Windows
Analysis Report
https://quickchart.io/qr?text=(https:https://08c9a311.c528794084dd4ab10266a9a7.workers.dev/?qrc=a2V2aW4uamFja3NvbkBzYW5pdGFyaXVtLmNvbS5hdQ==
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 5656 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 1164 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2572 --fi eld-trial- handle=200 0,i,408199 4991064466 867,113338 1091900188 2514,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5520 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://quick chart.io/q r?text=(ht tps:https: //08c9a311 .c52879408 4dd4ab1026 6a9a7.work ers.dev/?q rc=a2V2aW4 uamFja3Nvb kBzYW5pdGF yaXVtLmNvb S5hdQ==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
quickchart.io | 172.67.68.66 | true | false | unknown | |
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
a.nel.cloudflare.com | 35.190.80.1 | true | false | high | |
www.google.com | 108.177.122.106 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
108.177.122.106 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
172.67.68.66 | quickchart.io | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431899 |
Start date and time: | 2024-04-25 23:52:58 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 13s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://quickchart.io/qr?text=(https:https://08c9a311.c528794084dd4ab10266a9a7.workers.dev/?qrc=a2V2aW4uamFja3NvbkBzYW5pdGFyaXVtLmNvbS5hdQ== |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@16/10@6/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 173.194.219.94, 74.125.136.139, 74.125.136.102, 74.125.136.138, 74.125.136.101, 74.125.136.113, 74.125.136.100, 142.251.15.84, 34.104.35.123, 40.68.123.157, 23.45.13.184, 192.229.211.108, 72.21.81.240, 13.85.23.206, 20.3.187.198, 64.233.177.94
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://quickchart.io/qr?text=(https:https://08c9a311.c528794084dd4ab10266a9a7.workers.dev/?qrc=a2V2aW4uamFja3NvbkBzYW5pdGFyaXVtLmNvbS5hdQ==
Source | URL |
---|---|
Screenshot | http://(https:https://08c9a311.c528794084dd4ab10266a9a7.workers.dev/?qrc=a2V2aW4uamFja3NvbkBzYW5pdGFyaXVtLmNvbS5hdQ== |
Screenshot | http://(https:https://08c9a311.c528794084dd4ab10266a9a7.workers.dev/?qrc=a2V2aW4uamFja3NvbkBzYW5pdGFyaXVtLmNvbS5hdQ== |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9936012453982817 |
Encrypted: | false |
SSDEEP: | 48:81daTmW2HqidAKZdA19ehwiZUklqehly+3:8S7Tmy |
MD5: | 9E34D4A0AC4861A3C8144C9F1369E572 |
SHA1: | 229703E0207F6EC18C88ABE2DB3795BBC3E7A7A0 |
SHA-256: | 624B40C59A76B6E232536F987EB65F28D3933DEA192829791F6EA3437B024873 |
SHA-512: | 70A01C4C7894DEE3FBEC84CD0A08EDF05E9CFA585BC8DF257FB31C7E434A0AF21387DECA9CCE46C34E3F23B4724556EE53718D39A81AC664F7F947ECB0F5DA06 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.008519902870375 |
Encrypted: | false |
SSDEEP: | 48:8QdaTmW2HqidAKZdA1weh/iZUkAQkqehWy+2:8Z7h9Q/y |
MD5: | 426DAC19919813E735F202EC60E3B6B7 |
SHA1: | 401F70D1810D84746C61921FFC24FB48E35D0301 |
SHA-256: | 9784A2D93FDE54A02DE12C173445177078F8C325FFBB793A5E02A93BC1BCBFED |
SHA-512: | 77EEB759B8920E912A9987CAA35374A7091FC2FE1D2BD64A8EA9C64D163F059C7892C58ED638004199FB4298B0541E1E58D62609E2A6E87FECBFC8B67C493151 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.014176783973843 |
Encrypted: | false |
SSDEEP: | 48:8xXdaTmWsHqidAKZdA14tseh7sFiZUkmgqeh7sYy+BX:8xI73niy |
MD5: | BBBBDA90E366FE274D247039ECCC0690 |
SHA1: | F0306F64BF09D539350B55BD1E78D0CE9B6662EF |
SHA-256: | F265F50FEB3C7D6BA47179AB9FDF3E3F4B38A64D3D87757AC0D2AF8AAB148B09 |
SHA-512: | 27E4DBB29F39F0BF310A0A688DAF2B19084174746CEE0B3557901F4832A8B126514814D5FA88A8AE11440BF5892DBCF68B9561C081D32765039A65BAA8926363 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 4.008813897298973 |
Encrypted: | false |
SSDEEP: | 48:8qdaTmW2HqidAKZdA1vehDiZUkwqehKy+R:8/7CAy |
MD5: | DE3DC5F07FBF330398037EFEC5C16588 |
SHA1: | CE3BCBC93615A580E5A6159945577CEDEF0E4DAF |
SHA-256: | F0199E0FE84B74819DF6CDB1D17051449E851B6E334576C368063147F1CA6AB8 |
SHA-512: | C6BE0B9C59EFE8954F6813FB84DFECCF958A78BA486630F8C9E7E41ACF328949E4E26EB3717798DAC4FD556726EDBF6761DC96A60E274528FCA638D592E70A5D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.99695664237164 |
Encrypted: | false |
SSDEEP: | 48:88daTmW2HqidAKZdA1hehBiZUk1W1qehky+C:897y9Ey |
MD5: | 28FF5AD08FAA682AF1B74DD8DB25B25A |
SHA1: | 72628E780B7EE4B329B3933FEABD879B853F2538 |
SHA-256: | 29D01FCC96814640B15DA7592CCB88B2422A3A1857DE3FD0CC785520F0667F5E |
SHA-512: | 26A705A60D736692B02F37A80C78DA79E3D768748DFD1F22D6BF234630B0BC598FD00468797BEA3EB541E6403EBDDE0AE8BF47A97E8E84286DB94DBF54CDC9CE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 4.006325134175245 |
Encrypted: | false |
SSDEEP: | 48:8adaTmW2HqidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbiy+yT+:8P7sT/TbxWOvTbiy7T |
MD5: | 33EBF29803B8EF2D52C205150A634B58 |
SHA1: | 6D122A786AAAD1DEDFDF04CE52C496D3BA604E80 |
SHA-256: | F69A78992D568C952D3B077E16F3DD294AE19A53A2DC990E4BE53ACC62967289 |
SHA-512: | 8153B1CA80B0DEDB9CC2D905EF7AFF83B07283FAAC3CD13DB40B9CA889F978EA955420A69E6F7C63BD0262E186D22F8158170DB78F7F52435A519275F17A56B1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 606 |
Entropy (8bit): | 7.65311321988585 |
Encrypted: | false |
SSDEEP: | 12:WbY4Z1OBHUtgYtbJaPZsTWExDdVbcJ+4L526VaDubewmDiPU:i1O6tg4aBcW0HbcM4Nta6qwFU |
MD5: | F505F29AB2A01213CFE1AED2A26FED5E |
SHA1: | 8C70C410861C5B6900A6AA91285FDCE92E8179E2 |
SHA-256: | E9123C880222CAF307EEB9D7F4E37924E42EDB6DAF1668A355AA725E94CD67E2 |
SHA-512: | BEE570E86C5D336FA1B187B9DE1D832768127CEF5869D5028DC7112DF5829642A4175ED9C2F31A7A6C675ECE526B2666E1C0C2DA09B899347443E5BB3B5C6E7B |
Malicious: | false |
Reputation: | low |
URL: | https://quickchart.io/qr?text=(https:https://08c9a311.c528794084dd4ab10266a9a7.workers.dev/?qrc=a2V2aW4uamFja3NvbkBzYW5pdGFyaXVtLmNvbS5hdQ== |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 689 |
Entropy (8bit): | 5.213713163225344 |
Encrypted: | false |
SSDEEP: | 12:qTpXzAy7deR/MmZXk+TMbuSTfJf4x5tRgKQrGUNfDz/vncdcku/QL:0pjACdeR/DUBbHfJfYforG0ff//3o |
MD5: | F31AB7E3803C072CF887F77434B09E53 |
SHA1: | 6EC388D9157329C069A0B1F3BFD29ECDB63FCF82 |
SHA-256: | C24FEA7BBEBDA4668A6D286CD4BA639C72DAFA56DDA3BBE3FD2FE9C0D20C0CD9 |
SHA-512: | 90306A6D79A17610AA9E56D3CB1D33F4399EA3DB18125BBA6CD46B180CF4250F7092819E3FD31254551C58AEB7DBDC8852A26B56F71F53F77D243338AFB9AD90 |
Malicious: | false |
Reputation: | low |
URL: | https://quickchart.io/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 25, 2024 23:53:44.102752924 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:44.104149103 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:44.212162971 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:51.360651016 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.360739946 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.360831976 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.361038923 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.361068010 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.369769096 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.369856119 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.369952917 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.370160103 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.370189905 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.719947100 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.720261097 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.720336914 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.721795082 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.721877098 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.722848892 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.722942114 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.723104954 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.723124981 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.727785110 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.727986097 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.728040934 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.729696989 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.729773998 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.730509043 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.730602026 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.769232988 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.784856081 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:51.784883022 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:51.832736969 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:52.298350096 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:52.298691034 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:52.298767090 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:52.300478935 CEST | 49710 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:52.300520897 CEST | 443 | 49710 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:52.338747978 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:52.380141020 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:52.900155067 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:52.900530100 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:52.900712013 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:52.907589912 CEST | 49711 | 443 | 192.168.2.5 | 172.67.68.66 |
Apr 25, 2024 23:53:52.907627106 CEST | 443 | 49711 | 172.67.68.66 | 192.168.2.5 |
Apr 25, 2024 23:53:53.020955086 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.020986080 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.021049023 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.021548986 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.021564960 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.253515959 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.270679951 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.270699024 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.272254944 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.272336960 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.277879000 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.277960062 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.278225899 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.278232098 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.326189995 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.494498014 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.494580030 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.494640112 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.495413065 CEST | 49714 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.495428085 CEST | 443 | 49714 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.544425964 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.544455051 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.544528008 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.545672894 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.545687914 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.716819048 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:53.716941118 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:53.771585941 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.787798882 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.787815094 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.788549900 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.789658070 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.789726019 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.790292978 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:53.826222897 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:53.832125902 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.951401949 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:53.951442957 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:53.951509953 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:53.951994896 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:53.952033043 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:54.022679090 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:54.022748947 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:54.022797108 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:54.022938967 CEST | 49715 | 443 | 192.168.2.5 | 35.190.80.1 |
Apr 25, 2024 23:53:54.022952080 CEST | 443 | 49715 | 35.190.80.1 | 192.168.2.5 |
Apr 25, 2024 23:53:54.184779882 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:54.185070992 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:54.185108900 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:54.186326981 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:54.186603069 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:54.374002934 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:54.374164104 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:54.419641018 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:54.419677019 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:53:54.468391895 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:53:54.553452969 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.553474903 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.553888083 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.557209015 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.557218075 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.784825087 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.784981966 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.788516998 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.788521051 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.788752079 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.844111919 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.874651909 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.916117907 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.999380112 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.999445915 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:54.999569893 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.999571085 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.999623060 CEST | 49717 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:54.999634981 CEST | 443 | 49717 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.050064087 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.050098896 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.050251961 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.052143097 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.052160978 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.258191109 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:53:55.258299112 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:53:55.276181936 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.276247025 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.278080940 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.278090000 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.278359890 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.280500889 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.328113079 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.499674082 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.499753952 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.499800920 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.500773907 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.500792027 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:53:55.500832081 CEST | 49718 | 443 | 192.168.2.5 | 23.220.189.216 |
Apr 25, 2024 23:53:55.500838041 CEST | 443 | 49718 | 23.220.189.216 | 192.168.2.5 |
Apr 25, 2024 23:54:04.207313061 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:04.207468987 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:04.207541943 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:05.009036064 CEST | 49716 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:05.009083986 CEST | 443 | 49716 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:05.683415890 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:05.683830023 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:05.687500954 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:05.687534094 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:05.687645912 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:05.690313101 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:05.690335989 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:05.842904091 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:05.842922926 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.023508072 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.023587942 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.041805983 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.041821957 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.042855978 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.042920113 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.043380022 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.043535948 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.043612957 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.369395018 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.369482994 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.369646072 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:06.369829893 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 25, 2024 23:54:06.369898081 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 25, 2024 23:54:54.272674084 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:54.272751093 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:54.273036957 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:54.273036957 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:54.273108959 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:54.496851921 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:54.497457027 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:54.497503042 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:54.497826099 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:54.500941992 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:54:54.501029015 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:54:54.545126915 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:55:04.536406040 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:55:04.536467075 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Apr 25, 2024 23:55:04.536550045 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:55:06.151815891 CEST | 49728 | 443 | 192.168.2.5 | 108.177.122.106 |
Apr 25, 2024 23:55:06.151880026 CEST | 443 | 49728 | 108.177.122.106 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 25, 2024 23:53:50.059317112 CEST | 53 | 61341 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:50.065278053 CEST | 53 | 57529 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:50.701829910 CEST | 53 | 55750 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:51.246937990 CEST | 62362 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 25, 2024 23:53:51.247615099 CEST | 63795 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 25, 2024 23:53:51.359580040 CEST | 53 | 63795 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:51.359940052 CEST | 53 | 62362 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:52.902503014 CEST | 58657 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 25, 2024 23:53:52.902806997 CEST | 64821 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 25, 2024 23:53:53.012911081 CEST | 53 | 58657 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.013420105 CEST | 53 | 64821 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.838860989 CEST | 50454 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 25, 2024 23:53:53.839354038 CEST | 64613 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 25, 2024 23:53:53.949115992 CEST | 53 | 50454 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:53:53.949480057 CEST | 53 | 64613 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:54:07.954860926 CEST | 53 | 63264 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:54:26.984580040 CEST | 53 | 57600 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:54:49.253320932 CEST | 53 | 52699 | 1.1.1.1 | 192.168.2.5 |
Apr 25, 2024 23:54:49.359735966 CEST | 53 | 64456 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 25, 2024 23:53:51.246937990 CEST | 192.168.2.5 | 1.1.1.1 | 0xfb0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 23:53:51.247615099 CEST | 192.168.2.5 | 1.1.1.1 | 0xfbdd | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 25, 2024 23:53:52.902503014 CEST | 192.168.2.5 | 1.1.1.1 | 0x42c1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 23:53:52.902806997 CEST | 192.168.2.5 | 1.1.1.1 | 0xa546 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 25, 2024 23:53:53.838860989 CEST | 192.168.2.5 | 1.1.1.1 | 0xd583 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 23:53:53.839354038 CEST | 192.168.2.5 | 1.1.1.1 | 0xdd95 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 25, 2024 23:53:51.359580040 CEST | 1.1.1.1 | 192.168.2.5 | 0xfbdd | No error (0) | 65 | IN (0x0001) | false | |||
Apr 25, 2024 23:53:51.359940052 CEST | 1.1.1.1 | 192.168.2.5 | 0xfb0 | No error (0) | 172.67.68.66 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:51.359940052 CEST | 1.1.1.1 | 192.168.2.5 | 0xfb0 | No error (0) | 104.26.5.221 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:51.359940052 CEST | 1.1.1.1 | 192.168.2.5 | 0xfb0 | No error (0) | 104.26.4.221 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.012911081 CEST | 1.1.1.1 | 192.168.2.5 | 0x42c1 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949115992 CEST | 1.1.1.1 | 192.168.2.5 | 0xd583 | No error (0) | 108.177.122.106 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949115992 CEST | 1.1.1.1 | 192.168.2.5 | 0xd583 | No error (0) | 108.177.122.105 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949115992 CEST | 1.1.1.1 | 192.168.2.5 | 0xd583 | No error (0) | 108.177.122.103 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949115992 CEST | 1.1.1.1 | 192.168.2.5 | 0xd583 | No error (0) | 108.177.122.147 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949115992 CEST | 1.1.1.1 | 192.168.2.5 | 0xd583 | No error (0) | 108.177.122.104 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949115992 CEST | 1.1.1.1 | 192.168.2.5 | 0xd583 | No error (0) | 108.177.122.99 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:53:53.949480057 CEST | 1.1.1.1 | 192.168.2.5 | 0xdd95 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 25, 2024 23:54:05.005938053 CEST | 1.1.1.1 | 192.168.2.5 | 0x2a2 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 23:54:05.005938053 CEST | 1.1.1.1 | 192.168.2.5 | 0x2a2 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:55:02.012312889 CEST | 1.1.1.1 | 192.168.2.5 | 0xa7f1 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 23:55:02.012312889 CEST | 1.1.1.1 | 192.168.2.5 | 0xa7f1 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49710 | 172.67.68.66 | 443 | 1164 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:53:51 UTC | 774 | OUT | |
2024-04-25 21:53:52 UTC | 876 | IN | |
2024-04-25 21:53:52 UTC | 493 | IN | |
2024-04-25 21:53:52 UTC | 113 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49711 | 172.67.68.66 | 443 | 1164 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:53:52 UTC | 700 | OUT | |
2024-04-25 21:53:52 UTC | 716 | IN | |
2024-04-25 21:53:52 UTC | 653 | IN | |
2024-04-25 21:53:52 UTC | 43 | IN | |
2024-04-25 21:53:52 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49714 | 35.190.80.1 | 443 | 1164 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:53:53 UTC | 534 | OUT | |
2024-04-25 21:53:53 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49715 | 35.190.80.1 | 443 | 1164 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:53:53 UTC | 478 | OUT | |
2024-04-25 21:53:53 UTC | 533 | OUT | |
2024-04-25 21:53:54 UTC | 168 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49717 | 23.220.189.216 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:53:54 UTC | 161 | OUT | |
2024-04-25 21:53:54 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49718 | 23.220.189.216 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:53:55 UTC | 239 | OUT | |
2024-04-25 21:53:55 UTC | 521 | IN | |
2024-04-25 21:53:55 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
6 | 192.168.2.5 | 49722 | 23.1.237.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 21:54:06 UTC | 2148 | OUT | |
2024-04-25 21:54:06 UTC | 1 | OUT | |
2024-04-25 21:54:06 UTC | 2483 | OUT | |
2024-04-25 21:54:06 UTC | 479 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 23:53:44 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 23:53:48 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 23:53:50 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |