Windows
Analysis Report
https://repo.anaconda.com/archive/Anaconda3-2024.02-1-Windows-x86_64.exe
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 5352 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5804 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2060 --fi eld-trial- handle=201 2,i,173076 0705479498 0662,48814 1675997440 5390,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6520 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://repo. anaconda.c om/archive /Anaconda3 -2024.02-1 -Windows-x 86_64.exe" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | |||
Source: | File created: | Jump to dropped file |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 11 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
www.google.com | 192.178.50.36 | true | false | high | |
repo.anaconda.com | 104.16.32.241 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.178.50.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
104.16.32.241 | repo.anaconda.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.17 |
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432326 |
Start date and time: | 2024-04-26 21:20:50 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 22s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://repo.anaconda.com/archive/Anaconda3-2024.02-1-Windows-x86_64.exe |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@16/4@4/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.251.162.84, 142.250.64.195, 142.250.217.206, 34.104.35.123, 40.127.169.103, 199.232.214.172, 192.229.211.108, 20.242.39.171, 142.250.217.195
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://repo.anaconda.com/archive/Anaconda3-2024.02-1-Windows-x86_64.exe
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 129990 |
Entropy (8bit): | 5.197284441388517 |
Encrypted: | false |
SSDEEP: | 1536:HVAn9tHIaEgtwRWr0DLXlxuOTvTawRTJBgeG/RuJblNJJSDc7oAal8jmndkc0H4P:HStoaEZDLXlxuWbacgexJbH |
MD5: | 8F858E5370F204CF6CC20D55C88AC9EB |
SHA1: | 96B671EE2B46304E2375A6E28B76AAEF00FC25CA |
SHA-256: | B7736DF7CA8A6E7BB6C4B29A92BA777DAB309DAF83D98AFDC4B27E2E8669876A |
SHA-512: | ABF146F1EAABE6B37C7ACF3F80FEB18B271C4DCD1C6859DC3F11992A0F17E9F8D2FC2EF78FC24A786C7ABEF709FA40340AC43A10220EBCDD645EDB6AD7F4C93E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 118367 |
Entropy (8bit): | 5.465913020041909 |
Encrypted: | false |
SSDEEP: | 1536:HVAn9tHIaEgtwRWr0DLXlxuOTvTawRTJBgeG/RuJblNJJSDc7oAal8jmndkc0H4S:HStoaEZDLXlxuWbacgexJbHV |
MD5: | 751A7282D452C81A919AF49E77E92021 |
SHA1: | 3D89C009ED62B89C5EBA6B0E65D9C486816321EF |
SHA-256: | FD7C90AA9777C80335E6764D6D17FBB1535F9183621760DDF1EA6C899AB62E6E |
SHA-512: | 0F68896991E801EE1887F90B8CF3D9197434C8F47529188171CD88492207D9D2F65CFC3C95CB80D3B999F3F454AB1C4A844A8632C06265014F807B0990749AB1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 129990 |
Entropy (8bit): | 5.197284441388517 |
Encrypted: | false |
SSDEEP: | 1536:HVAn9tHIaEgtwRWr0DLXlxuOTvTawRTJBgeG/RuJblNJJSDc7oAal8jmndkc0H4P:HStoaEZDLXlxuWbacgexJbH |
MD5: | 8F858E5370F204CF6CC20D55C88AC9EB |
SHA1: | 96B671EE2B46304E2375A6E28B76AAEF00FC25CA |
SHA-256: | B7736DF7CA8A6E7BB6C4B29A92BA777DAB309DAF83D98AFDC4B27E2E8669876A |
SHA-512: | ABF146F1EAABE6B37C7ACF3F80FEB18B271C4DCD1C6859DC3F11992A0F17E9F8D2FC2EF78FC24A786C7ABEF709FA40340AC43A10220EBCDD645EDB6AD7F4C93E |
Malicious: | false |
Reputation: | low |
URL: | https://repo.anaconda.com/archive/Anaconda3-2024.02-1-Windows-x86_64.exe |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 21:21:40.902142048 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 21:21:50.510575056 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 21:21:52.525067091 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.525151968 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.525239944 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.525541067 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.525583982 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.525640965 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.525973082 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.526007891 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.526108980 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.526123047 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.792957067 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.793724060 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.794214964 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.794245958 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.795608997 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.795651913 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.795748949 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.795819044 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.797010899 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.797112942 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.797235012 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.797245979 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.797261953 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.797348022 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.798222065 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.798320055 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.840075970 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.840080976 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:52.840114117 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:52.890872955 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.098855972 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.098997116 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099047899 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.099071026 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099155903 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099195957 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.099203110 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099330902 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099379063 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.099385023 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099473000 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099515915 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.099522114 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099656105 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099697113 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.099701881 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099811077 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099854946 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.099859953 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.099957943 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100002050 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.100008011 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100178957 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100223064 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.100228071 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100827932 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100868940 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.100874901 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100940943 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.100986004 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.100991011 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.102587938 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.102636099 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.102642059 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.102772951 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.102817059 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.102823019 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.102921009 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.102973938 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.102984905 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103053093 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103097916 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.103102922 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103257895 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103306055 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.103311062 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103678942 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103724957 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.103729963 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103815079 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.103868961 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.103873968 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.104336023 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.104382038 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.104387045 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.104510069 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.104556084 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.104562044 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.104645014 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.104690075 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.104695082 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.105573893 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.105637074 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.105643034 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.159760952 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.223798990 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.223822117 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.223882914 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.224431038 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.224486113 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.224633932 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.224689960 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.224984884 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.225032091 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.225601912 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.225657940 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.225842953 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.225893021 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.226838112 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.226902962 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.229404926 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.229460955 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.229710102 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.229758024 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.230186939 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.230247974 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.230317116 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.230396986 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.230463982 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.230519056 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.230911970 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.230962992 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.232186079 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.232243061 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.232356071 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.232408047 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.264286995 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.286990881 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.287050962 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.287107944 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.287158012 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.287221909 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.287266970 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.320476055 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.320607901 CEST | 443 | 49737 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:21:53.320667028 CEST | 49737 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:21:53.513535976 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:53.513586998 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:53.513664007 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:53.513895988 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:53.513915062 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:54.478763103 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.478800058 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:54.478945017 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.493645906 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:54.500628948 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:54.500677109 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:54.502324104 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:54.502424002 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:54.502788067 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.502808094 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:54.505369902 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:54.505568027 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:54.556946039 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:54.556982994 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:21:54.603820086 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:21:54.765613079 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:54.765674114 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.772059917 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.772066116 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:54.772475958 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:54.822556973 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.861143112 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:54.904129982 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.008191109 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.008300066 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.008358002 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.008439064 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.008450031 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.008479118 CEST | 49740 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.008485079 CEST | 443 | 49740 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.047357082 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.047458887 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.047558069 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.047986984 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.048022985 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.302062988 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.302146912 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.304773092 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.304795027 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.305027008 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.307049990 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.348145962 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.554614067 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.554666996 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.554744959 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.555469036 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.555469036 CEST | 49741 | 443 | 192.168.2.4 | 23.204.76.112 |
Apr 26, 2024 21:21:55.555526972 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:21:55.555552959 CEST | 443 | 49741 | 23.204.76.112 | 192.168.2.4 |
Apr 26, 2024 21:22:03.941699982 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:03.941852093 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:03.941910982 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:04.598129988 CEST | 49723 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 21:22:04.729495049 CEST | 80 | 49723 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 21:22:04.729540110 CEST | 80 | 49723 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 21:22:04.729664087 CEST | 49723 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 21:22:06.036504030 CEST | 49739 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:06.036556959 CEST | 443 | 49739 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:07.778973103 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:22:07.779076099 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:22:07.779126883 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:22:08.089848042 CEST | 49736 | 443 | 192.168.2.4 | 104.16.32.241 |
Apr 26, 2024 21:22:08.089874029 CEST | 443 | 49736 | 104.16.32.241 | 192.168.2.4 |
Apr 26, 2024 21:22:52.011440039 CEST | 49724 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 21:22:52.142514944 CEST | 80 | 49724 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 21:22:52.142558098 CEST | 80 | 49724 | 199.232.210.172 | 192.168.2.4 |
Apr 26, 2024 21:22:52.142638922 CEST | 49724 | 80 | 192.168.2.4 | 199.232.210.172 |
Apr 26, 2024 21:22:53.697690010 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:53.697721004 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:53.697789907 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:53.698117018 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:53.698129892 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:54.090056896 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:54.113740921 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:54.113761902 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:54.114372015 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:54.115320921 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:22:54.115407944 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:22:54.167119980 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:23:04.075351954 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:23:04.075506926 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Apr 26, 2024 21:23:04.075583935 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:23:05.216111898 CEST | 49749 | 443 | 192.168.2.4 | 192.178.50.36 |
Apr 26, 2024 21:23:05.216135979 CEST | 443 | 49749 | 192.178.50.36 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 21:21:48.932871103 CEST | 53 | 64529 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:21:48.933572054 CEST | 53 | 61411 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:21:49.803212881 CEST | 53 | 51872 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:21:52.249305964 CEST | 55159 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 21:21:52.249439001 CEST | 52760 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 21:21:52.376929998 CEST | 53 | 52760 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:21:52.377168894 CEST | 53 | 55159 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:21:53.379224062 CEST | 61513 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 21:21:53.379671097 CEST | 63065 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 21:21:53.507369995 CEST | 53 | 61513 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:21:53.508094072 CEST | 53 | 63065 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:22:03.587534904 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 26, 2024 21:22:08.215873957 CEST | 53 | 54114 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:22:27.072926998 CEST | 53 | 65212 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:22:48.781197071 CEST | 53 | 52389 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 21:22:49.575225115 CEST | 53 | 60698 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 21:21:52.249305964 CEST | 192.168.2.4 | 1.1.1.1 | 0x2a68 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 21:21:52.249439001 CEST | 192.168.2.4 | 1.1.1.1 | 0x486d | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 21:21:53.379224062 CEST | 192.168.2.4 | 1.1.1.1 | 0x3523 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 21:21:53.379671097 CEST | 192.168.2.4 | 1.1.1.1 | 0xf423 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 21:21:52.376929998 CEST | 1.1.1.1 | 192.168.2.4 | 0x486d | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 21:21:52.377168894 CEST | 1.1.1.1 | 192.168.2.4 | 0x2a68 | No error (0) | 104.16.32.241 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:21:52.377168894 CEST | 1.1.1.1 | 192.168.2.4 | 0x2a68 | No error (0) | 104.16.191.158 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:21:53.507369995 CEST | 1.1.1.1 | 192.168.2.4 | 0x3523 | No error (0) | 192.178.50.36 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:21:53.508094072 CEST | 1.1.1.1 | 192.168.2.4 | 0xf423 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 21:22:04.311372995 CEST | 1.1.1.1 | 192.168.2.4 | 0x7d62 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:04.311372995 CEST | 1.1.1.1 | 192.168.2.4 | 0x7d62 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:05.739522934 CEST | 1.1.1.1 | 192.168.2.4 | 0x2e92 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:05.739522934 CEST | 1.1.1.1 | 192.168.2.4 | 0x2e92 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:17.932836056 CEST | 1.1.1.1 | 192.168.2.4 | 0xa6d5 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:17.932836056 CEST | 1.1.1.1 | 192.168.2.4 | 0xa6d5 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:42.200165033 CEST | 1.1.1.1 | 192.168.2.4 | 0x3a71 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 21:22:42.200165033 CEST | 1.1.1.1 | 192.168.2.4 | 0x3a71 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 21:23:01.982278109 CEST | 1.1.1.1 | 192.168.2.4 | 0x936c | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 21:23:01.982278109 CEST | 1.1.1.1 | 192.168.2.4 | 0x936c | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49737 | 104.16.32.241 | 443 | 5804 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 19:21:52 UTC | 706 | OUT | |
2024-04-26 19:21:53 UTC | 994 | IN | |
2024-04-26 19:21:53 UTC | 375 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN | |
2024-04-26 19:21:53 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49740 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 19:21:54 UTC | 161 | OUT | |
2024-04-26 19:21:55 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49741 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 19:21:55 UTC | 239 | OUT | |
2024-04-26 19:21:55 UTC | 530 | IN | |
2024-04-26 19:21:55 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 21:21:43 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 21:21:47 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7699e0000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 21:21:50 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |