Windows
Analysis Report
http://jnxm2.com
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 3672 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" --sta rt-maximiz ed "about: blank MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 344 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2436 --fi eld-trial- handle=231 6,i,125432 4966107603 8132,18087 6438700672 52752,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5940 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" "http ://jnxm2.c om MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
4% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
jnxm2.com | 3.17.122.81 | true | false |
| unknown |
www.google.com | 142.250.80.36 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.80.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
3.17.122.81 | jnxm2.com | United States | 16509 | AMAZON-02US | false |
IP |
---|
192.168.2.8 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1403356 |
Start date and time: | 2024-03-05 12:56:41 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 8s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://jnxm2.com |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@17/8@6/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.251.35.163, 142.250.81.238, 172.253.62.84, 34.104.35.123, 40.68.123.157, 192.229.211.108, 20.242.39.171, 13.85.23.206, 142.250.72.99
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9725579128162027 |
Encrypted: | false |
SSDEEP: | 48:8U0dJsTKG/HVidAKZdA1oehwiZUklqehty+3:8UYsfWay |
MD5: | 733FBD0129DA58B5EFF92DBA03D903C3 |
SHA1: | 0679BCED1FC067A2588FF7F797626DF2893F50DD |
SHA-256: | 83B0FCA04E05E9975501D048D2D1CB023D2C64139A61E4EF9E2A198877D844EA |
SHA-512: | 851AF69751349E1DF00228914E3D0CAB22C9C71A5870E8242050AE6A6D181AAB17A64199AB9F4D55827658A940B5EB7099182502618C537E2A3A2079D6DE04A6 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9890829377219412 |
Encrypted: | false |
SSDEEP: | 48:890dJsTKG/HVidAKZdA1leh/iZUkAQkqehKy+2:89Ysf09QLy |
MD5: | F725DF8E959A456900B89F70EDD8FCE2 |
SHA1: | 380E3EF22A306B964BD7D399DEC186C69D715ACC |
SHA-256: | 3063B8C8FB8393FAFBB37F507D58497673A7406C3D286E47E4D3123F67E261E4 |
SHA-512: | 19E5AF5455E7BDBE942A5995F989BCFDB6A5813188E15B297312C73E3F778C21328DE2A487AB0DAE7299005FA0D1BA7B3BD69698942005AD9146A56653A73DD9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.000653691023151 |
Encrypted: | false |
SSDEEP: | 48:8r0dJsTKGbHVidAKZdA14t5eh7sFiZUkmgqeh7sAy+BX:8rYsfYnWy |
MD5: | 4D4EF8281E6461A469D179FB768C50E5 |
SHA1: | 95A75BAD1EB2ECA108A856BEFD124E3D84C79A97 |
SHA-256: | 626273D6A21656E6DBB276B5146520E8E72AFA89C69BB3DCD22A2F1F6B48E5EB |
SHA-512: | C5D19E11715C02F4C65741A7D47BFC736C1FF55C2215ACE5385BFD4F0E68A20050089D9D9DF24051F13688A1A4630B911BFF10A1C090C3D50D231537C1F50A80 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.987648769271549 |
Encrypted: | false |
SSDEEP: | 48:8GH0dJsTKG/HVidAKZdA16ehDiZUkwqehOy+R:8GHYsfvYy |
MD5: | 52B3F8E5F69A1AF3ED1BD1937C2DD8BD |
SHA1: | ADCE6D276711AE0A1B4ABBCFEFF854B71CEBCA25 |
SHA-256: | 89FE1855683D809C6709DDF8ECF70FB3678EC1F380DACED862DD590411A6F53F |
SHA-512: | 82BBBC57776A343518831AF9F0F96BDE612A33F7FA0AD973409AAB2A68E612D4C921B5157FEE7E9192DE01246B1D2D5214404C0D04CE998D3DFD41826CCD9C5E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9749279082665954 |
Encrypted: | false |
SSDEEP: | 48:8b0dJsTKG/HVidAKZdA1UehBiZUk1W1qeh8y+C:8bYsfv9cy |
MD5: | CBF794F0B8ACC3AF4C42F5DE2609A610 |
SHA1: | 1B9A6244D8D3079C331F61E0ACA40A25B370920D |
SHA-256: | ABE2A2D0C43511EA54E0129DDB69F2B3655A86836F668825C4DE0527AA213DDF |
SHA-512: | B7BE4574583DBAE74083C62D01FEDE9D3D9E2CB1617AA10AB40060A4441E3384AC77C7A86DAFB45F6A51B9AAF4ED802FE4B4BD8B7B44B646CC3A6B3677099048 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9872476823590204 |
Encrypted: | false |
SSDEEP: | 48:8K0dJsTKG/HVidAKZdA1duTrehOuTbbiZUk5OjqehOuTbWy+yT+:8KYsfoTYTbxWOvTbWy7T |
MD5: | 1FAEFE1B05C6520B75BF40D7F3EB7F84 |
SHA1: | 5DDC0F9D31B7ABFFBE0FF2F145EF9BECF9020B51 |
SHA-256: | 65DFC986DAB52AD55B5B896375BA1D386BED5552C35E61597C452BE298E92B48 |
SHA-512: | F563CA1323B178FF0A41A62194A93EA6C6442057728D527EEB9E56693859721D8DADDC4CE2E858325004278713A23703FEA039D110CCF3F10E0ED773F3749636 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 139 |
Entropy (8bit): | 4.717826995152233 |
Encrypted: | false |
SSDEEP: | 3:PouV7uJzhquHbtt6vYk2ZRMRJfHKERSAEtvxLrXZiLKY8K09AbBK6c4NGL:hxuJzhqIzyYk+qRU4zEdxXZiqsbBK34A |
MD5: | DA7DA7D630292E7A2A7DDA8CA87B3D39 |
SHA1: | A4CB76424DC44433A2DF01FE8B0BBD836D15E970 |
SHA-256: | 52C1E7A2C36BE28C42455FE1572D7D7918C3180CAD99A2B82DAA2A38A7E7BB23 |
SHA-512: | 9E717F9C6699B280436CA9BE7107BA6301430D4DEF8311B963A266A5B3B91B2719687B04860509B6142FA24D629A3217BD450696559FE6D9DC8C60BCCFD740AD |
Malicious: | false |
Reputation: | low |
URL: | https://jnxm2.com/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 5, 2024 12:57:24.737440109 CET | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Mar 5, 2024 12:57:27.143534899 CET | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Mar 5, 2024 12:57:27.659199953 CET | 49673 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:28.034182072 CET | 49672 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:31.956043005 CET | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Mar 5, 2024 12:57:33.346807003 CET | 49671 | 443 | 192.168.2.8 | 204.79.197.203 |
Mar 5, 2024 12:57:34.034281015 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:34.034408092 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:35.296840906 CET | 49710 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.299041033 CET | 49711 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.299597025 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.299616098 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.299679041 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.299992085 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.299999952 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.398900032 CET | 80 | 49710 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.399012089 CET | 49710 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.401454926 CET | 80 | 49711 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.401654005 CET | 49711 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.617196083 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.617589951 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.617603064 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.618663073 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.618735075 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.619849920 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.619906902 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.620026112 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.620033979 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.667494059 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.724766970 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.724951982 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:35.726203918 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.729871988 CET | 49712 | 443 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:57:35.729912996 CET | 443 | 49712 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:57:37.061127901 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.061182976 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.061240911 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.061670065 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.061691999 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.260756016 CET | 49673 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:37.269124985 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.269709110 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.269769907 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.270946026 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.271025896 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.272932053 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.273031950 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.323236942 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.323268890 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:37.370121956 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:37.635986090 CET | 49672 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:38.415921926 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.415988922 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.418054104 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.421869040 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.421904087 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.611709118 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.612920046 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.618527889 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.618546009 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.618830919 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.670171022 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.866162062 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.913908958 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.968293905 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.968436956 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.968642950 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.968879938 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.968879938 CET | 49716 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:38.968899965 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:38.968911886 CET | 443 | 49716 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.038358927 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.038399935 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.038475990 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.039186954 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.039201021 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.221836090 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.221918106 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.228262901 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.228280067 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.228585958 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.233685970 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.273912907 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.397001982 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.397080898 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.397154093 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.399616003 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.399637938 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:39.399652004 CET | 49717 | 443 | 192.168.2.8 | 104.76.104.139 |
Mar 5, 2024 12:57:39.399657965 CET | 443 | 49717 | 104.76.104.139 | 192.168.2.8 |
Mar 5, 2024 12:57:41.561063051 CET | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Mar 5, 2024 12:57:47.273271084 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:47.273346901 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:47.273596048 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:48.053289890 CET | 49715 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:57:48.053325891 CET | 443 | 49715 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:57:48.428435087 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:48.581228018 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:48.581985950 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:48.582034111 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:48.582043886 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:48.582096100 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:48.582109928 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:48.582125902 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:48.582149029 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:48.582166910 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.210592031 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.363159895 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.363351107 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.363406897 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.364576101 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.364643097 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.365184069 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.365246058 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.518213987 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.518233061 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.518248081 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.518258095 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.518299103 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.523781061 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.523801088 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.523838997 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.523871899 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.524175882 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.571512938 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.571552992 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:57:50.571680069 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.571680069 CET | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Mar 5, 2024 12:57:50.717160940 CET | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Mar 5, 2024 12:58:20.400964975 CET | 49710 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:58:20.416577101 CET | 49711 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:58:20.503571987 CET | 80 | 49710 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:58:20.519042015 CET | 80 | 49711 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:58:23.245126009 CET | 49704 | 80 | 192.168.2.8 | 104.117.182.64 |
Mar 5, 2024 12:58:23.333003044 CET | 80 | 49704 | 104.117.182.64 | 192.168.2.8 |
Mar 5, 2024 12:58:23.333071947 CET | 49704 | 80 | 192.168.2.8 | 104.117.182.64 |
Mar 5, 2024 12:58:35.505103111 CET | 80 | 49711 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:58:35.505131960 CET | 80 | 49710 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:58:35.505193949 CET | 49711 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:58:35.505249023 CET | 49710 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:58:36.015938044 CET | 49710 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:58:36.015997887 CET | 49711 | 80 | 192.168.2.8 | 3.17.122.81 |
Mar 5, 2024 12:58:36.120280981 CET | 80 | 49711 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:58:36.126140118 CET | 80 | 49710 | 3.17.122.81 | 192.168.2.8 |
Mar 5, 2024 12:58:37.031280994 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:37.031358957 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:37.031441927 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:37.031821012 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:37.031841993 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:37.220885992 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:37.221388102 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:37.221456051 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:37.221823931 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:37.222275972 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:37.222356081 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:37.263381004 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:47.241978884 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:47.242058992 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Mar 5, 2024 12:58:47.242189884 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:48.012236118 CET | 49722 | 443 | 192.168.2.8 | 142.250.80.36 |
Mar 5, 2024 12:58:48.012307882 CET | 443 | 49722 | 142.250.80.36 | 192.168.2.8 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 5, 2024 12:57:33.864326954 CET | 53 | 51500 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:33.887624979 CET | 53 | 54781 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:34.424834013 CET | 53 | 63328 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:35.177511930 CET | 55227 | 53 | 192.168.2.8 | 1.1.1.1 |
Mar 5, 2024 12:57:35.180000067 CET | 62796 | 53 | 192.168.2.8 | 1.1.1.1 |
Mar 5, 2024 12:57:35.199086905 CET | 58266 | 53 | 192.168.2.8 | 1.1.1.1 |
Mar 5, 2024 12:57:35.199562073 CET | 60802 | 53 | 192.168.2.8 | 1.1.1.1 |
Mar 5, 2024 12:57:35.265678883 CET | 53 | 55227 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:35.267956018 CET | 53 | 62796 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:35.287883997 CET | 53 | 58266 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:35.288252115 CET | 53 | 60802 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:36.969069958 CET | 65173 | 53 | 192.168.2.8 | 1.1.1.1 |
Mar 5, 2024 12:57:36.969679117 CET | 55836 | 53 | 192.168.2.8 | 1.1.1.1 |
Mar 5, 2024 12:57:37.058167934 CET | 53 | 65173 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:37.058657885 CET | 53 | 55836 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:57:51.523578882 CET | 53 | 52620 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:58:10.350151062 CET | 53 | 58086 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:58:22.379801035 CET | 138 | 138 | 192.168.2.8 | 192.168.2.255 |
Mar 5, 2024 12:58:32.492255926 CET | 53 | 65023 | 1.1.1.1 | 192.168.2.8 |
Mar 5, 2024 12:58:32.840699911 CET | 53 | 49264 | 1.1.1.1 | 192.168.2.8 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 5, 2024 12:57:35.177511930 CET | 192.168.2.8 | 1.1.1.1 | 0x9e8a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 5, 2024 12:57:35.180000067 CET | 192.168.2.8 | 1.1.1.1 | 0xfc6d | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 5, 2024 12:57:35.199086905 CET | 192.168.2.8 | 1.1.1.1 | 0x1f0d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 5, 2024 12:57:35.199562073 CET | 192.168.2.8 | 1.1.1.1 | 0x7c67 | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 5, 2024 12:57:36.969069958 CET | 192.168.2.8 | 1.1.1.1 | 0x60b2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 5, 2024 12:57:36.969679117 CET | 192.168.2.8 | 1.1.1.1 | 0x69e5 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 5, 2024 12:57:35.265678883 CET | 1.1.1.1 | 192.168.2.8 | 0x9e8a | No error (0) | 3.17.122.81 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:35.265678883 CET | 1.1.1.1 | 192.168.2.8 | 0x9e8a | No error (0) | 3.131.199.178 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:35.265678883 CET | 1.1.1.1 | 192.168.2.8 | 0x9e8a | No error (0) | 3.136.242.164 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:35.287883997 CET | 1.1.1.1 | 192.168.2.8 | 0x1f0d | No error (0) | 3.17.122.81 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:35.287883997 CET | 1.1.1.1 | 192.168.2.8 | 0x1f0d | No error (0) | 3.136.242.164 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:35.287883997 CET | 1.1.1.1 | 192.168.2.8 | 0x1f0d | No error (0) | 3.131.199.178 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:37.058167934 CET | 1.1.1.1 | 192.168.2.8 | 0x60b2 | No error (0) | 142.250.80.36 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:37.058657885 CET | 1.1.1.1 | 192.168.2.8 | 0x69e5 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 5, 2024 12:57:48.749586105 CET | 1.1.1.1 | 192.168.2.8 | 0x4045 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 5, 2024 12:57:48.749586105 CET | 1.1.1.1 | 192.168.2.8 | 0x4045 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:58:02.459405899 CET | 1.1.1.1 | 192.168.2.8 | 0xeb07 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 5, 2024 12:58:02.459405899 CET | 1.1.1.1 | 192.168.2.8 | 0xeb07 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:58:25.444322109 CET | 1.1.1.1 | 192.168.2.8 | 0x17a | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 5, 2024 12:58:25.444322109 CET | 1.1.1.1 | 192.168.2.8 | 0x17a | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Mar 5, 2024 12:58:45.538666010 CET | 1.1.1.1 | 192.168.2.8 | 0x7412 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 5, 2024 12:58:45.538666010 CET | 1.1.1.1 | 192.168.2.8 | 0x7412 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.8 | 49710 | 3.17.122.81 | 80 | 344 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 5, 2024 12:58:20.400964975 CET | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.8 | 49711 | 3.17.122.81 | 80 | 344 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 5, 2024 12:58:20.416577101 CET | 6 | OUT |
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Mar 5, 2024 12:57:48.582109928 CET | 23.206.229.226 | 443 | 192.168.2.8 | 49703 | CN=r.bing.com, O=Microsoft Corporation, L=Redmond, ST=WA, C=US CN=Microsoft Azure ECC TLS Issuing CA 05, O=Microsoft Corporation, C=US | CN=Microsoft Azure ECC TLS Issuing CA 05, O=Microsoft Corporation, C=US CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Oct 18 22:32:40 CEST 2023 Wed Aug 12 02:00:00 CEST 2020 | Fri Jun 28 01:59:59 CEST 2024 Fri Jun 28 01:59:59 CEST 2024 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-5-10-11-13-35-16-23-65281,29-23-24,0 | 28a2c9bd18a11de089ef85a160da29e4 |
CN=Microsoft Azure ECC TLS Issuing CA 05, O=Microsoft Corporation, C=US | CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Aug 12 02:00:00 CEST 2020 | Fri Jun 28 01:59:59 CEST 2024 |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.8 | 49712 | 3.17.122.81 | 443 | 344 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-05 11:57:35 UTC | 652 | OUT | |
2024-03-05 11:57:35 UTC | 291 | IN | |
2024-03-05 11:57:35 UTC | 139 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.8 | 49716 | 104.76.104.139 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-05 11:57:38 UTC | 161 | OUT | |
2024-03-05 11:57:38 UTC | 494 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.8 | 49717 | 104.76.104.139 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-05 11:57:39 UTC | 239 | OUT | |
2024-03-05 11:57:39 UTC | 530 | IN | |
2024-03-05 11:57:39 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 12:57:28 |
Start date: | 05/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 12:57:30 |
Start date: | 05/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 12:57:33 |
Start date: | 05/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |