Windows
Analysis Report
http://zajelil.icu/i
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6016 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 1436 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2056 --fi eld-trial- handle=199 2,i,578518 0112761670 160,160218 4284140648 691,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6468 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://zajeli l.icu/i" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
zajelil.icu | 38.60.210.126 | true | false | unknown | |
www.google.com | 142.250.68.100 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false | unknown | ||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.68.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
38.60.210.126 | zajelil.icu | United States | 174 | COGENT-174US | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1436347 |
Start date and time: | 2024-05-04 14:21:17 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://zajelil.icu/i |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@18/4@8/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.72.142, 142.250.68.35, 142.250.101.84, 34.104.35.123, 199.232.214.172, 192.229.211.108, 172.217.12.131
- Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9 |
Entropy (8bit): | 2.94770277922009 |
Encrypted: | false |
SSDEEP: | 3:Obn:Obn |
MD5: | 9D1EAD73E678FA2F51A70A933B0BF017 |
SHA1: | D205CBD6783332A212C5AE92D73C77178C2D2F28 |
SHA-256: | 0019DFC4B32D63C1392AA264AED2253C1E0C2FB09216F8E2CC269BBFB8BB49B5 |
SHA-512: | 935B3D516E996F6D25948BA8A54C1B7F70F7F0E3F517E36481FDF0196C2C5CFC2841F86E891F3DF9517746B7FB605DB47CDDED1B8FF78D9482DDAA621DB43A34 |
Malicious: | false |
Reputation: | low |
URL: | https://zajelil.icu/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9 |
Entropy (8bit): | 2.94770277922009 |
Encrypted: | false |
SSDEEP: | 3:Obn:Obn |
MD5: | 9D1EAD73E678FA2F51A70A933B0BF017 |
SHA1: | D205CBD6783332A212C5AE92D73C77178C2D2F28 |
SHA-256: | 0019DFC4B32D63C1392AA264AED2253C1E0C2FB09216F8E2CC269BBFB8BB49B5 |
SHA-512: | 935B3D516E996F6D25948BA8A54C1B7F70F7F0E3F517E36481FDF0196C2C5CFC2841F86E891F3DF9517746B7FB605DB47CDDED1B8FF78D9482DDAA621DB43A34 |
Malicious: | false |
Reputation: | low |
URL: | https://zajelil.icu/i |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 4, 2024 14:21:59.671279907 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
May 4, 2024 14:21:59.733747959 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
May 4, 2024 14:22:10.719888926 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:10.720365047 CEST | 49737 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:10.942846060 CEST | 49739 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.073956966 CEST | 80 | 49736 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:11.074043036 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.074350119 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.085557938 CEST | 80 | 49737 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:11.085650921 CEST | 49737 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.304992914 CEST | 80 | 49739 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:11.305057049 CEST | 49739 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.428392887 CEST | 80 | 49736 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:11.428416967 CEST | 80 | 49736 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:11.482151985 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.908817053 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.908854961 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:11.908905983 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.909749985 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:11.909765005 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:12.655720949 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:12.656286955 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:12.656299114 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:12.657879114 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:12.657948971 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:12.659770966 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:12.659852982 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:12.660192013 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:12.660198927 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:12.757436991 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:12.757481098 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:12.757544994 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:12.758274078 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:12.758291960 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:12.798815012 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:13.070205927 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:13.070714951 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:13.070741892 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:13.071727037 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:13.071789980 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:13.072916985 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:13.072978973 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:13.140167952 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:13.140197992 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:13.215234995 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:13.215260029 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:13.215322971 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:13.217184067 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:13.217196941 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:13.243987083 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:13.526055098 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:13.526130915 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:13.736793995 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:13.737063885 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:13.737114906 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:14.840456963 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:14.840500116 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:14.840878010 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:14.917490005 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.019431114 CEST | 49740 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:15.019460917 CEST | 443 | 49740 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.271250010 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:15.271303892 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.271375895 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:15.271866083 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:15.271878004 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.333503962 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.380119085 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.483903885 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.483967066 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.484128952 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.484128952 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.484170914 CEST | 49742 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.484186888 CEST | 443 | 49742 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.524736881 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.524766922 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.524832964 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.525127888 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.525135994 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.830715895 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.830785990 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.843696117 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.843708038 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.844279051 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.849024057 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:15.892123938 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:15.986385107 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.986938000 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:15.986955881 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.988079071 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.992630959 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:15.992819071 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:15.993204117 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:16.036154032 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:16.153381109 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:16.153445005 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:16.153510094 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:16.171390057 CEST | 49744 | 443 | 192.168.2.4 | 23.35.30.83 |
May 4, 2024 14:22:16.171402931 CEST | 443 | 49744 | 23.35.30.83 | 192.168.2.4 |
May 4, 2024 14:22:16.717910051 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:16.718008041 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:16.718156099 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:16.718810081 CEST | 49743 | 443 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:16.718836069 CEST | 443 | 49743 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:21.897455931 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:21.897495031 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:21.897592068 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:21.898762941 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:21.898776054 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:22.458234072 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:22.458297014 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:22.460608006 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:22.460618019 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:22.460819006 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:22.502219915 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:22.981637955 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.028117895 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.082257032 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:23.082305908 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:23.082387924 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:23.343818903 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343838930 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343847036 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343862057 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343894005 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343928099 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.343928099 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.343945980 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343957901 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.343991041 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.343997002 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.344059944 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.344240904 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.672892094 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.672913074 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:23.672944069 CEST | 49746 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:22:23.672951937 CEST | 443 | 49746 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:22:24.411461115 CEST | 49741 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:22:24.411487103 CEST | 443 | 49741 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:22:56.092643976 CEST | 49737 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:56.310708046 CEST | 49739 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:56.437669992 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:22:56.461596012 CEST | 80 | 49737 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:56.672868013 CEST | 80 | 49739 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:22:56.791491985 CEST | 80 | 49736 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:00.241758108 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:00.241801977 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:00.241858006 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:00.242888927 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:00.242902994 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:00.792628050 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:00.792793989 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:00.796215057 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:00.796221972 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:00.796447992 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:00.804316998 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:00.848117113 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:01.331907988 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:01.331928968 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:01.331943035 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:01.333862066 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:01.333883047 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:01.337627888 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:01.382133007 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:01.382133007 CEST | 49752 | 443 | 192.168.2.4 | 20.114.59.183 |
May 4, 2024 14:23:01.382149935 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:01.382160902 CEST | 443 | 49752 | 20.114.59.183 | 192.168.2.4 |
May 4, 2024 14:23:11.452143908 CEST | 80 | 49737 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:11.452210903 CEST | 49737 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:23:11.671557903 CEST | 80 | 49739 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:11.671646118 CEST | 49739 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:23:12.406641006 CEST | 49737 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:23:12.406640053 CEST | 49739 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:23:12.657855988 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:12.657952070 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:12.658078909 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:12.661595106 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:12.661631107 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:12.768872976 CEST | 80 | 49739 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:12.772111893 CEST | 80 | 49737 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:12.968945026 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:12.985869884 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:12.985901117 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:12.986314058 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:12.987236977 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:12.987324953 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:13.030163050 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:16.429476023 CEST | 80 | 49736 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:16.430035114 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:23:18.406977892 CEST | 49736 | 80 | 192.168.2.4 | 38.60.210.126 |
May 4, 2024 14:23:18.624083042 CEST | 49724 | 80 | 192.168.2.4 | 23.206.229.76 |
May 4, 2024 14:23:18.624090910 CEST | 49723 | 80 | 192.168.2.4 | 23.206.229.76 |
May 4, 2024 14:23:18.761008024 CEST | 80 | 49736 | 38.60.210.126 | 192.168.2.4 |
May 4, 2024 14:23:18.774152040 CEST | 80 | 49724 | 23.206.229.76 | 192.168.2.4 |
May 4, 2024 14:23:18.774271011 CEST | 49724 | 80 | 192.168.2.4 | 23.206.229.76 |
May 4, 2024 14:23:18.774468899 CEST | 80 | 49723 | 23.206.229.76 | 192.168.2.4 |
May 4, 2024 14:23:18.774713039 CEST | 49723 | 80 | 192.168.2.4 | 23.206.229.76 |
May 4, 2024 14:23:22.988957882 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:22.989025116 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
May 4, 2024 14:23:22.989078045 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:24.405778885 CEST | 49754 | 443 | 192.168.2.4 | 142.250.68.100 |
May 4, 2024 14:23:24.405810118 CEST | 443 | 49754 | 142.250.68.100 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 4, 2024 14:22:08.319084883 CEST | 53 | 54817 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:08.319509983 CEST | 53 | 51315 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:09.164983034 CEST | 53 | 64574 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:09.249011040 CEST | 62062 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:09.249236107 CEST | 55377 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:09.704771042 CEST | 53 | 62062 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:09.711514950 CEST | 53 | 55377 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:10.654402018 CEST | 54779 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:10.654526949 CEST | 53331 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:11.134219885 CEST | 53 | 54779 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:11.147651911 CEST | 53 | 53331 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:11.524925947 CEST | 59065 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:11.525532007 CEST | 58267 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:11.833578110 CEST | 53 | 59065 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:11.989025116 CEST | 53 | 58267 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:12.604821920 CEST | 57768 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:12.604990959 CEST | 52266 | 53 | 192.168.2.4 | 1.1.1.1 |
May 4, 2024 14:22:12.755206108 CEST | 53 | 52266 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:12.755306959 CEST | 53 | 57768 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:30.192167997 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
May 4, 2024 14:22:30.322765112 CEST | 53 | 51748 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:22:50.423062086 CEST | 53 | 57951 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:23:07.844063997 CEST | 53 | 50134 | 1.1.1.1 | 192.168.2.4 |
May 4, 2024 14:23:14.396647930 CEST | 53 | 58512 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
May 4, 2024 14:22:11.134287119 CEST | 192.168.2.4 | 1.1.1.1 | c1f1 | (Port unreachable) | Destination Unreachable |
May 4, 2024 14:22:11.989085913 CEST | 192.168.2.4 | 1.1.1.1 | c1e1 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
May 4, 2024 14:22:09.249011040 CEST | 192.168.2.4 | 1.1.1.1 | 0x9144 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 4, 2024 14:22:09.249236107 CEST | 192.168.2.4 | 1.1.1.1 | 0x4ce0 | Standard query (0) | 65 | IN (0x0001) | false | |
May 4, 2024 14:22:10.654402018 CEST | 192.168.2.4 | 1.1.1.1 | 0x6ae6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 4, 2024 14:22:10.654526949 CEST | 192.168.2.4 | 1.1.1.1 | 0x8936 | Standard query (0) | 65 | IN (0x0001) | false | |
May 4, 2024 14:22:11.524925947 CEST | 192.168.2.4 | 1.1.1.1 | 0xa004 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 4, 2024 14:22:11.525532007 CEST | 192.168.2.4 | 1.1.1.1 | 0xd374 | Standard query (0) | 65 | IN (0x0001) | false | |
May 4, 2024 14:22:12.604821920 CEST | 192.168.2.4 | 1.1.1.1 | 0x3ae1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 4, 2024 14:22:12.604990959 CEST | 192.168.2.4 | 1.1.1.1 | 0x285a | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
May 4, 2024 14:22:09.704771042 CEST | 1.1.1.1 | 192.168.2.4 | 0x9144 | No error (0) | 38.60.210.126 | A (IP address) | IN (0x0001) | false | ||
May 4, 2024 14:22:09.711514950 CEST | 1.1.1.1 | 192.168.2.4 | 0x4ce0 | Server failure (2) | none | none | 65 | IN (0x0001) | false | |
May 4, 2024 14:22:11.134219885 CEST | 1.1.1.1 | 192.168.2.4 | 0x6ae6 | No error (0) | 38.60.210.126 | A (IP address) | IN (0x0001) | false | ||
May 4, 2024 14:22:11.147651911 CEST | 1.1.1.1 | 192.168.2.4 | 0x8936 | Server failure (2) | none | none | 65 | IN (0x0001) | false | |
May 4, 2024 14:22:11.833578110 CEST | 1.1.1.1 | 192.168.2.4 | 0xa004 | No error (0) | 38.60.210.126 | A (IP address) | IN (0x0001) | false | ||
May 4, 2024 14:22:11.989025116 CEST | 1.1.1.1 | 192.168.2.4 | 0xd374 | Server failure (2) | none | none | 65 | IN (0x0001) | false | |
May 4, 2024 14:22:12.755206108 CEST | 1.1.1.1 | 192.168.2.4 | 0x285a | No error (0) | 65 | IN (0x0001) | false | |||
May 4, 2024 14:22:12.755306959 CEST | 1.1.1.1 | 192.168.2.4 | 0x3ae1 | No error (0) | 142.250.68.100 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 38.60.210.126 | 80 | 1436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
May 4, 2024 14:22:11.074350119 CEST | 427 | OUT | |
May 4, 2024 14:22:11.428416967 CEST | 365 | IN | |
May 4, 2024 14:22:56.437669992 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49737 | 38.60.210.126 | 80 | 1436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
May 4, 2024 14:22:56.092643976 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49739 | 38.60.210.126 | 80 | 1436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
May 4, 2024 14:22:56.310708046 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49740 | 38.60.210.126 | 443 | 1436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-04 12:22:12 UTC | 655 | OUT | |
2024-05-04 12:22:13 UTC | 237 | IN | |
2024-05-04 12:22:13 UTC | 9 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49742 | 23.35.30.83 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-04 12:22:15 UTC | 161 | OUT | |
2024-05-04 12:22:15 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49744 | 23.35.30.83 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-04 12:22:15 UTC | 239 | OUT | |
2024-05-04 12:22:16 UTC | 521 | IN | |
2024-05-04 12:22:16 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49743 | 38.60.210.126 | 443 | 1436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-04 12:22:15 UTC | 579 | OUT | |
2024-05-04 12:22:16 UTC | 237 | IN | |
2024-05-04 12:22:16 UTC | 9 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49746 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-04 12:22:22 UTC | 306 | OUT | |
2024-05-04 12:22:23 UTC | 560 | IN | |
2024-05-04 12:22:23 UTC | 15824 | IN | |
2024-05-04 12:22:23 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49752 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-04 12:23:00 UTC | 306 | OUT | |
2024-05-04 12:23:01 UTC | 560 | IN | |
2024-05-04 12:23:01 UTC | 15824 | IN | |
2024-05-04 12:23:01 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 14:22:02 |
Start date: | 04/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 14:22:07 |
Start date: | 04/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 14:22:08 |
Start date: | 04/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |