Windows
Analysis Report
https://steamcomunmnity.com/app/1648413/STALKER_2_Heert_of_Chornobyl
Overview
General Information
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 4180 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 3384 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2368 --fi eld-trial- handle=228 4,i,177858 7678223816 6378,16159 6483699731 55101,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 6396 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://steam comunmnity .com/app/1 648413/STA LKER_2_Hee rt_of_Chor nobyl" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: |
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
21% | Virustotal | Browse | ||
100% | Avira URL Cloud | phishing |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
a.nel.cloudflare.com | 35.190.80.1 | true | false | unknown | |
www.google.com | 172.217.18.4 | true | false | unknown | |
steamcomunmnity.com | 188.114.96.3 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
188.114.96.3 | steamcomunmnity.com | European Union | 13335 | CLOUDFLARENETUS | false | |
172.217.18.4 | www.google.com | United States | 15169 | GOOGLEUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1447585 |
Start date and time: | 2024-05-26 00:56:38 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 11s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://steamcomunmnity.com/app/1648413/STALKER_2_Heert_of_Chornobyl |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal64.win@21/4@8/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.99, 216.58.212.142, 108.177.15.84, 34.104.35.123, 40.127.169.103, 93.184.221.240, 192.229.221.95, 13.95.31.18, 52.165.165.26, 216.58.206.67
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Input | Output |
---|---|
URL: https://steamcomunmnity.com/app/1648413/STALKER_2_Heert_of_Chornobyl Model: Perplexity: mixtral-8x7b-instruct | { "loginform": false, "reasons": ["The text '404 - Not found The requested file does not exist' does not contain any elements of a typical login form, such as input fields for a username and password, or a submit button."] } |
404 - Not found The requested file does not exist |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 289 |
Entropy (8bit): | 4.950000999886855 |
Encrypted: | false |
SSDEEP: | 6:haxUU7oRUqZX/JU8cMuBUrX8l2/MRJqRvPnNX96AwFbvTj6gmzRG7gRna:haxlomiX/JLFuQX8leMR4vvmRbvTj6g1 |
MD5: | 45AC9DECA88DE47DC082D97A5C25DF62 |
SHA1: | B60E853D65349EC0E6F397F2CED2F1CA19DA16E7 |
SHA-256: | EEE00D8BA305543BE6AF21634BC2959F0C266033016253A074ECA3CBE39E1C87 |
SHA-512: | E1994ABE202F1A5C4E14717329B0D20DAD05D2B75CA2715D13A08258DBA7CDE7EE257419BC4876DC1304B43FC28DE1BF8291353D1FB374B2630116F6F377281F |
Malicious: | false |
Reputation: | low |
URL: | https://steamcomunmnity.com/app/1648413/STALKER_2_Heert_of_Chornobyl |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 289 |
Entropy (8bit): | 4.950000999886855 |
Encrypted: | false |
SSDEEP: | 6:haxUU7oRUqZX/JU8cMuBUrX8l2/MRJqRvPnNX96AwFbvTj6gmzRG7gRna:haxlomiX/JLFuQX8leMR4vvmRbvTj6g1 |
MD5: | 45AC9DECA88DE47DC082D97A5C25DF62 |
SHA1: | B60E853D65349EC0E6F397F2CED2F1CA19DA16E7 |
SHA-256: | EEE00D8BA305543BE6AF21634BC2959F0C266033016253A074ECA3CBE39E1C87 |
SHA-512: | E1994ABE202F1A5C4E14717329B0D20DAD05D2B75CA2715D13A08258DBA7CDE7EE257419BC4876DC1304B43FC28DE1BF8291353D1FB374B2630116F6F377281F |
Malicious: | false |
Reputation: | low |
URL: | https://steamcomunmnity.com/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 26, 2024 00:57:20.796938896 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
May 26, 2024 00:57:21.093743086 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
May 26, 2024 00:57:30.684778929 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:30.684884071 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:30.685138941 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:30.685170889 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:30.685236931 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:30.685249090 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:30.685491085 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:30.685503006 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:30.685630083 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:30.685656071 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:30.703821898 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
May 26, 2024 00:57:31.195781946 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.196048975 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.196063042 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.197145939 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.197223902 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.198184967 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.198237896 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.198342085 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.198348999 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.200023890 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.200351954 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.200423956 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.202014923 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.202092886 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.203233004 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.203345060 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.251651049 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.251669884 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.251754045 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.298626900 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.587080956 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.587287903 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.587337971 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.588215113 CEST | 49736 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.588227034 CEST | 443 | 49736 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:31.639372110 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:31.645015001 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:31.645066977 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:31.645147085 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:31.645334005 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:31.645380020 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:31.686502934 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:32.002268076 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:32.002423048 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:32.002542019 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:32.028687000 CEST | 49735 | 443 | 192.168.2.4 | 188.114.96.3 |
May 26, 2024 00:57:32.028733015 CEST | 443 | 49735 | 188.114.96.3 | 192.168.2.4 |
May 26, 2024 00:57:32.120734930 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.120938063 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.120970011 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.121915102 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.121970892 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.123969078 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.124036074 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.124497890 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.124511957 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.167654037 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.341321945 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.345112085 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.345196009 CEST | 443 | 49739 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.345268011 CEST | 49739 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.345611095 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.345695019 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.345933914 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.346045971 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.346074104 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.904371023 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.907179117 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.907216072 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.908130884 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.908209085 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.908827066 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.908889055 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.909140110 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:32.909152031 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:32.912192106 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:32.912278891 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:32.912358999 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:32.912626028 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:32.912661076 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:32.951301098 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:33.057023048 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:33.057250977 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:33.057307959 CEST | 443 | 49740 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:57:33.057365894 CEST | 49740 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:57:33.608423948 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:33.609040022 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:33.609098911 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:33.610158920 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:33.610229015 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:33.613976955 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:33.614047050 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:33.655157089 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:33.655215979 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:33.701910973 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:33.806689024 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:33.806749105 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:33.806878090 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:33.811218977 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:33.811234951 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:33.900599003 CEST | 65235 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:33.905667067 CEST | 53 | 65235 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:33.905790091 CEST | 65235 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:33.968463898 CEST | 65235 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:33.973543882 CEST | 53 | 65235 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:34.379518032 CEST | 53 | 65235 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:34.380352974 CEST | 65235 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:34.385643005 CEST | 53 | 65235 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:34.385715961 CEST | 65235 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:34.443550110 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.443661928 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.447577000 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.447603941 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.447845936 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.498801947 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.515553951 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.558517933 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.701086998 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.701131105 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.701209068 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.701407909 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.701447010 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.701473951 CEST | 49742 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.701488018 CEST | 443 | 49742 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.738765955 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.738796949 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:34.738871098 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.739185095 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:34.739197969 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.422544956 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.422614098 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:35.431685925 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:35.431699991 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.431888103 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.433357954 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:35.478492975 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.733776093 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.733843088 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:35.733901024 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:35.750194073 CEST | 65237 | 443 | 192.168.2.4 | 2.19.104.72 |
May 26, 2024 00:57:35.750211954 CEST | 443 | 65237 | 2.19.104.72 | 192.168.2.4 |
May 26, 2024 00:57:43.484910965 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:43.484970093 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:57:43.485014915 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:43.542884111 CEST | 49741 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:57:43.542912006 CEST | 443 | 49741 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:31.611129999 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:31.611166000 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:31.611475945 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:31.611567974 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:31.611578941 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.095936060 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.096218109 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.096230984 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.097212076 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.097273111 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.097634077 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.097692966 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.097801924 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.097809076 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.139440060 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.252233028 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.252640963 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.252692938 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.252851963 CEST | 443 | 65246 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.252909899 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.253135920 CEST | 65246 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.253603935 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.253643036 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.253979921 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.253979921 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.254019022 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.813330889 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.837018013 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.837055922 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.838169098 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.838224888 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.839502096 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.839577913 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.840019941 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.840039968 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.889431000 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.953371048 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:32.953418970 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:32.953476906 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:32.954426050 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:32.954464912 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:32.990109921 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.990726948 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:32.990784883 CEST | 443 | 65247 | 35.190.80.1 | 192.168.2.4 |
May 26, 2024 00:58:32.990849972 CEST | 65247 | 443 | 192.168.2.4 | 35.190.80.1 |
May 26, 2024 00:58:33.654259920 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:33.654645920 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:33.654679060 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:33.655006886 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:33.655551910 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:33.655646086 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:33.701937914 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:39.734078884 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
May 26, 2024 00:58:39.734395027 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
May 26, 2024 00:58:39.791708946 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
May 26, 2024 00:58:39.791723967 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
May 26, 2024 00:58:39.791760921 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
May 26, 2024 00:58:39.791805029 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
May 26, 2024 00:58:43.591229916 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:43.591300964 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
May 26, 2024 00:58:43.591352940 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:45.143114090 CEST | 65248 | 443 | 192.168.2.4 | 172.217.18.4 |
May 26, 2024 00:58:45.143140078 CEST | 443 | 65248 | 172.217.18.4 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 26, 2024 00:57:28.762588024 CEST | 53 | 55654 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:28.773286104 CEST | 53 | 65523 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:29.845704079 CEST | 53 | 50878 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:30.619945049 CEST | 52874 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:30.620192051 CEST | 53665 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:30.677325964 CEST | 53 | 52874 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:30.683962107 CEST | 53 | 53665 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:31.591435909 CEST | 55359 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:31.592324018 CEST | 49224 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:31.644532919 CEST | 53 | 55359 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:31.644548893 CEST | 53 | 49224 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:32.895009995 CEST | 50867 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:32.895540953 CEST | 49535 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:57:32.902952909 CEST | 53 | 50867 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:32.910628080 CEST | 53 | 49535 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:33.896878958 CEST | 53 | 52340 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:57:51.333504915 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
May 26, 2024 00:58:28.380755901 CEST | 53 | 54349 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:58:32.938613892 CEST | 53822 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:58:32.938911915 CEST | 55757 | 53 | 192.168.2.4 | 1.1.1.1 |
May 26, 2024 00:58:32.945728064 CEST | 53 | 53822 | 1.1.1.1 | 192.168.2.4 |
May 26, 2024 00:58:32.952727079 CEST | 53 | 55757 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
May 26, 2024 00:58:32.952797890 CEST | 192.168.2.4 | 1.1.1.1 | c1fd | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
May 26, 2024 00:57:30.619945049 CEST | 192.168.2.4 | 1.1.1.1 | 0x12bc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 26, 2024 00:57:30.620192051 CEST | 192.168.2.4 | 1.1.1.1 | 0x6c44 | Standard query (0) | 65 | IN (0x0001) | false | |
May 26, 2024 00:57:31.591435909 CEST | 192.168.2.4 | 1.1.1.1 | 0x9ba3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 26, 2024 00:57:31.592324018 CEST | 192.168.2.4 | 1.1.1.1 | 0xae7 | Standard query (0) | 65 | IN (0x0001) | false | |
May 26, 2024 00:57:32.895009995 CEST | 192.168.2.4 | 1.1.1.1 | 0x5597 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 26, 2024 00:57:32.895540953 CEST | 192.168.2.4 | 1.1.1.1 | 0x58ef | Standard query (0) | 65 | IN (0x0001) | false | |
May 26, 2024 00:58:32.938613892 CEST | 192.168.2.4 | 1.1.1.1 | 0x985d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 26, 2024 00:58:32.938911915 CEST | 192.168.2.4 | 1.1.1.1 | 0xe494 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
May 26, 2024 00:57:30.677325964 CEST | 1.1.1.1 | 192.168.2.4 | 0x12bc | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:57:30.677325964 CEST | 1.1.1.1 | 192.168.2.4 | 0x12bc | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:57:30.683962107 CEST | 1.1.1.1 | 192.168.2.4 | 0x6c44 | No error (0) | 65 | IN (0x0001) | false | |||
May 26, 2024 00:57:31.644532919 CEST | 1.1.1.1 | 192.168.2.4 | 0x9ba3 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:57:32.902952909 CEST | 1.1.1.1 | 192.168.2.4 | 0x5597 | No error (0) | 172.217.18.4 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:57:32.910628080 CEST | 1.1.1.1 | 192.168.2.4 | 0x58ef | No error (0) | 65 | IN (0x0001) | false | |||
May 26, 2024 00:57:45.317303896 CEST | 1.1.1.1 | 192.168.2.4 | 0xf2de | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 26, 2024 00:57:45.317303896 CEST | 1.1.1.1 | 192.168.2.4 | 0xf2de | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:57:58.384512901 CEST | 1.1.1.1 | 192.168.2.4 | 0xcb9b | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 26, 2024 00:57:58.384512901 CEST | 1.1.1.1 | 192.168.2.4 | 0xcb9b | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:58:32.945728064 CEST | 1.1.1.1 | 192.168.2.4 | 0x985d | No error (0) | 172.217.18.4 | A (IP address) | IN (0x0001) | false | ||
May 26, 2024 00:58:32.952727079 CEST | 1.1.1.1 | 192.168.2.4 | 0xe494 | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 188.114.96.3 | 443 | 3384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:57:31 UTC | 702 | OUT | |
2024-05-25 22:57:31 UTC | 566 | IN | |
2024-05-25 22:57:31 UTC | 296 | IN | |
2024-05-25 22:57:31 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 188.114.96.3 | 443 | 3384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:57:31 UTC | 634 | OUT | |
2024-05-25 22:57:31 UTC | 600 | IN | |
2024-05-25 22:57:31 UTC | 296 | IN | |
2024-05-25 22:57:31 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49739 | 35.190.80.1 | 443 | 3384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:57:32 UTC | 540 | OUT | |
2024-05-25 22:57:32 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49740 | 35.190.80.1 | 443 | 3384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:57:32 UTC | 478 | OUT | |
2024-05-25 22:57:32 UTC | 428 | OUT | |
2024-05-25 22:57:33 UTC | 168 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49742 | 2.19.104.72 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:57:34 UTC | 161 | OUT | |
2024-05-25 22:57:34 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 65237 | 2.19.104.72 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:57:35 UTC | 239 | OUT | |
2024-05-25 22:57:35 UTC | 534 | IN | |
2024-05-25 22:57:35 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 65246 | 35.190.80.1 | 443 | 3384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:58:32 UTC | 544 | OUT | |
2024-05-25 22:58:32 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 65247 | 35.190.80.1 | 443 | 3384 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-25 22:58:32 UTC | 482 | OUT | |
2024-05-25 22:58:32 UTC | 471 | OUT | |
2024-05-25 22:58:32 UTC | 168 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:57:23 |
Start date: | 25/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:57:26 |
Start date: | 25/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:57:29 |
Start date: | 25/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |