |
Encrypted: | false |
SSDEEP: | 12:XHaQaY8Ia48vnraROl8R/Fjv8Rlq0LQY4co3assR3saKmamj2kl:X6g8nNnrVMtj+8s3xl7KtU2k |
MD5: | D95E8EB0CA87D5E1E9E1D0891098DB34 |
SHA1: | E6376BF2700FCE504A015A8697867BF407530CF3 |
SHA-256: | ABB421E4DB49ADCFA1C8A290A1C95CD858E0F5FC916613314040E0148DB7E37E |
SHA-512: | 93AE49E6D32F5FE8E47ABE6231DBCAF401B934A721FC6F6B14EFD4144B6FF0BEB0917AE7955CDA425BBC1CD6AD4AAE2861AE459241C3E02FBBE02FE5DFFC93E3 |
Malicious: | false |
Reputation: | low |
URL: | https://api.beambenefits.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2475 |
Entropy (8bit): | 3.7856458072446157 |
Encrypted: | false |
SSDEEP: | 24:3vkxZO+jwVKYxCbbzwtbc1PvrsxEbkSiMJ+2+BN7bOibX3r9GXEtoRNJ:OO+kVB0/WkJgqir3JGXjR/ |
MD5: | A4F83847641B2108B26704A4092422AF |
SHA1: | 1FDB98FC8D43D63DFFAC1995F51270151607E3C2 |
SHA-256: | B092996590CDB9BF9C0C87810CA175E298EA87430AA3473C4330FAB073EE6A01 |
SHA-512: | 7FAE38F59AC101F8D7E7598B51EA74D643B0304C2757338D4B5C5583C132BB519116D124239297069B49D00E55944E917EBDC519313C949131210769D6E8F246 |
Malicious: | false |
Reputation: | low |
URL: | https://api.beambenefits.com/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 9865 |
Entropy (8bit): | 3.9154230679551443 |
Encrypted: | false |
SSDEEP: | 192:J3Q/J+mE3gMr9NpO/vfkXZ/N9y1W12dIGOS5V/+lkO8RcFEKv:FQ/S3TN+v8XH9y+gPgkjctv |
MD5: | C411B5D4D410DB5976835788BFB48300 |
SHA1: | 8F5FCEF8854732D130EED03F9BE32F7031D3FAF1 |
SHA-256: | E0083E8B25B0FF25E307BBE4AA8594CAA6BDB871154749F91B2B86A8865F2F81 |
SHA-512: | 9C00E9B861215CC03BA008407A32BCC868F813E87470465B9EBE5D8A050F53EB1407591F546E1AE488FEBB805F9BB579CAE7E3979638A76E61654B9F3880E11A |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1150 |
Entropy (8bit): | 2.820322190495294 |
Encrypted: | false |
SSDEEP: | 12:XHaQaY8Ia48vnraROl8R/Fjv8Rlq0LQY4co3assR3saKmamj2kl:X6g8nNnrVMtj+8s3xl7KtU2k |
MD5: | D95E8EB0CA87D5E1E9E1D0891098DB34 |
SHA1: | E6376BF2700FCE504A015A8697867BF407530CF3 |
SHA-256: | ABB421E4DB49ADCFA1C8A290A1C95CD858E0F5FC916613314040E0148DB7E37E |
SHA-512: | 93AE49E6D32F5FE8E47ABE6231DBCAF401B934A721FC6F6B14EFD4144B6FF0BEB0917AE7955CDA425BBC1CD6AD4AAE2861AE459241C3E02FBBE02FE5DFFC93E3 |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 21, 2024 21:30:20.486169100 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:20.486186981 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:20.751722097 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:26.028189898 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.028224945 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.028326035 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.028801918 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.028841972 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.028939962 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.029228926 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.029246092 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.030891895 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.030914068 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.233746052 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.234234095 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.234266043 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.236259937 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.236331940 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.239906073 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.239996910 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.242295027 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.242304087 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.249562025 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.249783993 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.249804974 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.250195026 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.250264883 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.250870943 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.250936985 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.251785040 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.251981020 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.252017021 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.297900915 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.364180088 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.364263058 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.364279032 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.456073046 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.456171989 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.456182957 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.456281900 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.456425905 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.456830025 CET | 49708 | 443 | 192.168.2.5 | 142.250.65.206 |
Feb 21, 2024 21:30:26.456841946 CET | 443 | 49708 | 142.250.65.206 | 192.168.2.5 |
Feb 21, 2024 21:30:26.459342957 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.459526062 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:26.459592104 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.461325884 CET | 49707 | 443 | 192.168.2.5 | 172.253.63.84 |
Feb 21, 2024 21:30:26.461342096 CET | 443 | 49707 | 172.253.63.84 | 192.168.2.5 |
Feb 21, 2024 21:30:27.634701967 CET | 49711 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:27.635175943 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:27.733352900 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:30:27.733374119 CET | 80 | 49711 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:30:27.733510017 CET | 49711 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:27.733870983 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:27.733870983 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:27.829194069 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:30:27.830468893 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:30:27.878966093 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:27.945497990 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:27.945583105 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:27.945678949 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:27.946073055 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:27.946105957 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.146315098 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.157259941 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.157325983 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.158371925 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.158451080 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.166898012 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.167032957 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.167074919 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.209909916 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.214396000 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.214456081 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.255614042 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.359174013 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.359194040 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.359289885 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.359303951 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.359383106 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.360241890 CET | 49713 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.360285997 CET | 443 | 49713 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.506164074 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.506201029 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.506272078 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.506728888 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.506737947 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.703111887 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.722033978 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.722059011 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.723222017 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.723346949 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.730401039 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.730462074 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.730573893 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.730580091 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.780152082 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.895525932 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895546913 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895710945 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895721912 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895747900 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.895761013 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895773888 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.895773888 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895786047 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.895807028 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.895811081 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895833015 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.895875931 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.901454926 CET | 49716 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.901468039 CET | 443 | 49716 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.930985928 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.931044102 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:28.931162119 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.931719065 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:28.931739092 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.052309990 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.052352905 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.052427053 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.054630995 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.054645061 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.128715038 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.129894972 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.129930019 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.130247116 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.132210970 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.132288933 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.132474899 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.177907944 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.251763105 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.252509117 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.252521038 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.254053116 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.254116058 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.256406069 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.256509066 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.257293940 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.257303953 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.300767899 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.328006029 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.328111887 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.328176022 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.329505920 CET | 49717 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.329526901 CET | 443 | 49717 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.443907022 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.443938971 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.444013119 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.444017887 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.444031954 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.444068909 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.444080114 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.444123030 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.444129944 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.444158077 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.444206953 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.453394890 CET | 49718 | 443 | 192.168.2.5 | 23.23.11.185 |
Feb 21, 2024 21:30:29.453413963 CET | 443 | 49718 | 23.23.11.185 | 192.168.2.5 |
Feb 21, 2024 21:30:29.492444992 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.492479086 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:29.492558956 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.493580103 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:29.493587017 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.074004889 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.081473112 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.081486940 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.082479000 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.082582951 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.083403111 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.083448887 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.083683014 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.083688974 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.084633112 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.084686041 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.084747076 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.085330009 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.085340977 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.097518921 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:30.097523928 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:30.129070044 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.267008066 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.267082930 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.267213106 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.267983913 CET | 49719 | 443 | 192.168.2.5 | 35.172.198.133 |
Feb 21, 2024 21:30:30.267991066 CET | 443 | 49719 | 35.172.198.133 | 192.168.2.5 |
Feb 21, 2024 21:30:30.276825905 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.277095079 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.277124882 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.278119087 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.278206110 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.363198042 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:30.577600956 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.577760935 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.628810883 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:30.628829956 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:30.675642014 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:31.721120119 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:31.721246004 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:32.057010889 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.057060957 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.057131052 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.060245037 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.060261965 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.245259047 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.245345116 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.248346090 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.248358011 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.248579979 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.323283911 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.365906954 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.423320055 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.423398018 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.423592091 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.423655033 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.423675060 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.423686981 CET | 49723 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.423692942 CET | 443 | 49723 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.489698887 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.489746094 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.489860058 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.492019892 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.492033958 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.674021959 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.674135923 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.675740957 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.675750017 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.675961018 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.682476997 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.725939989 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.850159883 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.850364923 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.850430965 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.852415085 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.852432966 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:32.852482080 CET | 49724 | 443 | 192.168.2.5 | 23.41.168.93 |
Feb 21, 2024 21:30:32.852488041 CET | 443 | 49724 | 23.41.168.93 | 192.168.2.5 |
Feb 21, 2024 21:30:37.977351904 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:30:37.977577925 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:30:40.310421944 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:40.310477018 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:30:40.310534000 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:41.255244970 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.255354881 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.255708933 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.255752087 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.255836010 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.256345987 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.256356955 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.408176899 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.408258915 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.571553946 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.571636915 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.607619047 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.607637882 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.607964039 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.608474016 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.609144926 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.609178066 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.609313965 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.609321117 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.922856092 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.922933102 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.923136950 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.923192024 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.923193932 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.923239946 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.998795986 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.998828888 CET | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Feb 21, 2024 21:30:41.998836040 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:41.998913050 CET | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Feb 21, 2024 21:30:42.220146894 CET | 49721 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:30:42.220171928 CET | 443 | 49721 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:12.748181105 CET | 49711 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:31:12.842108011 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:31:12.843601942 CET | 80 | 49711 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:31:12.937238932 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:31:30.040386915 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:30.040410995 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:30.040493011 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:30.040924072 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:30.040936947 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:30.229645967 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:30.229986906 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:30.230000019 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:30.230279922 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:30.230674982 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:30.230717897 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:30.270112991 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:40.244870901 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:40.244940042 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:40.245121956 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:42.216763020 CET | 49732 | 443 | 192.168.2.5 | 142.251.35.164 |
Feb 21, 2024 21:31:42.216804028 CET | 443 | 49732 | 142.251.35.164 | 192.168.2.5 |
Feb 21, 2024 21:31:42.833853006 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Feb 21, 2024 21:31:42.833930969 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:31:44.213896990 CET | 49712 | 80 | 192.168.2.5 | 3.227.174.248 |
Feb 21, 2024 21:31:44.309150934 CET | 80 | 49712 | 3.227.174.248 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 21, 2024 21:30:25.883732080 CET | 58202 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:25.884179115 CET | 65222 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:25.884793997 CET | 58358 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:25.885164022 CET | 53410 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:25.971551895 CET | 53 | 58202 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:25.972919941 CET | 53 | 65222 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:25.973015070 CET | 53 | 53410 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:25.973103046 CET | 53 | 58358 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:25.994313955 CET | 53 | 50173 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:26.600061893 CET | 53 | 61003 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:27.523601055 CET | 56739 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:27.523827076 CET | 57617 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:27.631885052 CET | 53 | 56739 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:27.633584023 CET | 53 | 57617 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:27.834398985 CET | 60813 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:27.834615946 CET | 50164 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:27.944314957 CET | 53 | 50164 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:27.944804907 CET | 53 | 60813 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:28.395421982 CET | 59004 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:28.395637035 CET | 55507 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:28.491477966 CET | 53 | 59004 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:28.504156113 CET | 53 | 55507 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:28.942619085 CET | 63006 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:28.943710089 CET | 59495 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:29.040005922 CET | 53 | 59495 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:29.050935984 CET | 53 | 63006 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:29.342089891 CET | 50940 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:29.342904091 CET | 57835 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:29.450526953 CET | 53 | 50940 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:29.541471958 CET | 53 | 57835 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:29.984941959 CET | 51502 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:29.988356113 CET | 58095 | 53 | 192.168.2.5 | 1.1.1.1 |
Feb 21, 2024 21:30:30.072977066 CET | 53 | 51502 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:30.076342106 CET | 53 | 58095 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:30:43.984977961 CET | 53 | 58407 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:31:02.783260107 CET | 53 | 54227 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:31:25.727256060 CET | 53 | 54032 | 1.1.1.1 | 192.168.2.5 |
Feb 21, 2024 21:31:25.736032009 CET | 53 | 52115 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Feb 21, 2024 21:30:29.541553020 CET | 192.168.2.5 | 1.1.1.1 | c23f | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Feb 21, 2024 21:30:25.883732080 CET | 192.168.2.5 | 1.1.1.1 | 0xaaba | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:25.884179115 CET | 192.168.2.5 | 1.1.1.1 | 0x3828 | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:25.884793997 CET | 192.168.2.5 | 1.1.1.1 | 0x13e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:25.885164022 CET | 192.168.2.5 | 1.1.1.1 | 0x2776 | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:27.523601055 CET | 192.168.2.5 | 1.1.1.1 | 0x60be | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:27.523827076 CET | 192.168.2.5 | 1.1.1.1 | 0x16c3 | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:27.834398985 CET | 192.168.2.5 | 1.1.1.1 | 0x671 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:27.834615946 CET | 192.168.2.5 | 1.1.1.1 | 0x6365 | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:28.395421982 CET | 192.168.2.5 | 1.1.1.1 | 0xfca2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:28.395637035 CET | 192.168.2.5 | 1.1.1.1 | 0x17f0 | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:28.942619085 CET | 192.168.2.5 | 1.1.1.1 | 0x56b9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:28.943710089 CET | 192.168.2.5 | 1.1.1.1 | 0x3d12 | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:29.342089891 CET | 192.168.2.5 | 1.1.1.1 | 0xf9d2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:29.342904091 CET | 192.168.2.5 | 1.1.1.1 | 0x15af | Standard query (0) | 65 | IN (0x0001) | false | |
Feb 21, 2024 21:30:29.984941959 CET | 192.168.2.5 | 1.1.1.1 | 0x4f09 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Feb 21, 2024 21:30:29.988356113 CET | 192.168.2.5 | 1.1.1.1 | 0x36f2 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Feb 21, 2024 21:30:25.971551895 CET | 1.1.1.1 | 192.168.2.5 | 0xaaba | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:25.971551895 CET | 1.1.1.1 | 192.168.2.5 | 0xaaba | No error (0) | 142.250.65.206 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:25.972919941 CET | 1.1.1.1 | 192.168.2.5 | 0x3828 | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:25.973103046 CET | 1.1.1.1 | 192.168.2.5 | 0x13e6 | No error (0) | 172.253.63.84 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.631885052 CET | 1.1.1.1 | 192.168.2.5 | 0x60be | No error (0) | 3.227.174.248 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.631885052 CET | 1.1.1.1 | 192.168.2.5 | 0x60be | No error (0) | 35.172.198.133 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.631885052 CET | 1.1.1.1 | 192.168.2.5 | 0x60be | No error (0) | 18.209.170.187 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.631885052 CET | 1.1.1.1 | 192.168.2.5 | 0x60be | No error (0) | 23.23.11.185 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.944804907 CET | 1.1.1.1 | 192.168.2.5 | 0x671 | No error (0) | 35.172.198.133 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.944804907 CET | 1.1.1.1 | 192.168.2.5 | 0x671 | No error (0) | 18.209.170.187 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.944804907 CET | 1.1.1.1 | 192.168.2.5 | 0x671 | No error (0) | 23.23.11.185 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:27.944804907 CET | 1.1.1.1 | 192.168.2.5 | 0x671 | No error (0) | 3.227.174.248 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:28.491477966 CET | 1.1.1.1 | 192.168.2.5 | 0xfca2 | No error (0) | 35.172.198.133 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:28.491477966 CET | 1.1.1.1 | 192.168.2.5 | 0xfca2 | No error (0) | 23.23.11.185 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:28.491477966 CET | 1.1.1.1 | 192.168.2.5 | 0xfca2 | No error (0) | 18.209.170.187 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:28.491477966 CET | 1.1.1.1 | 192.168.2.5 | 0xfca2 | No error (0) | 3.227.174.248 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.050935984 CET | 1.1.1.1 | 192.168.2.5 | 0x56b9 | No error (0) | 23.23.11.185 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.050935984 CET | 1.1.1.1 | 192.168.2.5 | 0x56b9 | No error (0) | 35.172.198.133 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.050935984 CET | 1.1.1.1 | 192.168.2.5 | 0x56b9 | No error (0) | 18.209.170.187 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.050935984 CET | 1.1.1.1 | 192.168.2.5 | 0x56b9 | No error (0) | 3.227.174.248 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.450526953 CET | 1.1.1.1 | 192.168.2.5 | 0xf9d2 | No error (0) | 35.172.198.133 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.450526953 CET | 1.1.1.1 | 192.168.2.5 | 0xf9d2 | No error (0) | 18.209.170.187 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.450526953 CET | 1.1.1.1 | 192.168.2.5 | 0xf9d2 | No error (0) | 23.23.11.185 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:29.450526953 CET | 1.1.1.1 | 192.168.2.5 | 0xf9d2 | No error (0) | 3.227.174.248 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:30.072977066 CET | 1.1.1.1 | 192.168.2.5 | 0x4f09 | No error (0) | 142.251.35.164 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:30.076342106 CET | 1.1.1.1 | 192.168.2.5 | 0x36f2 | No error (0) | 65 | IN (0x0001) | false | |||
Feb 21, 2024 21:30:41.368211985 CET | 1.1.1.1 | 192.168.2.5 | 0xc159 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Feb 21, 2024 21:30:41.368211985 CET | 1.1.1.1 | 192.168.2.5 | 0xc159 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:31:17.859602928 CET | 1.1.1.1 | 192.168.2.5 | 0xe37b | No error (0) | 69.164.46.128 | A (IP address) | IN (0x0001) | false | ||
Feb 21, 2024 21:31:38.547481060 CET | 1.1.1.1 | 192.168.2.5 | 0x89a6 | No error (0) | 69.164.46.128 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49712 | 3.227.174.248 | 80 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Feb 21, 2024 21:30:27.733870983 CET | 435 | OUT | |
Feb 21, 2024 21:30:27.830468893 CET | 346 | IN | |
Feb 21, 2024 21:31:12.842108011 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49711 | 3.227.174.248 | 80 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Feb 21, 2024 21:31:12.748181105 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49707 | 172.253.63.84 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:26 UTC | 680 | OUT | |
2024-02-21 20:30:26 UTC | 1 | OUT | |
2024-02-21 20:30:26 UTC | 1799 | IN | |
2024-02-21 20:30:26 UTC | 23 | IN | |
2024-02-21 20:30:26 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49708 | 142.250.65.206 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:26 UTC | 752 | OUT | |
2024-02-21 20:30:26 UTC | 732 | IN | |
2024-02-21 20:30:26 UTC | 520 | IN | |
2024-02-21 20:30:26 UTC | 200 | IN | |
2024-02-21 20:30:26 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49713 | 35.172.198.133 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:28 UTC | 663 | OUT | |
2024-02-21 20:30:28 UTC | 835 | IN | |
2024-02-21 20:30:28 UTC | 2482 | IN | |
2024-02-21 20:30:28 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49716 | 35.172.198.133 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:28 UTC | 614 | OUT | |
2024-02-21 20:30:28 UTC | 250 | IN | |
2024-02-21 20:30:28 UTC | 3846 | IN | |
2024-02-21 20:30:28 UTC | 4096 | IN | |
2024-02-21 20:30:28 UTC | 101 | IN | |
2024-02-21 20:30:28 UTC | 1822 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49717 | 35.172.198.133 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:29 UTC | 596 | OUT | |
2024-02-21 20:30:29 UTC | 261 | IN | |
2024-02-21 20:30:29 UTC | 1150 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49718 | 23.23.11.185 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:29 UTC | 375 | OUT | |
2024-02-21 20:30:29 UTC | 250 | IN | |
2024-02-21 20:30:29 UTC | 3846 | IN | |
2024-02-21 20:30:29 UTC | 4096 | IN | |
2024-02-21 20:30:29 UTC | 1923 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49719 | 35.172.198.133 | 443 | 5268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:30 UTC | 355 | OUT | |
2024-02-21 20:30:30 UTC | 261 | IN | |
2024-02-21 20:30:30 UTC | 1150 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49723 | 23.41.168.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:32 UTC | 161 | OUT | |
2024-02-21 20:30:32 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49724 | 23.41.168.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:32 UTC | 239 | OUT | |
2024-02-21 20:30:32 UTC | 530 | IN | |
2024-02-21 20:30:32 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
9 | 192.168.2.5 | 49725 | 23.1.237.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-02-21 20:30:41 UTC | 2148 | OUT | |
2024-02-21 20:30:41 UTC | 1 | OUT | |
2024-02-21 20:30:41 UTC | 2483 | OUT | |
2024-02-21 20:30:41 UTC | 476 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 21:30:21 |
Start date: | 21/02/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 21:30:24 |
Start date: | 21/02/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 21:30:26 |
Start date: | 21/02/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |