Edit tour
Windows
Analysis Report
https://eu.myconnectwise.net/v4_6_release/api/inlineimages/infinitygrp/8a07a37f-0e34-48e8-8792-5f81fcbde46d
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
No high impact signatures.
Classification
- System is w10x64
- chrome.exe (PID: 5640 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 6736 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2264 --fi eld-trial- handle=221 2,i,173048 1112704734 4951,19772 4291141886 5081,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- chrome.exe (PID: 6356 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://eu.my connectwis e.net/v4_6 _release/a pi/inlinei mages/infi nitygrp/8a 07a37f-0e3 4-48e8-879 2-5f81fcbd e46d" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.210.172 | true | false | unknown | |
s3-r-w.eu-west-1.amazonaws.com | 52.218.116.234 | true | false | high | |
eu.myconnectwise.net | 18.164.174.26 | true | false | high | |
www.google.com | 142.250.141.99 | true | false | high | |
cw-eu-documents.s3.eu-west-1.amazonaws.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
18.164.174.26 | eu.myconnectwise.net | United States | 3 | MIT-GATEWAYSUS | false | |
52.218.116.234 | s3-r-w.eu-west-1.amazonaws.com | United States | 16509 | AMAZON-02US | false | |
142.250.141.99 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431122 |
Start date and time: | 2024-04-24 16:01:20 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 24s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://eu.myconnectwise.net/v4_6_release/api/inlineimages/infinitygrp/8a07a37f-0e34-48e8-8792-5f81fcbde46d |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 16 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@18/4@6/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 74.125.137.94, 142.251.2.102, 142.251.2.101, 142.251.2.100, 142.251.2.113, 142.251.2.138, 142.251.2.139, 142.251.2.84, 34.104.35.123, 40.68.123.157, 23.45.12.163, 23.45.12.153, 13.85.23.206, 23.45.12.170, 142.251.2.94, 23.45.12.161
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, time.windows.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://eu.myconnectwise.net/v4_6_release/api/inlineimages/infinitygrp/8a07a37f-0e34-48e8-8792-5f81fcbde46d
⊘No simulations
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2224 |
Entropy (8bit): | 7.74256788769744 |
Encrypted: | false |
SSDEEP: | 48:esZ6ViAfEE0H9IR5PDiHmgaT1rD83NoIaaGko1FVCyVZW5rrmvYsF4Eb+N:5Z09EE8IfMmgY1rD83yHFVCyLarmvP4F |
MD5: | 60DD8DF5242525EBEE08E9BDDF3B6C68 |
SHA1: | 149085CAA1261C955B65591350BEF327FC5CA0D8 |
SHA-256: | 90DF602A99F22AD2A3E20EDFF4281BC11022E1F25607E6714A6041B7F4978AFB |
SHA-512: | 812F71918998420AA2EAB219D76AC969AF4E5C82090638B3B803A42CF0A97D66E8ABD53BE4BCC5E366B6911104080264C7B022E842E7AAA44AC1E3FA6A65EB5A |
Malicious: | false |
Reputation: | low |
URL: | https://cw-eu-documents.s3.eu-west-1.amazonaws.com/infinitygrp/7df2b4da-ddd3-49bc-9d40-ba86e6ff6d6c.png?X-Amz-Expires=300&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEEUaCWV1LXdlc3QtMSJGMEQCIGhCZ04ZR7dqRuUrg2gcJEnulmoGQDZTwlL%2FyPHVfzqyAiBB3Wl8Z5Rlc4gOZIAmW4L4N3N5gatma5hsPemdQsILsyq6BQiO%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BEAAaDDAwOTA0MzgzMTM3OCIMarrG2VhTy3VjABzxKo4FfTUisDdctRb3p%2Bd8HMbM6IhdntM25HsBTZwWmDvJZJKM3tuY7CkSVR3b3Bz2FtVJeJ7fycf3ecFIU146BrrIjh%2BGsDbeTcxiB9rTepupv7sslvTeYFwwqvl4OA0AHri5PJou3lEAA4N%2BwwHuyTJEzs%2BzAPXEEn1WwzlwW2g2FAtfghaEKC3mw01tGhXSO0cFvu7ApgMOJGBDJAV3KffZc%2B4bK1ZMhgI0LvcIGVDkIivnWHKIUDCp4XMvzUyHR4jo%2BpWI79mconN1xSn5kMw71aDlmD1XEK8JTb0HnGTA9QQCvoF7bUR%2FwRJPzMBmjcV4WqJiJBY9DUp8YLC18hNWqqANHuRVmSD%2BX0MXbj2dW2NDH80yvhPwWFApqWvplDutkONR4oAv939zO%2FuH0uuE1mD9EA6NGbTyggCGKAqBcCTvbrRkXqDf9Ht8Gx87gLw%2BRmvIm97EH5CMwq4vMGBc5%2FiCqZn6k6hjrfFuNSdBHJXs9ZvVeMQwwLUxSkRE8FeB7EnSA9iCUVtjtqh5iujwVXZrKrg%2BmEdtIRMhBNPAR63eLGyL14GQe2WZs9Lt6%2F8BKKJBT0yfYn3IJJjlt12EJqRxEn%2FN20zKB%2BwSs%2FTJekbw5FV0HjD7t4a%2F0bxXVG9x9ggMsKPkkTKBqW1%2F%2Fq0AE6ulPhZETnISCNBifCH3eTtuNyV8h4NqL2QairfHeKTvHLeZbAkm4Dsvn9tETsJfdR4Ze11ps2a9WZIwyZ8YFnMs1Na4V4raPVLIXfIEtcTGQoNJFCkD9YJAutEg%2FkyQq14KZg4iYF44BpncxulaJRfa9FwR%2F0YzEMJ9oW8HbXX%2FGaIZzlD6ecVUPMxjER3KGHu4WVekMoHaxLBJzVEzMLSCpLEGOrIBYgHU34OyNThsb0zrFpSI948XMVqGzl7FP1Xrm0QO9LF6e6ovad9DGyoi8PWC4vUjxei9mV6YMzvyxrc0qgyjeYdVn6ggphdHv6r9Mkbxq2dMyk%2BCjQL15lGsdy5AANVg6Kt7QrDi2JRLpn5DVe7oa6So9rFzBT7pDcZ7NlBDuoo45RM4d5AdoZtV89tn9YtWN%2BBi1qjyl%2FzA14FV%2BSUWpAmNYVa5E874LsuAt5oivKSwWQ%3D%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAQEGYN5JJNLUOHHLU%2F20240424%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20240424T140218Z&X-Amz-SignedHeaders=host&X-Amz-Signature=f433cf11fba2c2737f30faae122ab28581622d995f31674453f0cfa77e57413c |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 243 |
Entropy (8bit): | 5.558587984818707 |
Encrypted: | false |
SSDEEP: | 6:TMVBd/ZbZjZvKtWRVzjiASr5NnUWUPVE08QeqYZ2ian:TMHd9BZKtWRf2UWUPvOqYZta |
MD5: | 9524491D53AB928F14466C1EC707B6B0 |
SHA1: | 4E94B1528177221C5DE2C9E80DB6372B6A8258DF |
SHA-256: | 43922E725FE17A251EECE2FDF11BE25559E44215BDC24BC4B43AC1B0BB4CCF7F |
SHA-512: | 46A51A86D815928C2D727CF853A013CC53C11848809A439D9B98CEC899CC3BC3D169BA74188F14836DDC55A2BFE41C29A3CD07C51F4657C191F70AF5EE3E35F9 |
Malicious: | false |
Reputation: | low |
URL: | https://cw-eu-documents.s3.eu-west-1.amazonaws.com/favicon.ico |
Preview: |
⊘No static file info
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 16:02:08.245867014 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:08.558027029 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:08.807987928 CEST | 49674 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:08.823631048 CEST | 49675 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:08.901753902 CEST | 49672 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:09.167404890 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:10.370487928 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:12.776798010 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:16.794281960 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:17.199285984 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:17.605381966 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:17.989360094 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:18.142419100 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.142456055 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.142532110 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.142929077 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.142970085 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.143275023 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.143326044 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.143337011 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.143558025 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.143572092 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.472688913 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.473098040 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.473124981 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.474351883 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.474422932 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.475682020 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.475756884 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.475874901 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.476336002 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.476547003 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.476576090 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.477838039 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.477921009 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.478800058 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.478869915 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.495367050 CEST | 49675 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:18.495460987 CEST | 49674 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:18.511373043 CEST | 49672 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:18.516160011 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.684119940 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.684156895 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:18.684231043 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:18.684298992 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:19.117789984 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:19.117820024 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:19.117889881 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:19.117918015 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:19.117959976 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:19.121068001 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:19.121154070 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:19.121197939 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:19.177979946 CEST | 49706 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:19.178004980 CEST | 443 | 49706 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:19.395354033 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:19.395440102 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:19.395512104 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:19.396601915 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:19.396640062 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:19.495387077 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:19.928853989 CEST | 443 | 49699 | 104.98.116.138 | 192.168.2.7 |
Apr 24, 2024 16:02:19.928956032 CEST | 49699 | 443 | 192.168.2.7 | 104.98.116.138 |
Apr 24, 2024 16:02:20.319782019 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:20.320096016 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:20.320130110 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:20.321258068 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:20.321331024 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:20.321351051 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:20.321403980 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:20.560390949 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:20.560641050 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:20.560969114 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:20.561019897 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:20.700211048 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:20.735121965 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:20.735207081 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:20.735383034 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:20.736072063 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:20.736121893 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:21.097783089 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:21.101728916 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:21.101793051 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:21.102906942 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:21.103014946 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:21.119146109 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:21.119378090 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:21.170013905 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:21.170037031 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:21.210933924 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:21.211009026 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:21.211086988 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:21.211086035 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:21.211137056 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:21.214148998 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:21.305490971 CEST | 49710 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:21.305560112 CEST | 443 | 49710 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:21.431823015 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:21.431875944 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:21.431956053 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:21.438613892 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:21.438632965 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.040694952 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.040728092 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.040868044 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.042793036 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.042809010 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.341706991 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.342478037 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:22.342502117 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.342865944 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.355896950 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:22.356028080 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.360327959 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:22.360375881 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.389036894 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.389126062 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.401925087 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.401952982 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.402901888 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.448307991 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.479530096 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:22.669594049 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.669728994 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.669830084 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:22.702894926 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.748114109 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.763084888 CEST | 49712 | 443 | 192.168.2.7 | 52.218.116.234 |
Apr 24, 2024 16:02:22.763112068 CEST | 443 | 49712 | 52.218.116.234 | 192.168.2.7 |
Apr 24, 2024 16:02:22.872778893 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.872975111 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.873258114 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.885314941 CEST | 49713 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.885353088 CEST | 443 | 49713 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.994117022 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.994208097 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:22.994450092 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.995105982 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:22.995138884 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.337219000 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.337315083 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:23.339405060 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:23.339416027 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.339746952 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.343863964 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:23.384129047 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.673748970 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.674552917 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.674607038 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:23.675071955 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:23.675087929 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:23.675100088 CEST | 49715 | 443 | 192.168.2.7 | 23.202.57.177 |
Apr 24, 2024 16:02:23.675105095 CEST | 443 | 49715 | 23.202.57.177 | 192.168.2.7 |
Apr 24, 2024 16:02:27.215070009 CEST | 49671 | 443 | 192.168.2.7 | 204.79.197.203 |
Apr 24, 2024 16:02:28.433312893 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:31.125099897 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:31.125272036 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:31.125426054 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:32.544831038 CEST | 49711 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:02:32.544902086 CEST | 443 | 49711 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:02:40.339756012 CEST | 49677 | 443 | 192.168.2.7 | 20.50.201.200 |
Apr 24, 2024 16:02:48.465794086 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:48.465959072 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:02:48.466017962 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:48.544270039 CEST | 49707 | 443 | 192.168.2.7 | 18.164.174.26 |
Apr 24, 2024 16:02:48.544298887 CEST | 443 | 49707 | 18.164.174.26 | 192.168.2.7 |
Apr 24, 2024 16:03:20.625296116 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:20.625327110 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:20.625447989 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:20.625701904 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:20.625719070 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:20.988753080 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:20.989111900 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:20.989128113 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:20.989417076 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:20.989958048 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:20.990010977 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:21.030261040 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:30.993710995 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:30.993776083 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Apr 24, 2024 16:03:30.993855953 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:31.131232977 CEST | 49722 | 443 | 192.168.2.7 | 142.250.141.99 |
Apr 24, 2024 16:03:31.131259918 CEST | 443 | 49722 | 142.250.141.99 | 192.168.2.7 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 16:02:16.352252007 CEST | 53 | 49181 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:16.439111948 CEST | 53 | 62397 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:17.762129068 CEST | 53 | 60801 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:17.967082024 CEST | 52065 | 53 | 192.168.2.7 | 1.1.1.1 |
Apr 24, 2024 16:02:17.967545033 CEST | 63321 | 53 | 192.168.2.7 | 1.1.1.1 |
Apr 24, 2024 16:02:18.137465954 CEST | 53 | 63321 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:18.138962030 CEST | 53 | 52065 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:19.185726881 CEST | 65126 | 53 | 192.168.2.7 | 1.1.1.1 |
Apr 24, 2024 16:02:19.186408043 CEST | 55749 | 53 | 192.168.2.7 | 1.1.1.1 |
Apr 24, 2024 16:02:19.354207993 CEST | 53 | 65126 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:19.393563986 CEST | 53 | 55749 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:20.561752081 CEST | 50234 | 53 | 192.168.2.7 | 1.1.1.1 |
Apr 24, 2024 16:02:20.561923981 CEST | 54238 | 53 | 192.168.2.7 | 1.1.1.1 |
Apr 24, 2024 16:02:20.715110064 CEST | 53 | 50234 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:20.715306997 CEST | 53 | 54238 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:23.512018919 CEST | 123 | 123 | 192.168.2.7 | 40.119.6.228 |
Apr 24, 2024 16:02:23.725660086 CEST | 123 | 123 | 40.119.6.228 | 192.168.2.7 |
Apr 24, 2024 16:02:35.858931065 CEST | 53 | 50973 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:02:54.629446030 CEST | 53 | 52985 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:03:16.074258089 CEST | 53 | 49308 | 1.1.1.1 | 192.168.2.7 |
Apr 24, 2024 16:03:17.288712025 CEST | 138 | 138 | 192.168.2.7 | 192.168.2.255 |
Apr 24, 2024 16:03:17.873461962 CEST | 53 | 59182 | 1.1.1.1 | 192.168.2.7 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 24, 2024 16:02:17.967082024 CEST | 192.168.2.7 | 1.1.1.1 | 0x5ef2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 16:02:17.967545033 CEST | 192.168.2.7 | 1.1.1.1 | 0x9503 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 24, 2024 16:02:19.185726881 CEST | 192.168.2.7 | 1.1.1.1 | 0x8450 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 16:02:19.186408043 CEST | 192.168.2.7 | 1.1.1.1 | 0xb69 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 24, 2024 16:02:20.561752081 CEST | 192.168.2.7 | 1.1.1.1 | 0xd2f1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 16:02:20.561923981 CEST | 192.168.2.7 | 1.1.1.1 | 0xafca | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 24, 2024 16:02:18.138962030 CEST | 1.1.1.1 | 192.168.2.7 | 0x5ef2 | No error (0) | 18.164.174.26 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:18.138962030 CEST | 1.1.1.1 | 192.168.2.7 | 0x5ef2 | No error (0) | 18.164.174.58 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:18.138962030 CEST | 1.1.1.1 | 192.168.2.7 | 0x5ef2 | No error (0) | 18.164.174.31 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:18.138962030 CEST | 1.1.1.1 | 192.168.2.7 | 0x5ef2 | No error (0) | 18.164.174.63 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | s3-r-w.eu-west-1.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 52.218.116.234 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 52.92.17.162 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 3.5.65.1 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 52.218.108.48 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 52.218.97.131 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 52.218.44.58 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 3.5.69.112 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.354207993 CEST | 1.1.1.1 | 192.168.2.7 | 0x8450 | No error (0) | 52.218.44.74 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:19.393563986 CEST | 1.1.1.1 | 192.168.2.7 | 0xb69 | No error (0) | s3-r-w.eu-west-1.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715110064 CEST | 1.1.1.1 | 192.168.2.7 | 0xd2f1 | No error (0) | 142.250.141.99 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715110064 CEST | 1.1.1.1 | 192.168.2.7 | 0xd2f1 | No error (0) | 142.250.141.103 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715110064 CEST | 1.1.1.1 | 192.168.2.7 | 0xd2f1 | No error (0) | 142.250.141.106 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715110064 CEST | 1.1.1.1 | 192.168.2.7 | 0xd2f1 | No error (0) | 142.250.141.147 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715110064 CEST | 1.1.1.1 | 192.168.2.7 | 0xd2f1 | No error (0) | 142.250.141.104 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715110064 CEST | 1.1.1.1 | 192.168.2.7 | 0xd2f1 | No error (0) | 142.250.141.105 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:20.715306997 CEST | 1.1.1.1 | 192.168.2.7 | 0xafca | No error (0) | 65 | IN (0x0001) | false | |||
Apr 24, 2024 16:02:44.199153900 CEST | 1.1.1.1 | 192.168.2.7 | 0x7cb7 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 16:02:44.199153900 CEST | 1.1.1.1 | 192.168.2.7 | 0x7cb7 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.7 | 49706 | 18.164.174.26 | 443 | 6736 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-24 14:02:18 UTC | 741 | OUT | |
2024-04-24 14:02:19 UTC | 4551 | IN |