Edit tour
Windows
Analysis Report
http://151.139.124.68/phf/d/dod/ph/prod5/msdownload/update/software/secu/2024/02/1024/windows10.0-kb5034763-x64_a381c0ece7882aefb9aeb871b3a2c2cadea25eca.cab.json?cacheHostOrigin=download.windowsupdate.com
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
- chrome.exe (PID: 1868 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" --sta rt-maximiz ed "about: blank MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 2136 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2348 --fi eld-trial- handle=219 6,i,865917 8138251282 005,175263 4252865028 9202,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 2796 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" "http ://151.139 .124.68/ph f/d/dod/ph /prod5/msd ownload/up date/softw are/secu/2 024/02/102 4/windows1 0.0-kb5034 763-x64_a3 81c0ece788 2aefb9aeb8 71b3a2c2ca dea25eca.c ab.json?ca cheHostOri gin=downlo ad.windows update.com MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | 146.19.181.19 | true | false | unknown | |
www.google.com | 142.251.40.196 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
windowsupdatebg.s.llnwi.net | 69.164.46.0 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
151.139.124.68 | unknown | United States | 33438 | HIGHWINDS2US | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.251.40.196 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1411167 |
Start date and time: | 2024-03-18 17:25:35 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 2m 59s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://151.139.124.68/phf/d/dod/ph/prod5/msdownload/update/software/secu/2024/02/1024/windows10.0-kb5034763-x64_a381c0ece7882aefb9aeb871b3a2c2cadea25eca.cab.json?cacheHostOrigin=download.windowsupdate.com |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@16/10@2/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.251.32.110, 142.251.163.84, 142.250.81.227, 34.104.35.123, 23.206.121.20, 192.229.211.108, 20.12.23.50, 146.19.181.19, 20.166.126.56, 20.242.39.171, 72.21.81.240, 142.251.40.131, 23.206.121.47, 23.206.121.21, 23.206.121.39, 23.206.121.22, 23.206.121.60, 23.206.121.18, 23.206.121.50, 23.206.121.52
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://151.139.124.68/phf/d/dod/ph/prod5/msdownload/update/software/secu/2024/02/1024/windows10.0-kb5034763-x64_a381c0ece7882aefb9aeb871b3a2c2cadea25eca.cab.json?cacheHostOrigin=download.windowsupdate.com
⊘No simulations
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.97348411926665 |
Encrypted: | false |
SSDEEP: | 48:8wdqN9TKNFYvcHHidAKZdA19ehwiZUklqeh1y+3:8PLW8vcmy |
MD5: | 3D56B296F62EE070C55F2C654675D62E |
SHA1: | 698D4D2B23331E5B64FEA404405E717F454F479E |
SHA-256: | BAF33998B3E03E1A561FC0B44E72F7483A17894AC11D7DDC22A3AFB8FAE5EA16 |
SHA-512: | 39885A3B1EBC849B7B310D31F0B1BA2AA0FFE00056DD78E4C5B45A90CB012ADAD5D7939445C2E81CAE55DA3ECAD1342C683F0652B4C4345E225D3474B9B9772E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9893442098551715 |
Encrypted: | false |
SSDEEP: | 48:8kdqN9TKNFYvcHHidAKZdA1weh/iZUkAQkqehWy+2:8LLW8vu9QLy |
MD5: | 237491FDBD23A5E0FE0DF8713BE6FF15 |
SHA1: | B877BC2B0B687B5FE07F32F9FF02C02F9E299625 |
SHA-256: | 2CD1DE948413D188D1E972DDD6B414CEB45B374B2D8CB8A241BB26AA65A7A17A |
SHA-512: | A06036D61304D9A7EEA8531099F3DD470FC487369F4A27738F7AFD16F1D80756E6E12699C913A30E6123F827DB88D37D4B4F25FD97647F4123FDEEA27EFD5688 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.002702075383468 |
Encrypted: | false |
SSDEEP: | 48:8xhdqN9TKNFYsHHidAKZdA14tseh7sFiZUkmgqeh7sEy+BX:8xmLW8Gnqy |
MD5: | 30288C2E602FF139D290BCC486AEFD4A |
SHA1: | 323BC99760EF13B5629D2F32D5A039B6BE810DFA |
SHA-256: | 6CA65B1CCAF51D0CACD7106553649698CC65A919FAAB5C81E68B0178CA0119F0 |
SHA-512: | 0D18AEE81C819CF1E264095CDC43995CF9E1E898CCCA807EDA576261953452105CC73CDCEF8D7C85C071141C96662FA84F3CC01FAEBA1B01E8CAC8B6BE96B37D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.988319525927018 |
Encrypted: | false |
SSDEEP: | 48:87dqN9TKNFYvcHHidAKZdA1vehDiZUkwqehCy+R:84LW8v18y |
MD5: | 13D022B32E1AE7FFD0695834678AECFA |
SHA1: | F623DA8EEB038521F6F5F8744F69D336D2B8E42B |
SHA-256: | 261CDC53F999C071470B8BBF2794DB2906E1F9C41829F6FF016079168AC5E414 |
SHA-512: | F85EDF071DC71CD4A0D24563F3063752B93D03EC0C7B9F4C61BFAF2B87FBD7825A312A0CCF346F1FBAAD0C087429DF47FF345BC5379656F92D60CD2B76ADEE35 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9812187750001975 |
Encrypted: | false |
SSDEEP: | 48:8vdqN9TKNFYvcHHidAKZdA1hehBiZUk1W1qehIy+C:8ULW8vl9oy |
MD5: | 5C2C9E501ED22C0B7CCC8B82784B03AA |
SHA1: | BE049302E1075C55F2A1C361FDAC5CF8460C6A01 |
SHA-256: | 248191339E485B92AEC428039D7D61795131278DD42E9F8F88704E9B7254D2CB |
SHA-512: | 0713819525F20D7DC511A64071E8EC937FF2285BD43649FB414FCD970D88BFB35B08733CF890B9403076893AB0082FC55F66AD61A697849E6FA3591AF2E493E0 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9898535641331874 |
Encrypted: | false |
SSDEEP: | 48:8xdqN9TKNFYvcHHidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbqy+yT+:82LW8v5T/TbxWOvTbqy7T |
MD5: | D587D9A4EE4DA8C69403E409FEDEE509 |
SHA1: | 3D74FAFF82025711A5B85665C1819D7EED5A6057 |
SHA-256: | F267C758EC20F923A5AB60403822B397A901C84C8C737B92BE1D3292A31CCE4B |
SHA-512: | 0BABD3F830DF2935756F57173C7C2DD2D4908C1732CF71E33BB019858E5155C15E41B4F8C64521FFE3D216F8404B0344363EB556EA40340DDA6CB880BC5E8B9F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 548 |
Entropy (8bit): | 4.688532577858027 |
Encrypted: | false |
SSDEEP: | 12:TjeRHVIdtklI5r8INGlTF5TF5TF5TF5TF5TFK:neRH68DTPTPTPTPTPTc |
MD5: | 370E16C3B7DBA286CFF055F93B9A94D8 |
SHA1: | 65F3537C3C798F7DA146C55AEF536F7B5D0CB943 |
SHA-256: | D465172175D35D493FB1633E237700022BD849FA123164790B168B8318ACB090 |
SHA-512: | 75CD6A0AC7D6081D35140ABBEA018D1A2608DD936E2E21F61BF69E063F6FA16DD31C62392F5703D7A7C828EE3D4ECC838E73BFF029A98CED8986ACB5C8364966 |
Malicious: | false |
Reputation: | low |
URL: | http://151.139.124.68/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 36553 |
Entropy (8bit): | 6.037299400392842 |
Encrypted: | false |
SSDEEP: | 768:W9CgqxrL9Qn5bBYFkym5pJxvOMbx5veDcnRAtkj3tu8DuL/:WMtdZ+1CkywD15vnRAA3M8iL/ |
MD5: | 0C2729EC363D7AE05E57A1403DAA66B6 |
SHA1: | 2669BF0C2BFEF0EC6188927F000B8A23101BFC66 |
SHA-256: | 3EE831108CBAE16D421BBA47075C888A9B6F57809045F144C552DC4C9FE85B44 |
SHA-512: | 1B8E3F0031F8CE15474B91F8BCF447E5222BFCE84EE14BF7C0627578AB606CE2F6C572490F3BCA2A351CF8DB9CC4611AA1D69E9F086B71F5312C018DD3241A2C |
Malicious: | false |
Reputation: | low |
URL: | http://151.139.124.68/phf/d/dod/ph/prod5/msdownload/update/software/secu/2024/02/1024/windows10.0-kb5034763-x64_a381c0ece7882aefb9aeb871b3a2c2cadea25eca.cab.json?cacheHostOrigin=download.windowsupdate.com |
Preview: |
⊘No static file info
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 18, 2024 17:26:17.586132050 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:17.586138010 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:17.695600986 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:24.931813002 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:24.931988955 CET | 49711 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.090924025 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.090964079 CET | 80 | 49711 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.091175079 CET | 49711 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.091195107 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.091310978 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.250317097 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252432108 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252480984 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252502918 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252518892 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252562046 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252562046 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.252562046 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.252609968 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252624035 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252664089 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.252674103 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252700090 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252739906 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.252746105 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.252790928 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.599184990 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.746499062 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.905736923 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.905796051 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.905898094 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.905942917 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.906100035 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906147957 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.906177998 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906284094 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906328917 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.906368017 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906563044 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906609058 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.906615973 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906677008 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906733036 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906735897 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.906781912 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906822920 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906835079 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.906925917 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.906972885 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.907006025 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.907020092 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.907062054 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.907203913 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.907270908 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:25.907315969 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:25.967329025 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:26.117465973 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.117573977 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.117655039 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.118030071 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.118063927 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.125727892 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:26.125828981 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:26.247203112 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:26.406002045 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.406291008 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.406354904 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.409970045 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.410147905 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.411092043 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.411212921 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.558212996 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:26.558244944 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:26.745631933 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:27.199362993 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:27.199368954 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:27.308592081 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:28.690455914 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:28.690566063 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:28.930671930 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:28.930696011 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:28.930777073 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:28.933605909 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:28.933614969 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.120539904 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.120605946 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.123049974 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.123055935 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.123291969 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.168375969 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.190584898 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.232225895 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.291805983 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.291862965 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.291918993 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.292228937 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.292237997 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.292249918 CET | 49715 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.292254925 CET | 443 | 49715 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.369318008 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.369362116 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.369419098 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.371011972 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.371028900 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.555425882 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.555499077 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.558365107 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.558373928 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.559824944 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.564033985 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.608238935 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.733031988 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.733123064 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:29.733382940 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.735007048 CET | 49717 | 443 | 192.168.2.5 | 23.51.58.94 |
Mar 18, 2024 17:26:29.735021114 CET | 443 | 49717 | 23.51.58.94 | 192.168.2.5 |
Mar 18, 2024 17:26:36.127587080 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:36.127713919 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:36.384402990 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:36.384577036 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:36.384660959 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:40.408967972 CET | 49710 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:26:40.409003973 CET | 49713 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:26:40.409054041 CET | 443 | 49713 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:26:40.577836990 CET | 80 | 49710 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:26:41.438580990 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.438667059 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.439259052 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.439297915 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.439359903 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.439821005 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.439835072 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.591238976 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.591262102 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.756041050 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.756113052 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.952783108 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.952806950 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.953288078 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.953413963 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.981348038 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.981384993 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:41.981719971 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:41.981726885 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:42.338069916 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:42.338138103 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Mar 18, 2024 17:26:42.338211060 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:26:46.224004984 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 18, 2024 17:27:10.105540037 CET | 49711 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:27:10.265461922 CET | 80 | 49711 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:27:25.253243923 CET | 80 | 49711 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:27:25.253304958 CET | 49711 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:27:26.013766050 CET | 49711 | 80 | 192.168.2.5 | 151.139.124.68 |
Mar 18, 2024 17:27:26.093076944 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:26.093120098 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:26.093235970 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:26.093693018 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:26.093703032 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:26.172389030 CET | 80 | 49711 | 151.139.124.68 | 192.168.2.5 |
Mar 18, 2024 17:27:26.766405106 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:26.766979933 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:26.766998053 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:26.767539978 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:26.768145084 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:26.768517971 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:26.808751106 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:36.667742968 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:36.667841911 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Mar 18, 2024 17:27:36.667951107 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:38.384177923 CET | 49725 | 443 | 192.168.2.5 | 142.251.40.196 |
Mar 18, 2024 17:27:38.384258032 CET | 443 | 49725 | 142.251.40.196 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 18, 2024 17:26:23.455538034 CET | 53 | 51066 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:26:23.472462893 CET | 53 | 51964 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:26:24.290479898 CET | 53 | 58747 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:26:26.028347969 CET | 52771 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 18, 2024 17:26:26.028417110 CET | 58129 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 18, 2024 17:26:26.116496086 CET | 53 | 58129 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:26:26.116573095 CET | 53 | 52771 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:26:42.319750071 CET | 53 | 49733 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:26:43.455631018 CET | 53 | 64542 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:27:03.293318033 CET | 53 | 56871 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:27:23.408109903 CET | 53 | 61302 | 1.1.1.1 | 192.168.2.5 |
Mar 18, 2024 17:27:27.024044991 CET | 53 | 63029 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Mar 18, 2024 17:26:43.455707073 CET | 192.168.2.5 | 1.1.1.1 | c222 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 18, 2024 17:26:26.028347969 CET | 192.168.2.5 | 1.1.1.1 | 0xcd22 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 18, 2024 17:26:26.028417110 CET | 192.168.2.5 | 1.1.1.1 | 0xaf72 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 18, 2024 17:26:26.116496086 CET | 1.1.1.1 | 192.168.2.5 | 0xaf72 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 18, 2024 17:26:26.116573095 CET | 1.1.1.1 | 192.168.2.5 | 0xcd22 | No error (0) | 142.251.40.196 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:40.945271969 CET | 1.1.1.1 | 192.168.2.5 | 0x31cb | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:40.945271969 CET | 1.1.1.1 | 192.168.2.5 | 0x31cb | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:41.967056990 CET | 1.1.1.1 | 192.168.2.5 | 0xd351 | No error (0) | 146.19.181.19 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:41.967056990 CET | 1.1.1.1 | 192.168.2.5 | 0xd351 | No error (0) | 146.19.181.20 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:41.967056990 CET | 1.1.1.1 | 192.168.2.5 | 0xd351 | No error (0) | 146.19.181.38 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:41.967056990 CET | 1.1.1.1 | 192.168.2.5 | 0xd351 | No error (0) | 146.19.181.21 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:41.967056990 CET | 1.1.1.1 | 192.168.2.5 | 0xd351 | No error (0) | 146.19.181.22 | A (IP address) | IN (0x0001) | false | ||
Mar 18, 2024 17:26:57.806313992 CET | 1.1.1.1 | 192.168.2.5 | 0xc9c5 | No error (0) | 69.164.46.0 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49710 | 151.139.124.68 | 80 | 2136 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Mar 18, 2024 17:26:25.091310978 CET | 611 | OUT | |
Mar 18, 2024 17:26:25.252432108 CET | 1286 | IN |