Windows
Analysis Report
https://click.icptrack.com/icp/track.php?msgid=6673451&act=C8E1&r=1099541321&c=43678&pid=18035558
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 4432 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5052 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2056 --fi eld-trial- handle=200 4,i,156316 9852026925 0075,12923 0614113358 55640,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6356 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://click .icptrack. com/icp/tr ack.php?ms gid=667345 1&act=C8E1 &r=1099541 321&c=4367 8&pid=1803 5558" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
click.icptrack.com | 104.18.29.148 | true | false | high | |
www.google.com | 142.250.64.196 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
104.18.29.148 | click.icptrack.com | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.64.196 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432312 |
Start date and time: | 2024-04-26 20:49:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 12s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://click.icptrack.com/icp/track.php?msgid=6673451&act=C8E1&r=1099541321&c=43678&pid=18035558 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@16/5@6/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.217.206, 173.194.210.84, 142.250.64.195, 34.104.35.123, 23.45.182.77, 23.45.182.97, 23.45.182.96, 23.45.182.88, 23.45.182.85, 23.45.182.86, 23.45.182.92, 23.45.182.78, 23.45.182.80, 192.229.211.108, 52.165.164.15, 20.242.39.171, 172.217.165.195
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, update.googleapis.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 43 |
Entropy (8bit): | 3.0780023067505042 |
Encrypted: | false |
SSDEEP: | 3:CnwltxlHlrn:Xn |
MD5: | AD480FD0732D0F6F1A8B06359E3A42BB |
SHA1: | A544538683A2DFE574EEB2E358AC8FCC78289D50 |
SHA-256: | A1ECBAED793A1F564C49C671F2DD0CE36F858534EF6D26B55783A06B884CC506 |
SHA-512: | 8717074DDF1198D27B9918132A550CB4BA343794CC3D304A793F9D78C9FF6C4929927B414141D40B6F6AD296725520F4C63EDEB660ED530267766C2AB74EE4A9 |
Malicious: | false |
Reputation: | low |
URL: | https://click.icptrack.com/icp/track.php?msgid=6673451&act=C8E1&r=1099541321&c=43678&pid=18035558 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1150 |
Entropy (8bit): | 6.119634089953326 |
Encrypted: | false |
SSDEEP: | 12:ceRIhLn8sJbHhHe22xY/8Q72EVBws5W5UJaP6aPQml0K3IAjStF5h4m5hAoQn5DM:unn5htD5WCSZQmlWL5yoY5wxBzJcKt |
MD5: | 299CD02EBA906D3220AA21AA4F9A177C |
SHA1: | C925130AEB082C93537247849FF5BE71E6A9DFFD |
SHA-256: | 8DFA1EB9BD85635661F993D5782CFEF8CDC5ABDECAA74E98E37D05E33FEC0580 |
SHA-512: | 2780FF819659701E941F938ABDCD3177ABC883410BFA846E052796347A6E9C613A031072E39E27825D2203B24852EADE502DFC732F92ED040FBBF515B24FC328 |
Malicious: | false |
Reputation: | low |
URL: | https://click.icptrack.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1150 |
Entropy (8bit): | 6.119634089953326 |
Encrypted: | false |
SSDEEP: | 12:ceRIhLn8sJbHhHe22xY/8Q72EVBws5W5UJaP6aPQml0K3IAjStF5h4m5hAoQn5DM:unn5htD5WCSZQmlWL5yoY5wxBzJcKt |
MD5: | 299CD02EBA906D3220AA21AA4F9A177C |
SHA1: | C925130AEB082C93537247849FF5BE71E6A9DFFD |
SHA-256: | 8DFA1EB9BD85635661F993D5782CFEF8CDC5ABDECAA74E98E37D05E33FEC0580 |
SHA-512: | 2780FF819659701E941F938ABDCD3177ABC883410BFA846E052796347A6E9C613A031072E39E27825D2203B24852EADE502DFC732F92ED040FBBF515B24FC328 |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 20:50:12.171221972 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Apr 26, 2024 20:50:13.718082905 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 20:50:23.317748070 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 20:50:24.594882965 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.594937086 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.595036030 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.595429897 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.595489979 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.595551014 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.595709085 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.595726967 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.595840931 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.595860958 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.860882998 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.861119032 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.861145973 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.862109900 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.862179041 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.863071918 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.863131046 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.863315105 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.863321066 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.864198923 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.864375114 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.864398003 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.866053104 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.866120100 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.871165037 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.871262074 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.908382893 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.923578978 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:24.923594952 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:24.969600916 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.307343960 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.307431936 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.307590008 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.309772968 CEST | 49737 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.309797049 CEST | 443 | 49737 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.396765947 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.440119982 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.661561966 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.661688089 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.661741972 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.675497055 CEST | 49736 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.675518036 CEST | 443 | 49736 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.854094982 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.854121923 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:25.854185104 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.854887962 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:25.854903936 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.113718033 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.122411966 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.122436047 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.123895884 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.123956919 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.136248112 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.136329889 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.136498928 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.136512041 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.186148882 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.416873932 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.416980982 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.417130947 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.417486906 CEST | 49739 | 443 | 192.168.2.4 | 104.18.29.148 |
Apr 26, 2024 20:50:26.417505980 CEST | 443 | 49739 | 104.18.29.148 | 192.168.2.4 |
Apr 26, 2024 20:50:26.709233999 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:26.709274054 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:26.709450006 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:26.709908009 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:26.709925890 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:27.104716063 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:27.170347929 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:28.429058075 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.429158926 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:28.429269075 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.529742956 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.529781103 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:28.555238008 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:28.555267096 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:28.556902885 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:28.556919098 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:28.556967020 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:28.607228041 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:28.607481003 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:28.670397043 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:28.670407057 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:28.779697895 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:28.788706064 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:28.788788080 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.795789957 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.795815945 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:28.796128035 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:28.842240095 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.936060905 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:28.976145029 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.062216997 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.062284946 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.062340021 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.063911915 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.063935041 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.063955069 CEST | 49742 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.063963890 CEST | 443 | 49742 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.112916946 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.112982988 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.113084078 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.113337040 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.113368988 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.371165037 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.371241093 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.372365952 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.372389078 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.372606993 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.373667955 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.416147947 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.622132063 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.622215986 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.622282028 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.623898983 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.623936892 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:29.623986006 CEST | 49743 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 20:50:29.624001026 CEST | 443 | 49743 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 20:50:35.619446039 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:35.619472027 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:35.619623899 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:35.620529890 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:35.620542049 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:36.318969011 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:36.319047928 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:36.325001955 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:36.325012922 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:36.325238943 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:36.373176098 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:36.898142099 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:36.944118023 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.083121061 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:37.083189964 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:50:37.083334923 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:37.353600025 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.353619099 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.353626013 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.353681087 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:37.353692055 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.353749990 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.353758097 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.353763103 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:37.353805065 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:37.354437113 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.354490995 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:37.354495049 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.354509115 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:37.354547024 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:37.660135031 CEST | 49744 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 20:50:37.660161972 CEST | 443 | 49744 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 20:50:38.202233076 CEST | 49741 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:50:38.202265024 CEST | 443 | 49741 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:14.129719973 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:14.129754066 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:14.129897118 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:14.130419016 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:14.130430937 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:14.742388010 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:14.742480040 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:14.746098995 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:14.746108055 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:14.746350050 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:14.754704952 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:14.796160936 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348365068 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348388910 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348404884 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348459959 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.348488092 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348504066 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.348534107 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.348809004 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348843098 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348870039 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.348877907 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348893881 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.348913908 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.348943949 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.354460001 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.354474068 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:15.354511023 CEST | 49750 | 443 | 192.168.2.4 | 20.114.59.183 |
Apr 26, 2024 20:51:15.354516983 CEST | 443 | 49750 | 20.114.59.183 | 192.168.2.4 |
Apr 26, 2024 20:51:26.992744923 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:26.992779016 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:26.992870092 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:26.994429111 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:26.994443893 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:27.795061111 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:27.795774937 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:27.795789957 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:27.796076059 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:27.797053099 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:27.797116041 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:27.841942072 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:31.107676983 CEST | 49723 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 20:51:31.107737064 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 26, 2024 20:51:31.239574909 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Apr 26, 2024 20:51:31.239597082 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Apr 26, 2024 20:51:31.239614010 CEST | 80 | 49723 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 20:51:31.239629984 CEST | 80 | 49723 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 20:51:31.239713907 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 26, 2024 20:51:31.239717007 CEST | 49723 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 20:51:37.617930889 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:37.618020058 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Apr 26, 2024 20:51:37.618060112 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:38.030509949 CEST | 49752 | 443 | 192.168.2.4 | 142.250.64.196 |
Apr 26, 2024 20:51:38.030530930 CEST | 443 | 49752 | 142.250.64.196 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 20:50:21.900386095 CEST | 53 | 56927 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:22.789434910 CEST | 53 | 52865 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:22.917762041 CEST | 53 | 54065 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:24.457201004 CEST | 64645 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 20:50:24.457535982 CEST | 49531 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 20:50:24.583149910 CEST | 53 | 64645 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:24.588418007 CEST | 53 | 49531 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:25.724581003 CEST | 54379 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 20:50:25.725249052 CEST | 57470 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 20:50:25.851481915 CEST | 53 | 57470 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:25.853456020 CEST | 53 | 54379 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:26.581744909 CEST | 58380 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 20:50:26.582601070 CEST | 56371 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 20:50:26.707926035 CEST | 53 | 58380 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:26.707967043 CEST | 53 | 56371 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:42.126976967 CEST | 53 | 55289 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:50:42.692065001 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 26, 2024 20:51:00.930506945 CEST | 53 | 56503 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:51:21.705600977 CEST | 53 | 54810 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 20:51:23.687088013 CEST | 53 | 52979 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 20:50:24.457201004 CEST | 192.168.2.4 | 1.1.1.1 | 0xe1ee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 20:50:24.457535982 CEST | 192.168.2.4 | 1.1.1.1 | 0xfa5c | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 20:50:25.724581003 CEST | 192.168.2.4 | 1.1.1.1 | 0x196d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 20:50:25.725249052 CEST | 192.168.2.4 | 1.1.1.1 | 0x3c8a | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 20:50:26.581744909 CEST | 192.168.2.4 | 1.1.1.1 | 0xed1c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 20:50:26.582601070 CEST | 192.168.2.4 | 1.1.1.1 | 0x812a | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 20:50:24.583149910 CEST | 1.1.1.1 | 192.168.2.4 | 0xe1ee | No error (0) | 104.18.29.148 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:24.583149910 CEST | 1.1.1.1 | 192.168.2.4 | 0xe1ee | No error (0) | 104.18.28.148 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:24.588418007 CEST | 1.1.1.1 | 192.168.2.4 | 0xfa5c | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 20:50:25.851481915 CEST | 1.1.1.1 | 192.168.2.4 | 0x3c8a | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 20:50:25.853456020 CEST | 1.1.1.1 | 192.168.2.4 | 0x196d | No error (0) | 104.18.29.148 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:25.853456020 CEST | 1.1.1.1 | 192.168.2.4 | 0x196d | No error (0) | 104.18.28.148 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:26.707926035 CEST | 1.1.1.1 | 192.168.2.4 | 0xed1c | No error (0) | 142.250.64.196 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:26.707967043 CEST | 1.1.1.1 | 192.168.2.4 | 0x812a | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 20:50:37.050416946 CEST | 1.1.1.1 | 192.168.2.4 | 0x5da4 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:37.050416946 CEST | 1.1.1.1 | 192.168.2.4 | 0x5da4 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:50.015336037 CEST | 1.1.1.1 | 192.168.2.4 | 0x9868 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 20:50:50.015336037 CEST | 1.1.1.1 | 192.168.2.4 | 0x9868 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49737 | 104.18.29.148 | 443 | 5052 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:50:24 UTC | 731 | OUT | |
2024-04-26 18:50:25 UTC | 229 | IN | |
2024-04-26 18:50:25 UTC | 43 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 104.18.29.148 | 443 | 5052 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:50:25 UTC | 662 | OUT | |
2024-04-26 18:50:25 UTC | 390 | IN | |
2024-04-26 18:50:25 UTC | 979 | IN | |
2024-04-26 18:50:25 UTC | 171 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49739 | 104.18.29.148 | 443 | 5052 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:50:26 UTC | 353 | OUT | |
2024-04-26 18:50:26 UTC | 390 | IN | |
2024-04-26 18:50:26 UTC | 979 | IN | |
2024-04-26 18:50:26 UTC | 171 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49742 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:50:28 UTC | 161 | OUT | |
2024-04-26 18:50:29 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49743 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:50:29 UTC | 239 | OUT | |
2024-04-26 18:50:29 UTC | 530 | IN | |
2024-04-26 18:50:29 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49744 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:50:36 UTC | 306 | OUT | |
2024-04-26 18:50:37 UTC | 560 | IN | |
2024-04-26 18:50:37 UTC | 15824 | IN | |
2024-04-26 18:50:37 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49750 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 18:51:14 UTC | 306 | OUT | |
2024-04-26 18:51:15 UTC | 560 | IN | |
2024-04-26 18:51:15 UTC | 15824 | IN | |
2024-04-26 18:51:15 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 20:50:15 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 20:50:20 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 20:50:22 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |