Windows
Analysis Report
http://link.realinstitutoelcano.org/c/7/eyJhaSI6MzgzNDI3ODAsImUiOiJzaWx2aWEuY2FycmlsaG9AZGdhZS5nb3YucHQiLCJyaSI6ImNvbnRhY3QtZmNjYzQ2MDg5ZTdlZWMxMThkMjE2MDQ1YmQ4ZDgzMDgtOWQ1YzVlMTJhYTg2NDZhNjg1YjMzZTZiZjA1YWIyYmYiLCJycSI6InAxLWIyMzMzMy00ODVhMmI5NWE2Y2I0NWI1YmY5YTNkMzgxN2Q1ZGRjMCIsInBoIjpudWxsLCJtIjpm
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 3608 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" --sta rt-maximiz ed "about: blank MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5436 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2060 --fi eld-trial- handle=194 0,i,792565 2603044806 89,5393325 1566494626 47,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5824 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" "http ://link.re alinstitut oelcano.or g/c/7/eyJh aSI6MzgzND I3ODAsImUi OiJzaWx2aW EuY2Fycmls aG9AZGdhZS 5nb3YucHQi LCJyaSI6Im NvbnRhY3Qt ZmNjYzQ2MD g5ZTdlZWMx MThkMjE2MD Q1YmQ4ZDgz MDgtOWQ1Yz VlMTJhYTg2 NDZhNjg1Yj MzZTZiZjA1 YWIyYmYiLC JycSI6InAx LWIyMzMzMy 00ODVhMmI5 NWE2Y2I0NW I1YmY5YTNk MzgxN2Q1ZG RjMCIsInBo IjpudWxsLC JtIjpmYWxz ZSwidWkiOi IzNiIsInVu IjoiIiwidS I6Ii9odHRw Oi8vbGluay 5yZWFsaW5z dGl0dXRvZW xjYW5vLm9y Zy91dS8zL2 V5SmhhU0k2 TXpnek5EST NPREFzSW1V aU9pSnphV3 gyYVdFdVky RnljbWxzYU c5QVpHZGha UzVuYjNZdW NIUWlMQ0p5 YVNJNkltTn ZiblJoWTNR dFptTmpZel EyTURnNVpU ZGxaV014TV Roa01qRTJN RFExWW1RNF pEZ3pNRGd0 T1dRMVl6Vm xNVEpoWVRn Mk5EWmhOam cxWWpNelpU WmlaakExWV dJeVltWWlM Q0p5Y1NJNk luQXhMV0l5 TXpNek15MD BPRFZoTW1J NU5XRTJZMk kwTldJMVlt WTVZVE5rTX pneE4yUTFa R1JqTUNJc0 luQm9JanB1 ZFd4c0xDSn RJanBtWVd4 elpYMC9hN3 dSVnhPYzFa TGg3emlrY3 ZicWpRP19j bGRlZT1QOU pQRnFHOVJm enNxVjBHdz FveW9kckhQ RHd2QUFuRU g0T0tYV2Nq Z2gyd0NwRm ZRUWk3OW1X cDBFdURRNG c2JnJlY2lw aWVudGlkPW NvbnRhY3Qt ZmNjYzQ2MD g5ZTdlZWMx MThkMjE2MD Q1YmQ4ZDgz MDgtOWQ1Yz VlMTJhYTg2 NDZhNjg1Yj MzZTZiZjA1 YWIyYmYmZX NpZD0zYWQx YzgyMS1jOT hlLWVlMTEt ODE3OS0wMD BkM2E0YzFj ZDIifQ/edK o5clSv2E5A xThgtxZDw MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File created: | Jump to behavior |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact | Resource Development | Reconnaissance |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 11 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Abuse Accessibility Features | Acquire Infrastructure | Gather Victim Identity Information |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 3 Non-Application Layer Protocol | SIM Card Swap | Obtain Device Cloud Backups | Network Denial of Service | Domains | Credentials |
Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 4 Application Layer Protocol | Data Encrypted for Impact | DNS Server | Email Addresses | ||
Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Traffic Duplication | 1 Ingress Tool Transfer | Data Destruction | Virtual Private Server | Employee Names |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
google.com | 142.251.15.102 | true | false | high | |
accounts.google.com | 172.253.115.84 | true | false | high | |
www.google.com | 172.253.122.99 | true | false | high | |
clients.l.google.com | 172.253.115.102 | true | false | high | |
cdproxy.eu.messagegears.net | 40.67.210.167 | true | false | unknown | |
clients2.google.com | unknown | unknown | false | high | |
link.realinstitutoelcano.org | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
40.67.210.167 | cdproxy.eu.messagegears.net | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
172.253.115.102 | clients.l.google.com | United States | 15169 | GOOGLEUS | false | |
172.253.122.99 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.253.115.84 | accounts.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox Version: | 38.0.0 Ammolite |
Analysis ID: | 1350675 |
Start date and time: | 2023-11-30 17:55:42 +01:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 3m 0s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://link.realinstitutoelcano.org/c/7/eyJhaSI6MzgzNDI3ODAsImUiOiJzaWx2aWEuY2FycmlsaG9AZGdhZS5nb3YucHQiLCJyaSI6ImNvbnRhY3QtZmNjYzQ2MDg5ZTdlZWMxMThkMjE2MDQ1YmQ4ZDgzMDgtOWQ1YzVlMTJhYTg2NDZhNjg1YjMzZTZiZjA1YWIyYmYiLCJycSI6InAxLWIyMzMzMy00ODVhMmI5NWE2Y2I0NWI1YmY5YTNkMzgxN2Q1ZGRjMCIsInBoIjpudWxsLCJtIjpmYWxzZSwidWkiOiIzNiIsInVuIjoiIiwidSI6Ii9odHRwOi8vbGluay5yZWFsaW5zdGl0dXRvZWxjYW5vLm9yZy91dS8zL2V5SmhhU0k2TXpnek5ESTNPREFzSW1VaU9pSnphV3gyYVdFdVkyRnljbWxzYUc5QVpHZGhaUzVuYjNZdWNIUWlMQ0p5YVNJNkltTnZiblJoWTNRdFptTmpZelEyTURnNVpUZGxaV014TVRoa01qRTJNRFExWW1RNFpEZ3pNRGd0T1dRMVl6VmxNVEpoWVRnMk5EWmhOamcxWWpNelpUWmlaakExWVdJeVltWWlMQ0p5Y1NJNkluQXhMV0l5TXpNek15MDBPRFZoTW1JNU5XRTJZMkkwTldJMVltWTVZVE5rTXpneE4yUTFaR1JqTUNJc0luQm9JanB1ZFd4c0xDSnRJanBtWVd4elpYMC9hN3dSVnhPYzFaTGg3emlrY3ZicWpRP19jbGRlZT1QOUpQRnFHOVJmenNxVjBHdzFveW9kckhQRHd2QUFuRUg0T0tYV2NqZ2gyd0NwRmZRUWk3OW1XcDBFdURRNGc2JnJlY2lwaWVudGlkPWNvbnRhY3QtZmNjYzQ2MDg5ZTdlZWMxMThkMjE2MDQ1YmQ4ZDgzMDgtOWQ1YzVlMTJhYTg2NDZhNjg1YjMzZTZiZjA1YWIyYmYmZXNpZD0zYWQxYzgyMS1jOThlLWVlMTEtODE3OS0wMDBkM2E0YzFjZDIifQ/edKo5clSv2E5AxThgtxZDw |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@20/6@10/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.251.16.94, 34.104.35.123, 67.26.235.254, 192.229.211.108, 72.21.81.240, 142.251.163.94
- Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: http://link.realinstitutoelcano.org/c/7/eyJhaSI6MzgzNDI3ODAsImUiOiJzaWx2aWEuY2FycmlsaG9AZGdhZS5nb3YucHQiLCJyaSI6ImNvbnRhY3QtZmNjYzQ2MDg5ZTdlZWMxMThkMjE2MDQ1YmQ4ZDgzMDgtOWQ1YzVlMTJhYTg2NDZhNjg1YjMzZTZiZjA1YWIyYmYiLCJycSI6InAxLWIyMzMzMy00ODVhMmI5NWE2Y2I0NWI1YmY5YTNkMzgxN2Q1ZGRjMCIsInBoIjpudWxsLCJtIjpmYWxzZSwidWkiOiIzNiIsInVuIjoiIiwidSI6Ii9odHRwOi8vbGluay5yZWFsaW5zdGl0dXRvZWxjYW5vLm9yZy91dS8zL2V5SmhhU0k2TXpnek5ESTNPREFzSW1VaU9pSnphV3gyYVdFdVkyRnljbWxzYUc5QVpHZGhaUzVuYjNZdWNIUWlMQ0p5YVNJNkltTnZiblJoWTNRdFptTmpZelEyTURnNVpUZGxaV014TVRoa01qRTJNRFExWW1RNFpEZ3pNRGd0T1dRMVl6VmxNVEpoWVRnMk5EWmhOamcxWWpNelpUWmlaakExWVdJeVltWWlMQ0p5Y1NJNkluQXhMV0l5TXpNek15MDBPRFZoTW1JNU5XRTJZMkkwTldJMVltWTVZVE5rTXpneE4yUTFaR1JqTUNJc0luQm9JanB1ZFd4c0xDSnRJanBtWVd4elpYMC9hN3dSVnhPYzFaTGg3emlrY3ZicWpRP19jbGRlZT1QOUpQRnFHOVJmenNxVjBHdzFveW9kckhQRHd2QUFuRUg0T0tYV2NqZ2gyd0NwRmZRUWk3OW1XcDBFdURRNGc2JnJlY2lwaWVudGlkPWNvbnRhY3QtZmNjYzQ2MDg5ZTdlZWMxMThkMjE2MDQ1YmQ4ZDgzMDgtOWQ1YzVlMTJhYTg2NDZhNjg1YjMzZTZiZjA1YWIyYmYmZXNpZD0z
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.982140844940811 |
Encrypted: | false |
SSDEEP: | 48:8+OdsTQexEH0idAKZdA19ehwiZUklqehBy+3:8+d3jKy |
MD5: | 5F748DC9E305C762E6B4121280526E9C |
SHA1: | C682D3186771B48DDAFA6429D38C8A46D9FDA673 |
SHA-256: | 202ABEFA04FA1DB7C1836406C72FAC905C82497A8D204874A245301A816B0561 |
SHA-512: | 591A673A91B7D9FBE690BB4FEFCCD9C9F64F4421B7BAAFD64AA2253B22442FBF1594D4F39E17C09BF56683E7F7403EC11EC6E38D334ECD97E7D3D1768D91DDB5 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9952078278725915 |
Encrypted: | false |
SSDEEP: | 48:8AOdsTQexEH0idAKZdA1weh/iZUkAQkqeh6y+2:8Ad3R9Qzy |
MD5: | CA764D9C347F94C9292383113490E30D |
SHA1: | 234E18007BFB130B0C2F6103F398D7BAFE5EBD1D |
SHA-256: | 96F6AE50F51EBF6968623CF4E3527A4763BBC8CA9562FF76C700BC7AA24579BC |
SHA-512: | 7B780892059CEE40B96983F1D3C5BDA994922CA6A4B1380337B20FBE0FFE5AFBBDE60A86C7E5AB457D037284A7DA7AED6B8DEAB7068B370D7C8917E49FD2AC4C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.0074083815097215 |
Encrypted: | false |
SSDEEP: | 48:8xWOdsTQexsH0idAKZdA14tseh7sFiZUkmgqeh7sEy+BX:8xWd3Jnmy |
MD5: | 2517AA9F7F866441B4575DD800E94106 |
SHA1: | D9E31001504E599EA04AC4463A3F631489577183 |
SHA-256: | 30791D3FC47A709F9C8A9B2EC0E9C4A9A31F9F586139B33851AE86C6CC5670BB |
SHA-512: | 72E528EE59355726A5C64B325A5C0CCF99A6A21EA8BC85748FA3022706C66C46AA42F702CE0CF04839EAE95C9C308B52779D723127B78B99ED0D07C6C7A13170 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9975534470830167 |
Encrypted: | false |
SSDEEP: | 48:8XOdsTQexEH0idAKZdA1vehDiZUkwqehOy+R:8Xd3SMy |
MD5: | D89B3A5D0695FA22D6BCF6A450D112C0 |
SHA1: | B842ED9FB6391050FAD6177AB9990D264CA7C4EE |
SHA-256: | E8F4B8225FE9ACF46B8E1F1E4D1C2B8654A76E330AE90E0A3EE9A5C37C97B6DD |
SHA-512: | 90723752E7A4F863142F275BBE57A3F477836B093A83E75DF44E03096C3CD221A7A9B3308154CFAA1409032B139C1922F2D5B34AA08DE65058593736A3C76875 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9839685030673775 |
Encrypted: | false |
SSDEEP: | 48:8Z/OdsTQexEH0idAKZdA1hehBiZUk1W1qehQy+C:8Z/d3i9wy |
MD5: | 453BC02BE49620CD7104E82923C883DB |
SHA1: | D75A4D707D6B00B5739183DAA4DA859F07619B76 |
SHA-256: | A1B97A6234D061AD4434FA17260BF17AD82EBAF5E2F71D64873BEB9D6EC2F4C5 |
SHA-512: | 9610DA2B5647B1A4015D2D6182DD3260634A80D14CDCB6B90C477DCCEFA095E661673D6EF6A65276D7126E3864B315B8FB8CD7A48328D799FD5497339604A729 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.996097629340465 |
Encrypted: | false |
SSDEEP: | 48:8OOdsTQexEH0idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbmy+yT+:8Od3cT/TbxWOvTbmy7T |
MD5: | 6C8EFC7D81A0123CA958BF0ABCF8D2B5 |
SHA1: | 2F20F7525CC8A1A215D0B81BEBD7B65540B0702D |
SHA-256: | 25B44FBFF2F30B9B5433BB76E1F520ABCDCD60DDF5538CF8CC7529DE229B3480 |
SHA-512: | 593133663A631E5CB08C23395ADA648DD97659A3556B425F30FDC9EF925F0562812231FECA14B8117014E4F8F043A4B7060E1B0BBA9160BEB95CE136E5071AA6 |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 30, 2023 17:56:26.966092110 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:26.966095924 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:27.075473070 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:31.647804976 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.647830963 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.647900105 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.648475885 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.648483992 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.655926943 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.655971050 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.656054020 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.656353951 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.656367064 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.857445955 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.857728958 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.857741117 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.859154940 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.859241009 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.860373020 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.860419989 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.860696077 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:31.860701084 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:31.867959976 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.868211031 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.868232012 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.868743896 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.868803024 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.869769096 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.869852066 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.870868921 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.870939970 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:31.871088982 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:31.871095896 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:32.036407948 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:32.036408901 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:32.081547976 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:32.081717014 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:32.081798077 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:32.082379103 CET | 49707 | 443 | 192.168.2.5 | 172.253.115.102 |
Nov 30, 2023 17:56:32.082392931 CET | 443 | 49707 | 172.253.115.102 | 192.168.2.5 |
Nov 30, 2023 17:56:32.089567900 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:32.089692116 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:32.089708090 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:32.089723110 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:32.089821100 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:32.090492010 CET | 49706 | 443 | 192.168.2.5 | 172.253.115.84 |
Nov 30, 2023 17:56:32.090511084 CET | 443 | 49706 | 172.253.115.84 | 192.168.2.5 |
Nov 30, 2023 17:56:32.975944042 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:32.976731062 CET | 49711 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:33.071139097 CET | 49712 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:33.154829979 CET | 80 | 49710 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:56:33.155072927 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:33.155611038 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:33.160167933 CET | 80 | 49711 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:56:33.160243034 CET | 49711 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:33.250715017 CET | 80 | 49712 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:56:33.250974894 CET | 49712 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:33.334104061 CET | 80 | 49710 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:56:33.411086082 CET | 80 | 49710 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:56:33.460930109 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:56:35.907068968 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:35.907099962 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:35.907227993 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:35.943093061 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:35.943150043 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.156115055 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.207642078 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:36.289769888 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:36.289807081 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.291538954 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.291562080 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.291639090 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:36.300427914 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:36.300647974 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.348618984 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:36.348639965 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:36.395463943 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:36.567264080 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:36.567274094 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:36.673335075 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:36.673372984 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:36.673448086 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:36.675844908 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:36.675857067 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:36.676618099 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:36.894325972 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:36.894601107 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:36.897142887 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:36.897170067 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:36.897619009 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:36.942259073 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:36.960448980 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.001266956 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.085526943 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.085607052 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.085916042 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.097255945 CET | 49716 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.097286940 CET | 443 | 49716 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.158123970 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.158205986 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.158308983 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.158801079 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.158829927 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.374769926 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.374990940 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.377595901 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.377623081 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.378051996 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.380047083 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.421272993 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.570565939 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.570657969 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.570785046 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.572879076 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.572879076 CET | 49717 | 443 | 192.168.2.5 | 104.72.156.109 |
Nov 30, 2023 17:56:37.572897911 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:37.572907925 CET | 443 | 49717 | 104.72.156.109 | 192.168.2.5 |
Nov 30, 2023 17:56:38.071980000 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:38.072128057 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:46.149027109 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:46.149116039 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:46.149183035 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:47.229221106 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:47.229332924 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:47.229445934 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:47.231443882 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:47.231477022 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:47.716712952 CET | 49715 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:56:47.716727972 CET | 443 | 49715 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:56:47.765352011 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:47.765501976 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:47.769567013 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:47.769591093 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:47.769931078 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:47.816606998 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.371104002 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.371186018 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.371500969 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.371536016 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.371613979 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.378165960 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.378181934 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.524384975 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.524435997 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.544055939 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.585297108 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.707895994 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.707990885 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.877448082 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.877465010 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.878468037 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.878541946 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.878953934 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.879004955 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.879488945 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:48.879497051 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:48.883980989 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884042978 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884064913 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884104013 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884147882 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884213924 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884213924 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884213924 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884213924 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884265900 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884299994 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884330034 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884344101 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884370089 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884390116 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:48.884399891 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884521961 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:48.884581089 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:49.151757956 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:49.151757956 CET | 49718 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:56:49.151827097 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:49.151863098 CET | 443 | 49718 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:56:49.258223057 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:49.258280993 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:49.258899927 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:49.258946896 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:56:49.258968115 CET | 443 | 49721 | 23.1.237.91 | 192.168.2.5 |
Nov 30, 2023 17:56:49.259022951 CET | 49721 | 443 | 192.168.2.5 | 23.1.237.91 |
Nov 30, 2023 17:57:18.164714098 CET | 49711 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:18.260776997 CET | 49712 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:18.348294020 CET | 80 | 49711 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:18.420667887 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:18.439892054 CET | 80 | 49712 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:18.599226952 CET | 80 | 49710 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:25.474179029 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:25.474226952 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:25.474383116 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:25.474993944 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:25.475007057 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.019203901 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.019315958 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.024655104 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.024671078 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.024974108 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.047642946 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.093262911 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539401054 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539465904 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539510012 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539585114 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.539650917 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539688110 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539689064 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.539727926 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.539731979 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539751053 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.539753914 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539783955 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.539922953 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.539988995 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.547666073 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.547702074 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:26.547730923 CET | 49725 | 443 | 192.168.2.5 | 40.127.169.103 |
Nov 30, 2023 17:57:26.547744989 CET | 443 | 49725 | 40.127.169.103 | 192.168.2.5 |
Nov 30, 2023 17:57:33.343724966 CET | 80 | 49711 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:33.343961954 CET | 49711 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:33.434370995 CET | 80 | 49712 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:33.434621096 CET | 49712 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:33.754790068 CET | 49711 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:33.754853010 CET | 49712 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:33.933840990 CET | 80 | 49712 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:33.938096046 CET | 80 | 49711 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:35.674597979 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:35.674665928 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:35.674777031 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:35.675622940 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:35.675656080 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:35.883085012 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:35.883479118 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:35.883498907 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:35.883846998 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:35.884314060 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:35.884373903 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:35.926855087 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:45.879434109 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:45.879589081 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:45.879673004 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:47.698426962 CET | 49727 | 443 | 192.168.2.5 | 172.253.122.99 |
Nov 30, 2023 17:57:47.698457956 CET | 443 | 49727 | 172.253.122.99 | 192.168.2.5 |
Nov 30, 2023 17:57:48.411215067 CET | 80 | 49710 | 40.67.210.167 | 192.168.2.5 |
Nov 30, 2023 17:57:48.411292076 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:49.698829889 CET | 49710 | 80 | 192.168.2.5 | 40.67.210.167 |
Nov 30, 2023 17:57:49.877378941 CET | 80 | 49710 | 40.67.210.167 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 30, 2023 17:56:31.515152931 CET | 54016 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:31.515546083 CET | 55515 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:31.516057968 CET | 60897 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:31.516455889 CET | 56481 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:31.616229057 CET | 53 | 62137 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:31.645896912 CET | 53 | 54016 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:31.646356106 CET | 53 | 60897 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:31.646905899 CET | 53 | 56481 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:31.655405998 CET | 53 | 55515 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:32.269344091 CET | 53 | 52695 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:32.541261911 CET | 51018 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:32.541522980 CET | 59788 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:32.919136047 CET | 53 | 51018 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:33.326838017 CET | 53 | 59788 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:33.416855097 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:34.170206070 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:34.920444012 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:35.623936892 CET | 65480 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:35.624141932 CET | 53253 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:35.752628088 CET | 53 | 65480 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:35.753619909 CET | 53 | 53253 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:35.762258053 CET | 64588 | 53 | 192.168.2.5 | 8.8.8.8 |
Nov 30, 2023 17:56:35.763036013 CET | 60840 | 53 | 192.168.2.5 | 1.1.1.1 |
Nov 30, 2023 17:56:35.863034964 CET | 53 | 64588 | 8.8.8.8 | 192.168.2.5 |
Nov 30, 2023 17:56:35.891895056 CET | 53 | 60840 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:56:37.085916996 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:37.847628117 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:38.599069118 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:44.373557091 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:45.130601883 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:45.883662939 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:56:49.903510094 CET | 53 | 55264 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:57:09.332168102 CET | 53 | 58609 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:57:16.937010050 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:57:17.691891909 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:57:18.452824116 CET | 137 | 137 | 192.168.2.5 | 192.168.2.255 |
Nov 30, 2023 17:57:31.092840910 CET | 53 | 65289 | 1.1.1.1 | 192.168.2.5 |
Nov 30, 2023 17:57:32.308075905 CET | 53 | 58025 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Nov 30, 2023 17:56:33.327239990 CET | 192.168.2.5 | 1.1.1.1 | c2bd | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Nov 30, 2023 17:56:31.515152931 CET | 192.168.2.5 | 1.1.1.1 | 0xe2b4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2023 17:56:31.515546083 CET | 192.168.2.5 | 1.1.1.1 | 0xe3ce | Standard query (0) | 65 | IN (0x0001) | false | |
Nov 30, 2023 17:56:31.516057968 CET | 192.168.2.5 | 1.1.1.1 | 0x1e20 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2023 17:56:31.516455889 CET | 192.168.2.5 | 1.1.1.1 | 0x4216 | Standard query (0) | 65 | IN (0x0001) | false | |
Nov 30, 2023 17:56:32.541261911 CET | 192.168.2.5 | 1.1.1.1 | 0xe754 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2023 17:56:32.541522980 CET | 192.168.2.5 | 1.1.1.1 | 0x466e | Standard query (0) | 65 | IN (0x0001) | false | |
Nov 30, 2023 17:56:35.623936892 CET | 192.168.2.5 | 1.1.1.1 | 0xa0ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2023 17:56:35.624141932 CET | 192.168.2.5 | 1.1.1.1 | 0x6115 | Standard query (0) | 65 | IN (0x0001) | false | |
Nov 30, 2023 17:56:35.762258053 CET | 192.168.2.5 | 8.8.8.8 | 0x7fb2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2023 17:56:35.763036013 CET | 192.168.2.5 | 1.1.1.1 | 0x7b74 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | 172.253.115.102 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | 172.253.115.101 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | 172.253.115.100 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | 172.253.115.113 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | 172.253.115.138 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.645896912 CET | 1.1.1.1 | 192.168.2.5 | 0xe2b4 | No error (0) | 172.253.115.139 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.646356106 CET | 1.1.1.1 | 192.168.2.5 | 0x1e20 | No error (0) | 172.253.115.84 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:31.655405998 CET | 1.1.1.1 | 192.168.2.5 | 0xe3ce | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:32.919136047 CET | 1.1.1.1 | 192.168.2.5 | 0xe754 | No error (0) | elinkeu.clickdimensions.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:32.919136047 CET | 1.1.1.1 | 192.168.2.5 | 0xe754 | No error (0) | elinkeu.clickdimensions.com.eu.messagegears.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:32.919136047 CET | 1.1.1.1 | 192.168.2.5 | 0xe754 | No error (0) | cdproxy.eu.messagegears.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:32.919136047 CET | 1.1.1.1 | 192.168.2.5 | 0xe754 | No error (0) | 40.67.210.167 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:33.326838017 CET | 1.1.1.1 | 192.168.2.5 | 0x466e | No error (0) | elinkeu.clickdimensions.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:33.326838017 CET | 1.1.1.1 | 192.168.2.5 | 0x466e | No error (0) | elinkeu.clickdimensions.com.eu.messagegears.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:33.326838017 CET | 1.1.1.1 | 192.168.2.5 | 0x466e | No error (0) | cdproxy.eu.messagegears.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.752628088 CET | 1.1.1.1 | 192.168.2.5 | 0xa0ff | No error (0) | 172.253.122.99 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.752628088 CET | 1.1.1.1 | 192.168.2.5 | 0xa0ff | No error (0) | 172.253.122.104 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.752628088 CET | 1.1.1.1 | 192.168.2.5 | 0xa0ff | No error (0) | 172.253.122.105 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.752628088 CET | 1.1.1.1 | 192.168.2.5 | 0xa0ff | No error (0) | 172.253.122.147 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.752628088 CET | 1.1.1.1 | 192.168.2.5 | 0xa0ff | No error (0) | 172.253.122.106 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.752628088 CET | 1.1.1.1 | 192.168.2.5 | 0xa0ff | No error (0) | 172.253.122.103 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.753619909 CET | 1.1.1.1 | 192.168.2.5 | 0x6115 | No error (0) | 65 | IN (0x0001) | false | |||
Nov 30, 2023 17:56:35.863034964 CET | 8.8.8.8 | 192.168.2.5 | 0x7fb2 | No error (0) | 142.251.15.102 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.863034964 CET | 8.8.8.8 | 192.168.2.5 | 0x7fb2 | No error (0) | 142.251.15.113 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.863034964 CET | 8.8.8.8 | 192.168.2.5 | 0x7fb2 | No error (0) | 142.251.15.139 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.863034964 CET | 8.8.8.8 | 192.168.2.5 | 0x7fb2 | No error (0) | 142.251.15.100 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.863034964 CET | 8.8.8.8 | 192.168.2.5 | 0x7fb2 | No error (0) | 142.251.15.138 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.863034964 CET | 8.8.8.8 | 192.168.2.5 | 0x7fb2 | No error (0) | 142.251.15.101 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.891895056 CET | 1.1.1.1 | 192.168.2.5 | 0x7b74 | No error (0) | 142.251.167.138 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.891895056 CET | 1.1.1.1 | 192.168.2.5 | 0x7b74 | No error (0) | 142.251.167.101 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.891895056 CET | 1.1.1.1 | 192.168.2.5 | 0x7b74 | No error (0) | 142.251.167.102 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.891895056 CET | 1.1.1.1 | 192.168.2.5 | 0x7b74 | No error (0) | 142.251.167.113 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.891895056 CET | 1.1.1.1 | 192.168.2.5 | 0x7b74 | No error (0) | 142.251.167.100 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2023 17:56:35.891895056 CET | 1.1.1.1 | 192.168.2.5 | 0x7b74 | No error (0) | 142.251.167.139 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49710 | 40.67.210.167 | 80 | 5436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2023 17:56:33.155611038 CET | 1534 | OUT | |
Nov 30, 2023 17:56:33.411086082 CET | 971 | IN | |
Nov 30, 2023 17:57:18.420667887 CET | 60 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49711 | 40.67.210.167 | 80 | 5436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2023 17:57:18.164714098 CET | 60 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49712 | 40.67.210.167 | 80 | 5436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2023 17:57:18.260776997 CET | 60 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49706 | 172.253.115.84 | 443 | 5436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:56:31 UTC | 680 | OUT | |
2023-11-30 16:56:31 UTC | 1 | OUT | |
2023-11-30 16:56:32 UTC | 1627 | IN | |
2023-11-30 16:56:32 UTC | 23 | IN | |
2023-11-30 16:56:32 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49707 | 172.253.115.102 | 443 | 5436 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:56:31 UTC | 752 | OUT | |
2023-11-30 16:56:32 UTC | 732 | IN | |
2023-11-30 16:56:32 UTC | 520 | IN | |
2023-11-30 16:56:32 UTC | 200 | IN | |
2023-11-30 16:56:32 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49716 | 104.72.156.109 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:56:36 UTC | 161 | OUT | |
2023-11-30 16:56:37 UTC | 435 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49717 | 104.72.156.109 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:56:37 UTC | 239 | OUT | |
2023-11-30 16:56:37 UTC | 530 | IN | |
2023-11-30 16:56:37 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49718 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:56:48 UTC | 306 | OUT | |
2023-11-30 16:56:48 UTC | 560 | IN | |
2023-11-30 16:56:48 UTC | 15824 | IN | |
2023-11-30 16:56:48 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
5 | 192.168.2.5 | 49721 | 23.1.237.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:56:48 UTC | 2148 | OUT | |
2023-11-30 16:56:48 UTC | 1 | OUT | |
2023-11-30 16:56:48 UTC | 2482 | OUT | |
2023-11-30 16:56:49 UTC | 476 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49725 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2023-11-30 16:57:26 UTC | 306 | OUT | |
2023-11-30 16:57:26 UTC | 560 | IN | |
2023-11-30 16:57:26 UTC | 15824 | IN | |
2023-11-30 16:57:26 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 17:56:27 |
Start date: | 30/11/2023 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 17:56:30 |
Start date: | 30/11/2023 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 17:56:31 |
Start date: | 30/11/2023 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |