Windows
Analysis Report
http://421225.tctm.xyz
Overview
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2656 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3428 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2316 --fi eld-trial- handle=222 4,i,142045 0198365527 3211,14615 6352160245 76091,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6536 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://421225 .tctm.xyz" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
Phishing |
---|
Source: | URL: | ||
Source: | URL: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Networking |
---|
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dgqaz43pfk1px.cloudfront.net | 13.35.116.85 | true | false | high | |
www.google.com | 192.178.50.36 | true | false | high | |
421225.tctm.xyz | unknown | unknown | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.178.50.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
13.35.116.23 | unknown | United States | 16509 | AMAZON-02US | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
13.35.116.85 | dgqaz43pfk1px.cloudfront.net | United States | 16509 | AMAZON-02US | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432171 |
Start date and time: | 2024-04-26 16:15:35 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 14s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://421225.tctm.xyz |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.troj.win@16/5@6/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.189.131, 172.253.123.84, 142.250.217.206, 34.104.35.123, 23.45.182.93, 192.229.211.108, 172.217.2.195
- Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Source | URL |
---|---|
Screenshot | http:// |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 43 |
Entropy (8bit): | 3.0950611313667666 |
Encrypted: | false |
SSDEEP: | 3:CUMllRPQEsJ9pse:Gl3QEsJLse |
MD5: | AD4B0F606E0F8465BC4C4C170B37E1A3 |
SHA1: | 50B30FD5F87C85FE5CBA2635CB83316CA71250D7 |
SHA-256: | CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA |
SHA-512: | EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910 |
Malicious: | false |
Reputation: | low |
URL: | http://421225.tctm.xyz/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 43 |
Entropy (8bit): | 3.0950611313667666 |
Encrypted: | false |
SSDEEP: | 3:CUMllRPQEsJ9pse:Gl3QEsJLse |
MD5: | AD4B0F606E0F8465BC4C4C170B37E1A3 |
SHA1: | 50B30FD5F87C85FE5CBA2635CB83316CA71250D7 |
SHA-256: | CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA |
SHA-512: | EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 43 |
Entropy (8bit): | 3.0950611313667666 |
Encrypted: | false |
SSDEEP: | 3:CUMllRPQEsJ9pse:Gl3QEsJLse |
MD5: | AD4B0F606E0F8465BC4C4C170B37E1A3 |
SHA1: | 50B30FD5F87C85FE5CBA2635CB83316CA71250D7 |
SHA-256: | CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA |
SHA-512: | EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910 |
Malicious: | false |
Reputation: | low |
URL: | http://421225.tctm.xyz/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 16:16:17.768167019 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Apr 26, 2024 16:16:19.111948013 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 16:16:28.799370050 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 16:16:32.999541044 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.015937090 CEST | 49738 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.129199982 CEST | 49739 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.131886005 CEST | 80 | 49736 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:16:33.131987095 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.132185936 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.140779972 CEST | 80 | 49738 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:16:33.140891075 CEST | 49738 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.254075050 CEST | 80 | 49739 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:16:33.254312992 CEST | 49739 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.256901979 CEST | 80 | 49736 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:16:33.284550905 CEST | 80 | 49736 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:16:33.490394115 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.516993046 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.668895960 CEST | 80 | 49736 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:16:33.797769070 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:16:33.826473951 CEST | 49740 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:16:33.955784082 CEST | 49741 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:16:33.961036921 CEST | 80 | 49740 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:16:33.961122990 CEST | 49740 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:16:33.961590052 CEST | 49740 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:16:34.081443071 CEST | 80 | 49741 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:16:34.081587076 CEST | 49741 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:16:34.086877108 CEST | 80 | 49740 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:16:34.114694118 CEST | 80 | 49740 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:16:34.204319000 CEST | 49740 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:16:34.413763046 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:34.413820028 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:34.413934946 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:34.414525032 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:34.414551973 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:34.806911945 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:34.807199001 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:34.807221889 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:34.808073044 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:34.808146000 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:34.948923111 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:34.949019909 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:35.016944885 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:35.016980886 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:35.204437017 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:40.246814013 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.246903896 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.247000933 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.253411055 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.253456116 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.511096954 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.511198044 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.513983965 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.514000893 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.514209986 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.560179949 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.608109951 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.756752968 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.756947041 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.756994009 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.757296085 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.757309914 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.757325888 CEST | 49744 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.757333040 CEST | 443 | 49744 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.976083994 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.976186991 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:40.976293087 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.977200985 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:40.977240086 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.232623100 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.232924938 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:41.257158041 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:41.257181883 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.257432938 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.259701967 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:41.300156116 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.308155060 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:41.308248043 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:41.312267065 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:41.314371109 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:41.314404964 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:41.491874933 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.491952896 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.492139101 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:41.493201971 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:41.493201971 CEST | 49745 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 16:16:41.493223906 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.493238926 CEST | 443 | 49745 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 16:16:41.809914112 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:41.810009956 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:41.812958002 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:41.812988043 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:41.813231945 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:41.902369022 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.398777008 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.444112062 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722640038 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722670078 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722677946 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722701073 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722712994 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722721100 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722727060 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.722750902 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722771883 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722773075 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.722784042 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722793102 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.722800016 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722807884 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722820044 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.722846031 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:42.722853899 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722872019 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:42.722912073 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:43.014674902 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:43.014748096 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:43.014781952 CEST | 49746 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:16:43.014800072 CEST | 443 | 49746 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:16:44.792718887 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:44.792778015 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:16:44.792907000 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:46.770471096 CEST | 49743 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:16:46.770498991 CEST | 443 | 49743 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:03.266204119 CEST | 80 | 49738 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:17:03.266273022 CEST | 49738 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:17:03.379951954 CEST | 80 | 49739 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:17:03.380017996 CEST | 49739 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:17:04.206736088 CEST | 80 | 49741 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:17:04.206899881 CEST | 49741 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:17:04.770277977 CEST | 49741 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:17:04.770473003 CEST | 49738 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:17:04.770492077 CEST | 49739 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:17:04.894545078 CEST | 80 | 49739 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:17:04.895209074 CEST | 80 | 49741 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:17:04.895225048 CEST | 80 | 49738 | 13.35.116.85 | 192.168.2.4 |
Apr 26, 2024 16:17:18.673860073 CEST | 49736 | 80 | 192.168.2.4 | 13.35.116.85 |
Apr 26, 2024 16:17:19.127543926 CEST | 49740 | 80 | 192.168.2.4 | 13.35.116.23 |
Apr 26, 2024 16:17:19.252558947 CEST | 80 | 49740 | 13.35.116.23 | 192.168.2.4 |
Apr 26, 2024 16:17:19.367856026 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:19.367898941 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:19.367997885 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:19.368513107 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:19.368525982 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:19.878251076 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:19.878591061 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:19.885904074 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:19.885922909 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:19.886192083 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:19.901705980 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:19.948110104 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372046947 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372116089 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372159958 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372186899 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.372214079 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372236013 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.372262955 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.372358084 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372411013 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.372422934 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372463942 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.372477055 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372591019 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:20.372663021 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.383905888 CEST | 49752 | 443 | 192.168.2.4 | 13.85.23.86 |
Apr 26, 2024 16:17:20.383919001 CEST | 443 | 49752 | 13.85.23.86 | 192.168.2.4 |
Apr 26, 2024 16:17:34.284806967 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:34.284854889 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:34.285361052 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:34.285361052 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:34.285403013 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:34.674458027 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:34.674761057 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:34.674796104 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:34.675090075 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:34.675534964 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:34.675600052 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:34.720838070 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:36.720851898 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 26, 2024 16:17:36.721079111 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 26, 2024 16:17:36.853763103 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Apr 26, 2024 16:17:36.853787899 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Apr 26, 2024 16:17:36.853858948 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 26, 2024 16:17:36.856977940 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Apr 26, 2024 16:17:36.856992960 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Apr 26, 2024 16:17:36.857026100 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 26, 2024 16:17:44.671439886 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:44.671502113 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 16:17:44.671550989 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:44.903628111 CEST | 49754 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 16:17:44.903670073 CEST | 443 | 49754 | 192.178.50.36 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 16:16:30.504654884 CEST | 53 | 64982 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:30.639204979 CEST | 53 | 61385 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:32.617619991 CEST | 53 | 53792 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:32.847345114 CEST | 55617 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 16:16:32.847553015 CEST | 64027 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 16:16:32.989397049 CEST | 53 | 64027 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:32.998884916 CEST | 53 | 55617 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:33.695012093 CEST | 53902 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 16:16:33.695607901 CEST | 57311 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 16:16:33.824249983 CEST | 53 | 53902 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:33.825447083 CEST | 53 | 57311 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:34.232506037 CEST | 51261 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 16:16:34.233156919 CEST | 58506 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 16:16:34.364207983 CEST | 53 | 51261 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:34.364768028 CEST | 53 | 58506 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:16:48.294646978 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 26, 2024 16:16:53.505584002 CEST | 53 | 52832 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:17:12.495495081 CEST | 53 | 62962 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:17:30.501235008 CEST | 53 | 53306 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 16:17:35.582629919 CEST | 53 | 55781 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 16:16:32.847345114 CEST | 192.168.2.4 | 1.1.1.1 | 0x891b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 16:16:32.847553015 CEST | 192.168.2.4 | 1.1.1.1 | 0x2213 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 16:16:33.695012093 CEST | 192.168.2.4 | 1.1.1.1 | 0x6480 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 16:16:33.695607901 CEST | 192.168.2.4 | 1.1.1.1 | 0x6a0d | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 16:16:34.232506037 CEST | 192.168.2.4 | 1.1.1.1 | 0xbe7f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 16:16:34.233156919 CEST | 192.168.2.4 | 1.1.1.1 | 0x1f11 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 16:16:32.989397049 CEST | 1.1.1.1 | 192.168.2.4 | 0x2213 | No error (0) | dgqaz43pfk1px.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:32.998884916 CEST | 1.1.1.1 | 192.168.2.4 | 0x891b | No error (0) | dgqaz43pfk1px.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:32.998884916 CEST | 1.1.1.1 | 192.168.2.4 | 0x891b | No error (0) | 13.35.116.85 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:32.998884916 CEST | 1.1.1.1 | 192.168.2.4 | 0x891b | No error (0) | 13.35.116.23 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:32.998884916 CEST | 1.1.1.1 | 192.168.2.4 | 0x891b | No error (0) | 13.35.116.16 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:32.998884916 CEST | 1.1.1.1 | 192.168.2.4 | 0x891b | No error (0) | 13.35.116.118 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:33.824249983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6480 | No error (0) | dgqaz43pfk1px.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:33.824249983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6480 | No error (0) | 13.35.116.23 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:33.824249983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6480 | No error (0) | 13.35.116.16 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:33.824249983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6480 | No error (0) | 13.35.116.118 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:33.824249983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6480 | No error (0) | 13.35.116.85 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:33.825447083 CEST | 1.1.1.1 | 192.168.2.4 | 0x6a0d | No error (0) | dgqaz43pfk1px.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:34.364207983 CEST | 1.1.1.1 | 192.168.2.4 | 0xbe7f | No error (0) | 192.178.50.36 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 16:16:34.364768028 CEST | 1.1.1.1 | 192.168.2.4 | 0x1f11 | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 13.35.116.85 | 80 | 3428 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 26, 2024 16:16:33.132185936 CEST | 430 | OUT | |
Apr 26, 2024 16:16:33.284550905 CEST | 453 | IN | |
Apr 26, 2024 16:16:33.516993046 CEST | 374 | OUT | |
Apr 26, 2024 16:16:33.668895960 CEST | 453 | IN | |
Apr 26, 2024 16:17:18.673860073 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49740 | 13.35.116.23 | 80 | 3428 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 26, 2024 16:16:33.961590052 CEST | 279 | OUT | |
Apr 26, 2024 16:16:34.114694118 CEST | 453 | IN | |
Apr 26, 2024 16:17:19.127543926 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49744 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 14:16:40 UTC | 161 | OUT | |
2024-04-26 14:16:40 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49745 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 14:16:41 UTC | 239 | OUT | |
2024-04-26 14:16:41 UTC | 530 | IN | |
2024-04-26 14:16:41 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49746 | 13.85.23.86 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 14:16:42 UTC | 306 | OUT | |
2024-04-26 14:16:42 UTC | 560 | IN | |
2024-04-26 14:16:42 UTC | 15824 | IN | |
2024-04-26 14:16:42 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49752 | 13.85.23.86 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 14:17:19 UTC | 306 | OUT | |
2024-04-26 14:17:20 UTC | 560 | IN | |
2024-04-26 14:17:20 UTC | 15824 | IN | |
2024-04-26 14:17:20 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 16:16:21 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 16:16:28 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 16:16:31 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |