Edit tour
Linux
Analysis Report
TGD4oHRCb5.elf
Overview
General Information
Sample name: | TGD4oHRCb5.elfrenamed because original name is a hash value |
Original sample name: | 133562f29886fc8c85ce7083d4ff53fb.elf |
Analysis ID: | 1466535 |
MD5: | 133562f29886fc8c85ce7083d4ff53fb |
SHA1: | 56a063ff06fbfdc55444ab9cd47b5e54a8ba50fd |
SHA256: | 3f509a48bfb5cf1a5da35c861c70b5777e61a5dbf250331e5e731a912a148672 |
Tags: | 64elfmirai |
Infos: | |
Detection
Mirai
Score: | 76 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Connects to many ports of the same IP (likely port scanning)
Machine Learning detection for sample
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Executes the "rm" command used to delete files or directories
Sample contains only a LOAD segment without any section mappings
Sample listens on a socket
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Yara signature match
Classification
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1466535 |
Start date and time: | 2024-07-03 03:09:04 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 34s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | TGD4oHRCb5.elfrenamed because original name is a hash value |
Original Sample Name: | 133562f29886fc8c85ce7083d4ff53fb.elf |
Detection: | MAL |
Classification: | mal76.troj.evad.linELF@0/0@38/0 |
Command: | /tmp/TGD4oHRCb5.elf |
PID: | 6213 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | Hello, world! |
Standard Error: |
- system is lnxubuntu20
- dash New Fork (PID: 6194, Parent: 4332)
- dash New Fork (PID: 6195, Parent: 4332)
- TGD4oHRCb5.elf New Fork (PID: 6214, Parent: 6213)
- TGD4oHRCb5.elf New Fork (PID: 6215, Parent: 6214)
- TGD4oHRCb5.elf New Fork (PID: 6216, Parent: 6214)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
Linux_Trojan_Gafgyt_9e9530a7 | unknown | unknown |
| |
Linux_Trojan_Gafgyt_807911a2 | unknown | unknown |
| |
Linux_Trojan_Gafgyt_d4227dbf | unknown | unknown |
| |
Click to see the 27 entries |
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: |
Networking |
---|
Source: | TCP traffic: |
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Program segment: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Data Obfuscation |
---|
Source: | String containing UPX found: | ||
Source: | String containing UPX found: | ||
Source: | String containing UPX found: |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Source: | Submission file: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 11 Obfuscated Files or Information | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 File Deletion | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 2 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
29% | ReversingLabs | Linux.Trojan.Mirai | ||
17% | Virustotal | Browse | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
8% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
retardedclassmate.dyn | 37.49.229.111 | true | true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
true |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
37.49.229.111 | retardedclassmate.dyn | Estonia | 213371 | SQUITTER-NETWORKSNL | true | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
37.49.229.111 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
109.202.202.202 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse | |||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse | |||
91.189.91.43 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse | |||
Get hash | malicious | Unknown | Browse | |||
91.189.91.42 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse | |||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
retardedclassmate.dyn | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
INIT7CH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Gafgyt, Okiru | Browse |
| ||
SQUITTER-NETWORKSNL | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | RedLine | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 7.874044322530595 |
TrID: |
|
File name: | TGD4oHRCb5.elf |
File size: | 59'028 bytes |
MD5: | 133562f29886fc8c85ce7083d4ff53fb |
SHA1: | 56a063ff06fbfdc55444ab9cd47b5e54a8ba50fd |
SHA256: | 3f509a48bfb5cf1a5da35c861c70b5777e61a5dbf250331e5e731a912a148672 |
SHA512: | 1c5965dc03cd2ae2403aa1079d006ebdaa9e7a9daa548d5df6588a5c5c75a6e4c75c62065927bc51f5860ad394733c89d73b04017c7bc482ae35ee68f3ef9212 |
SSDEEP: | 768:kbvzoZ2MvVVIXXz86kV+VT84keDpgfpZ/Lsx5JCvB53+LQOpZM5qikqs:SvzoTVIXDDkV+97pEZ/LOJUBJVe2qids |
TLSH: | 5943026A62757591F79F75F2560F87C2FDFE0B02BB8A08915C48B3213C48D49873C265 |
File Content Preview: | .ELF..............>.....p.......@...................@.8...@.....................................p.......p.................................R.......R.............................Q.td.......................................................=UPX!.........@...@. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 64 |
Program Header Offset: | 64 |
Program Header Size: | 56 |
Number of Program Headers: | 3 |
Section Header Offset: | 0 |
Section Header Size: | 64 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x100000 | 0x100000 | 0xe570 | 0xe570 | 7.8763 | 0x5 | R E | 0x100000 | ||
LOAD | 0xda0 | 0x52bda0 | 0x52bda0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x1000 | ||
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x8 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 03:09:41.639496088 CEST | 32812 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:09:41.645564079 CEST | 25603 | 32812 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:09:41.645608902 CEST | 32812 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:09:41.645620108 CEST | 32812 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:09:41.653116941 CEST | 25603 | 32812 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:09:41.653182030 CEST | 32812 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:09:41.661168098 CEST | 25603 | 32812 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:09:42.314922094 CEST | 25603 | 32812 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:09:42.315007925 CEST | 32812 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:09:42.315025091 CEST | 32812 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:09:43.706775904 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Jul 3, 2024 03:09:49.338000059 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Jul 3, 2024 03:09:50.873811007 CEST | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Jul 3, 2024 03:10:05.463783026 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Jul 3, 2024 03:10:07.339870930 CEST | 32814 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:07.344748974 CEST | 25603 | 32814 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:07.344808102 CEST | 32814 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:07.344835043 CEST | 32814 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:07.349606037 CEST | 25603 | 32814 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:07.349646091 CEST | 32814 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:07.354496956 CEST | 25603 | 32814 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:08.017502069 CEST | 25603 | 32814 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:08.017561913 CEST | 32814 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:08.017608881 CEST | 32814 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:15.702370882 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Jul 3, 2024 03:10:21.845526934 CEST | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Jul 3, 2024 03:10:33.037920952 CEST | 32816 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:33.043400049 CEST | 25603 | 32816 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:33.043461084 CEST | 32816 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:33.043490887 CEST | 32816 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:33.048932076 CEST | 25603 | 32816 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:33.048968077 CEST | 32816 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:33.053765059 CEST | 25603 | 32816 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:33.729504108 CEST | 25603 | 32816 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:33.729605913 CEST | 32816 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:33.729640007 CEST | 32816 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:46.418322086 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Jul 3, 2024 03:10:58.759167910 CEST | 32818 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:58.764806986 CEST | 25603 | 32818 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:58.764925957 CEST | 32818 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:58.764959097 CEST | 32818 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:58.769726992 CEST | 25603 | 32818 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:58.769787073 CEST | 32818 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:58.774621010 CEST | 25603 | 32818 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:59.439377069 CEST | 25603 | 32818 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:10:59.439693928 CEST | 32818 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:10:59.439770937 CEST | 32818 | 25603 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:10.574316025 CEST | 48526 | 25610 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:10.579569101 CEST | 25610 | 48526 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:10.579659939 CEST | 48526 | 25610 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:10.579684019 CEST | 48526 | 25610 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:10.585417986 CEST | 25610 | 48526 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:10.585473061 CEST | 48526 | 25610 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:10.590990067 CEST | 25610 | 48526 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:11.246062040 CEST | 25610 | 48526 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:11.246323109 CEST | 48526 | 25610 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.246360064 CEST | 48526 | 25610 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.262866020 CEST | 49462 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.267764091 CEST | 25602 | 49462 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:11.267834902 CEST | 49462 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.267855883 CEST | 49462 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.272727966 CEST | 25602 | 49462 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:11.272785902 CEST | 49462 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.277643919 CEST | 25602 | 49462 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:11.988043070 CEST | 25602 | 49462 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:11.988208055 CEST | 49462 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:11.988226891 CEST | 49462 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:12.004697084 CEST | 43834 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:12.009505033 CEST | 25598 | 43834 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:12.009582996 CEST | 43834 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:12.009582996 CEST | 43834 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:12.014417887 CEST | 25598 | 43834 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:12.014498949 CEST | 43834 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:12.019339085 CEST | 25598 | 43834 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:12.689635038 CEST | 25598 | 43834 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:12.689796925 CEST | 43834 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:12.689841032 CEST | 43834 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.191274881 CEST | 34566 | 25601 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.196125984 CEST | 25601 | 34566 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:19.196192026 CEST | 34566 | 25601 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.196244955 CEST | 34566 | 25601 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.201628923 CEST | 25601 | 34566 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:19.201683044 CEST | 34566 | 25601 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.206698895 CEST | 25601 | 34566 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:19.883065939 CEST | 25601 | 34566 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:19.883496046 CEST | 34566 | 25601 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.883650064 CEST | 34566 | 25601 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.892327070 CEST | 49468 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.897099018 CEST | 25602 | 49468 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:19.897171021 CEST | 49468 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.897214890 CEST | 49468 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.901990891 CEST | 25602 | 49468 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:19.902045012 CEST | 49468 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:19.906779051 CEST | 25602 | 49468 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:20.562182903 CEST | 25602 | 49468 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:20.562433004 CEST | 49468 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:20.562520027 CEST | 49468 | 25602 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:40.297260046 CEST | 45228 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:40.302122116 CEST | 25604 | 45228 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:40.302186012 CEST | 45228 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:40.302221060 CEST | 45228 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:40.307039022 CEST | 25604 | 45228 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:40.307096004 CEST | 45228 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:40.311889887 CEST | 25604 | 45228 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:40.984047890 CEST | 25604 | 45228 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:40.984364033 CEST | 45228 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:40.984440088 CEST | 45228 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.041858912 CEST | 45230 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.046648979 CEST | 25604 | 45230 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:41.046713114 CEST | 45230 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.046749115 CEST | 45230 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.052207947 CEST | 25604 | 45230 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:41.052263021 CEST | 45230 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.057112932 CEST | 25604 | 45230 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:41.710988045 CEST | 25604 | 45230 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:41.711179018 CEST | 45230 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.711252928 CEST | 45230 | 25604 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.729146004 CEST | 52982 | 25597 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.734085083 CEST | 25597 | 52982 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:41.734220028 CEST | 52982 | 25597 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.734265089 CEST | 52982 | 25597 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.740381956 CEST | 25597 | 52982 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:41.740458965 CEST | 52982 | 25597 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:41.745376110 CEST | 25597 | 52982 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:42.444191933 CEST | 25597 | 52982 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:42.444370985 CEST | 52982 | 25597 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:42.444544077 CEST | 52982 | 25597 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:42.460912943 CEST | 42792 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:42.465838909 CEST | 25608 | 42792 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:42.465929985 CEST | 42792 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:42.465945959 CEST | 42792 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:42.470778942 CEST | 25608 | 42792 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:42.470834017 CEST | 42792 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:42.475709915 CEST | 25608 | 42792 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.158886909 CEST | 25608 | 42792 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.159022093 CEST | 42792 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.159131050 CEST | 42792 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.170783997 CEST | 42794 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.175709009 CEST | 25608 | 42794 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.175818920 CEST | 42794 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.175818920 CEST | 42794 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.180679083 CEST | 25608 | 42794 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.180747032 CEST | 42794 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.185556889 CEST | 25608 | 42794 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.848269939 CEST | 25608 | 42794 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.848448992 CEST | 42794 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.848448992 CEST | 42794 | 25608 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.876693964 CEST | 43850 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.882842064 CEST | 25598 | 43850 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.882898092 CEST | 43850 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.882898092 CEST | 43850 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.890642881 CEST | 25598 | 43850 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:43.890691996 CEST | 43850 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:43.897423029 CEST | 25598 | 43850 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:44.552989006 CEST | 25598 | 43850 | 37.49.229.111 | 192.168.2.23 |
Jul 3, 2024 03:11:44.553141117 CEST | 43850 | 25598 | 192.168.2.23 | 37.49.229.111 |
Jul 3, 2024 03:11:44.553178072 CEST | 43850 | 25598 | 192.168.2.23 | 37.49.229.111 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 03:09:41.621407032 CEST | 54287 | 53 | 192.168.2.23 | 51.158.108.203 |
Jul 3, 2024 03:09:41.639056921 CEST | 53 | 54287 | 51.158.108.203 | 192.168.2.23 |
Jul 3, 2024 03:09:42.315787077 CEST | 52414 | 53 | 192.168.2.23 | 178.254.22.166 |
Jul 3, 2024 03:09:47.320914030 CEST | 60677 | 53 | 192.168.2.23 | 178.254.22.166 |
Jul 3, 2024 03:09:52.322242975 CEST | 45486 | 53 | 192.168.2.23 | 178.254.22.166 |
Jul 3, 2024 03:09:57.327719927 CEST | 57920 | 53 | 192.168.2.23 | 178.254.22.166 |
Jul 3, 2024 03:10:02.335410118 CEST | 45535 | 53 | 192.168.2.23 | 178.254.22.166 |
Jul 3, 2024 03:10:08.018642902 CEST | 47765 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:13.019459009 CEST | 50802 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:18.022732019 CEST | 41807 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:23.027889967 CEST | 45429 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:28.033081055 CEST | 60624 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:33.730639935 CEST | 34225 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:38.736443043 CEST | 43414 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:43.742296934 CEST | 47309 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:48.748023987 CEST | 37816 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:53.753972054 CEST | 33877 | 53 | 192.168.2.23 | 91.217.137.37 |
Jul 3, 2024 03:10:59.440937042 CEST | 39845 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:04.446917057 CEST | 49959 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:09.452594995 CEST | 47465 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:10.573115110 CEST | 53 | 47465 | 51.77.149.139 | 192.168.2.23 |
Jul 3, 2024 03:11:11.247777939 CEST | 59831 | 53 | 192.168.2.23 | 51.254.162.59 |
Jul 3, 2024 03:11:11.262234926 CEST | 53 | 59831 | 51.254.162.59 | 192.168.2.23 |
Jul 3, 2024 03:11:11.989367962 CEST | 36376 | 53 | 192.168.2.23 | 51.254.162.59 |
Jul 3, 2024 03:11:12.004173040 CEST | 53 | 36376 | 51.254.162.59 | 192.168.2.23 |
Jul 3, 2024 03:11:12.691131115 CEST | 42204 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:17.697165012 CEST | 41361 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:19.189944983 CEST | 53 | 41361 | 51.77.149.139 | 192.168.2.23 |
Jul 3, 2024 03:11:19.885023117 CEST | 60391 | 53 | 192.168.2.23 | 195.10.195.195 |
Jul 3, 2024 03:11:19.891813993 CEST | 53 | 60391 | 195.10.195.195 | 192.168.2.23 |
Jul 3, 2024 03:11:20.563769102 CEST | 37930 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:25.569298029 CEST | 38112 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:30.575395107 CEST | 43666 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:35.581394911 CEST | 57501 | 53 | 192.168.2.23 | 51.77.149.139 |
Jul 3, 2024 03:11:40.296303034 CEST | 53 | 57501 | 51.77.149.139 | 192.168.2.23 |
Jul 3, 2024 03:11:40.985733986 CEST | 40842 | 53 | 192.168.2.23 | 94.16.114.254 |
Jul 3, 2024 03:11:40.997499943 CEST | 40686 | 53 | 192.168.2.23 | 94.16.114.254 |
Jul 3, 2024 03:11:41.008563042 CEST | 51845 | 53 | 192.168.2.23 | 94.16.114.254 |
Jul 3, 2024 03:11:41.019568920 CEST | 36540 | 53 | 192.168.2.23 | 94.16.114.254 |
Jul 3, 2024 03:11:41.031438112 CEST | 45484 | 53 | 192.168.2.23 | 94.16.114.254 |
Jul 3, 2024 03:11:41.712562084 CEST | 51001 | 53 | 192.168.2.23 | 51.158.108.203 |
Jul 3, 2024 03:11:41.728621960 CEST | 53 | 51001 | 51.158.108.203 | 192.168.2.23 |
Jul 3, 2024 03:11:42.445801973 CEST | 43528 | 53 | 192.168.2.23 | 51.254.162.59 |
Jul 3, 2024 03:11:42.460382938 CEST | 53 | 43528 | 51.254.162.59 | 192.168.2.23 |
Jul 3, 2024 03:11:43.160406113 CEST | 34252 | 53 | 192.168.2.23 | 194.36.144.87 |
Jul 3, 2024 03:11:43.170239925 CEST | 53 | 34252 | 194.36.144.87 | 192.168.2.23 |
Jul 3, 2024 03:11:43.849234104 CEST | 36036 | 53 | 192.168.2.23 | 81.169.136.222 |
Jul 3, 2024 03:11:43.876318932 CEST | 53 | 36036 | 81.169.136.222 | 192.168.2.23 |
Jul 3, 2024 03:11:44.554420948 CEST | 32905 | 53 | 192.168.2.23 | 178.254.22.166 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 3, 2024 03:10:08.069550991 CEST | 77.87.200.190 | 192.168.2.23 | 52fd | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:13.068844080 CEST | 77.87.200.190 | 192.168.2.23 | 52fd | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:18.074944973 CEST | 77.87.200.190 | 192.168.2.23 | 52fd | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:23.080823898 CEST | 77.87.200.190 | 192.168.2.23 | 52fd | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:28.085483074 CEST | 77.87.200.190 | 192.168.2.23 | 52fd | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:33.781419039 CEST | 77.87.200.190 | 192.168.2.23 | c23d | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:38.785450935 CEST | 77.87.200.190 | 192.168.2.23 | c23d | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:43.791348934 CEST | 77.87.200.190 | 192.168.2.23 | c23d | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:48.800199986 CEST | 77.87.200.190 | 192.168.2.23 | c23d | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:10:53.803049088 CEST | 77.87.200.190 | 192.168.2.23 | c23d | (Host unreachable) | Destination Unreachable |
Jul 3, 2024 03:11:40.996498108 CEST | 94.16.114.254 | 192.168.2.23 | 910b | (Port unreachable) | Destination Unreachable |
Jul 3, 2024 03:11:41.007584095 CEST | 94.16.114.254 | 192.168.2.23 | 910b | (Port unreachable) | Destination Unreachable |
Jul 3, 2024 03:11:41.018568993 CEST | 94.16.114.254 | 192.168.2.23 | 910b | (Port unreachable) | Destination Unreachable |
Jul 3, 2024 03:11:41.030483961 CEST | 94.16.114.254 | 192.168.2.23 | 910b | (Port unreachable) | Destination Unreachable |
Jul 3, 2024 03:11:41.041402102 CEST | 94.16.114.254 | 192.168.2.23 | 910b | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 03:09:41.621407032 CEST | 192.168.2.23 | 51.158.108.203 | 0x4cd2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:09:42.315787077 CEST | 192.168.2.23 | 178.254.22.166 | 0x11ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:09:47.320914030 CEST | 192.168.2.23 | 178.254.22.166 | 0x11ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:09:52.322242975 CEST | 192.168.2.23 | 178.254.22.166 | 0x11ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:09:57.327719927 CEST | 192.168.2.23 | 178.254.22.166 | 0x11ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:02.335410118 CEST | 192.168.2.23 | 178.254.22.166 | 0x11ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:08.018642902 CEST | 192.168.2.23 | 91.217.137.37 | 0xcb6e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:13.019459009 CEST | 192.168.2.23 | 91.217.137.37 | 0xcb6e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:18.022732019 CEST | 192.168.2.23 | 91.217.137.37 | 0xcb6e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:23.027889967 CEST | 192.168.2.23 | 91.217.137.37 | 0xcb6e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:28.033081055 CEST | 192.168.2.23 | 91.217.137.37 | 0xcb6e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:33.730639935 CEST | 192.168.2.23 | 91.217.137.37 | 0x3aaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:38.736443043 CEST | 192.168.2.23 | 91.217.137.37 | 0x3aaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:43.742296934 CEST | 192.168.2.23 | 91.217.137.37 | 0x3aaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:48.748023987 CEST | 192.168.2.23 | 91.217.137.37 | 0x3aaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:53.753972054 CEST | 192.168.2.23 | 91.217.137.37 | 0x3aaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:10:59.440937042 CEST | 192.168.2.23 | 51.77.149.139 | 0xe69a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:04.446917057 CEST | 192.168.2.23 | 51.77.149.139 | 0xe69a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:09.452594995 CEST | 192.168.2.23 | 51.77.149.139 | 0xe69a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:11.247777939 CEST | 192.168.2.23 | 51.254.162.59 | 0xc7c7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:11.989367962 CEST | 192.168.2.23 | 51.254.162.59 | 0x99f2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:12.691131115 CEST | 192.168.2.23 | 51.77.149.139 | 0x39c0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:17.697165012 CEST | 192.168.2.23 | 51.77.149.139 | 0x39c0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:19.885023117 CEST | 192.168.2.23 | 195.10.195.195 | 0x4f4a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:20.563769102 CEST | 192.168.2.23 | 51.77.149.139 | 0xb66e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:25.569298029 CEST | 192.168.2.23 | 51.77.149.139 | 0xb66e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:30.575395107 CEST | 192.168.2.23 | 51.77.149.139 | 0xb66e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:35.581394911 CEST | 192.168.2.23 | 51.77.149.139 | 0xb66e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:40.985733986 CEST | 192.168.2.23 | 94.16.114.254 | 0x84f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:40.997499943 CEST | 192.168.2.23 | 94.16.114.254 | 0x84f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:41.008563042 CEST | 192.168.2.23 | 94.16.114.254 | 0x84f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:41.019568920 CEST | 192.168.2.23 | 94.16.114.254 | 0x84f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:41.031438112 CEST | 192.168.2.23 | 94.16.114.254 | 0x84f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:41.712562084 CEST | 192.168.2.23 | 51.158.108.203 | 0x9319 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:42.445801973 CEST | 192.168.2.23 | 51.254.162.59 | 0x4751 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:43.160406113 CEST | 192.168.2.23 | 194.36.144.87 | 0xd114 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:43.849234104 CEST | 192.168.2.23 | 81.169.136.222 | 0x572a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 03:11:44.554420948 CEST | 192.168.2.23 | 178.254.22.166 | 0xbf42 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 03:09:41.639056921 CEST | 51.158.108.203 | 192.168.2.23 | 0x4cd2 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:10.573115110 CEST | 51.77.149.139 | 192.168.2.23 | 0xe69a | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:11.262234926 CEST | 51.254.162.59 | 192.168.2.23 | 0xc7c7 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:12.004173040 CEST | 51.254.162.59 | 192.168.2.23 | 0x99f2 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:19.189944983 CEST | 51.77.149.139 | 192.168.2.23 | 0x39c0 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:19.891813993 CEST | 195.10.195.195 | 192.168.2.23 | 0x4f4a | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:40.296303034 CEST | 51.77.149.139 | 192.168.2.23 | 0xb66e | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:41.728621960 CEST | 51.158.108.203 | 192.168.2.23 | 0x9319 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:42.460382938 CEST | 51.254.162.59 | 192.168.2.23 | 0x4751 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:43.170239925 CEST | 194.36.144.87 | 192.168.2.23 | 0xd114 | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 03:11:43.876318932 CEST | 81.169.136.222 | 192.168.2.23 | 0x572a | No error (0) | 37.49.229.111 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 01:09:33 |
Start date (UTC): | 03/07/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 01:09:33 |
Start date (UTC): | 03/07/2024 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.2zzDf425XD /tmp/tmp.SCVAx0OdL5 /tmp/tmp.QAOBD2CJq1 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 01:09:33 |
Start date (UTC): | 03/07/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 01:09:33 |
Start date (UTC): | 03/07/2024 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.2zzDf425XD /tmp/tmp.SCVAx0OdL5 /tmp/tmp.QAOBD2CJq1 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 01:09:40 |
Start date (UTC): | 03/07/2024 |
Path: | /tmp/TGD4oHRCb5.elf |
Arguments: | /tmp/TGD4oHRCb5.elf |
File size: | 59028 bytes |
MD5 hash: | 133562f29886fc8c85ce7083d4ff53fb |
Start time (UTC): | 01:09:40 |
Start date (UTC): | 03/07/2024 |
Path: | /tmp/TGD4oHRCb5.elf |
Arguments: | - |
File size: | 59028 bytes |
MD5 hash: | 133562f29886fc8c85ce7083d4ff53fb |
Start time (UTC): | 01:09:40 |
Start date (UTC): | 03/07/2024 |
Path: | /tmp/TGD4oHRCb5.elf |
Arguments: | - |
File size: | 59028 bytes |
MD5 hash: | 133562f29886fc8c85ce7083d4ff53fb |
Start time (UTC): | 01:09:40 |
Start date (UTC): | 03/07/2024 |
Path: | /tmp/TGD4oHRCb5.elf |
Arguments: | - |
File size: | 59028 bytes |
MD5 hash: | 133562f29886fc8c85ce7083d4ff53fb |