Windows
Analysis Report
7sAylAXBOb.exe
Overview
General Information
Sample name: | 7sAylAXBOb.exerenamed because original name is a hash value |
Original sample name: | c634f44560fe43def439cbf47ba668dfee9905d2e5cae1bac2789e59f82e8526.exe |
Analysis ID: | 1467010 |
MD5: | 85179ac6aec3b32a40b06f35cfc6594b |
SHA1: | 6700b84fa70c4b5ccab8688db32ac71a2aafeeb6 |
SHA256: | c634f44560fe43def439cbf47ba668dfee9905d2e5cae1bac2789e59f82e8526 |
Tags: | exe |
Infos: | |
Detection
Score: | 96 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
7sAylAXBOb.exe (PID: 7164 cmdline:
"C:\Users\ user\Deskt op\7sAylAX BOb.exe" MD5: 85179AC6AEC3B32A40B06F35CFC6594B) akk3nwj1mabelfu4.exe (PID: 5776 cmdline:
"C:\zqzhok rkxswikv\a kk3nwj1mab elfu4.exe" MD5: 85179AC6AEC3B32A40B06F35CFC6594B) nlsxqvtcr.exe (PID: 1688 cmdline:
"C:\zqzhok rkxswikv\n lsxqvtcr.e xe" MD5: 85179AC6AEC3B32A40B06F35CFC6594B)
nlsxqvtcr.exe (PID: 660 cmdline:
C:\zqzhokr kxswikv\nl sxqvtcr.ex e MD5: 85179AC6AEC3B32A40B06F35CFC6594B) gyyuuofs.exe (PID: 3104 cmdline:
lbgkkmbemh iq "c:\zqz hokrkxswik v\nlsxqvtc r.exe" MD5: 85179AC6AEC3B32A40B06F35CFC6594B) nlsxqvtcr.exe (PID: 4536 cmdline:
"c:\zqzhok rkxswikv\n lsxqvtcr.e xe" MD5: 85179AC6AEC3B32A40B06F35CFC6594B) gyyuuofs.exe (PID: 4600 cmdline:
lbgkkmbemh iq "c:\zqz hokrkxswik v\nlsxqvtc r.exe" MD5: 85179AC6AEC3B32A40B06F35CFC6594B)
svchost.exe (PID: 2148 cmdline:
C:\Windows \System32\ svchost.ex e -k Local Service -p -s Licens eManager MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
- cleanup
Source: | Author: vburov: |
Timestamp: | 07/03/24-16:25:11.482211 |
SID: | 2037771 |
Source Port: | 80 |
Destination Port: | 49710 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 07/03/24-16:25:12.587584 |
SID: | 2811542 |
Source Port: | 53 |
Destination Port: | 58330 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 07/03/24-16:25:12.567884 |
SID: | 2037771 |
Source Port: | 80 |
Destination Port: | 49711 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 07/03/24-16:25:06.455531 |
SID: | 2815568 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 07/03/24-16:26:32.618956 |
SID: | 2815568 |
Source Port: | 53879 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 07/03/24-16:25:09.738416 |
SID: | 2018316 |
Source Port: | 53 |
Destination Port: | 50077 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 07/03/24-16:25:17.978035 |
SID: | 2037771 |
Source Port: | 80 |
Destination Port: | 53875 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: |
Source: | ReversingLabs: | ||
Source: | ReversingLabs: | ||
Source: | ReversingLabs: |
Source: | ReversingLabs: |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: |
Source: | Joe Sandbox ML: |
Source: | Code function: | 2_2_00E4BA80 | |
Source: | Code function: | 3_2_0078BA80 |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Code function: | 0_2_00655250 | |
Source: | Code function: | 2_2_00E45250 | |
Source: | Code function: | 3_2_00785250 | |
Source: | Code function: | 4_2_00E35250 | |
Source: | Code function: | 13_2_00FF5250 |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | ASN Name: | ||
Source: | ASN Name: | ||
Source: | ASN Name: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_00640D90 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Code function: | 0_2_00650EE7 | |
Source: | Code function: | 0_2_00650F01 | |
Source: | Code function: | 0_2_006497C0 | |
Source: | Code function: | 2_2_00E397C0 | |
Source: | Code function: | 3_2_00780F01 | |
Source: | Code function: | 3_2_007797C0 | |
Source: | Code function: | 4_2_00E297C0 | |
Source: | Code function: | 13_2_00FF0EE7 | |
Source: | Code function: | 13_2_00FE97C0 | |
Source: | Code function: | 13_2_00FF0F01 |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_00669A20 | |
Source: | Code function: | 2_2_00E59A20 | |
Source: | Code function: | 3_2_00799A20 | |
Source: | Code function: | 4_2_00E49A20 | |
Source: | Code function: | 13_2_01009A20 |
Source: | Code function: | 0_2_006625D5 |
Source: | Code function: | 0_2_00669A20 |
Source: | Code function: | 0_2_0064BB60 | |
Source: | Code function: | 2_2_00E3BB60 | |
Source: | Code function: | 3_2_0077BB60 | |
Source: | Code function: | 4_2_00E2BB60 | |
Source: | Code function: | 13_2_00FEBB60 |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: |
Source: | Code function: | 0_2_00631338 |
Source: | Code function: | 0_2_0064EF10 | |
Source: | Code function: | 0_2_00671404 | |
Source: | Code function: | 0_2_0067142C | |
Source: | Code function: | 2_2_00E61404 | |
Source: | Code function: | 2_2_00E6142C | |
Source: | Code function: | 2_2_00E3EF10 | |
Source: | Code function: | 3_2_0077EF10 | |
Source: | Code function: | 3_2_007A1404 | |
Source: | Code function: | 3_2_007A142C | |
Source: | Code function: | 4_2_00E51404 | |
Source: | Code function: | 4_2_00E5142C | |
Source: | Code function: | 4_2_00E2EF10 | |
Source: | Code function: | 13_2_01011404 | |
Source: | Code function: | 13_2_0101142C | |
Source: | Code function: | 13_2_00FEEF10 |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Code function: | 0_2_00669A20 |
Source: | Code function: | 0_2_00631338 |
Source: | Code function: | 0_2_0063C260 | |
Source: | Code function: | 2_2_00E2C260 | |
Source: | Code function: | 3_2_0076C260 | |
Source: | Code function: | 4_2_00E1C260 | |
Source: | Code function: | 13_2_00FDC260 |
Source: | Code function: | 2_2_00E32C10 | |
Source: | Code function: | 3_2_00772C10 |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: |
Source: | Code function: | 0_2_00655250 | |
Source: | Code function: | 2_2_00E45250 | |
Source: | Code function: | 3_2_00785250 | |
Source: | Code function: | 4_2_00E35250 | |
Source: | Code function: | 13_2_00FF5250 |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: |
Source: | API call chain: | graph_0-13055 | ||
Source: | API call chain: | graph_0-12994 | ||
Source: | API call chain: | graph_0-13081 | ||
Source: | API call chain: | graph_0-13390 | ||
Source: | API call chain: | graph_0-13019 | ||
Source: | API call chain: | graph_0-13416 | ||
Source: | API call chain: | graph_0-13004 | ||
Source: | API call chain: | graph_0-13072 | ||
Source: | API call chain: | graph_0-13339 | ||
Source: | API call chain: | graph_2-12052 | ||
Source: | API call chain: | graph_2-12071 | ||
Source: | API call chain: | graph_2-11169 | ||
Source: | API call chain: | graph_2-11990 | ||
Source: | API call chain: | graph_2-12017 | ||
Source: | API call chain: | graph_2-12753 | ||
Source: | API call chain: | graph_2-12690 | ||
Source: | API call chain: | graph_2-12790 | ||
Source: | API call chain: | graph_2-12090 | ||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_00631338 |
Source: | Code function: | 0_2_00667D20 |
Source: | Code function: | 0_2_006407D0 |
Source: | Code function: | 0_2_00667635 |
Source: | Code function: | 0_2_006582D0 |
Source: | Key value queried: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 2 Service Execution | 4 Windows Service | 4 Windows Service | 1 Masquerading | OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 1 Native API | 1 DLL Side-Loading | 1 Process Injection | 11 Virtualization/Sandbox Evasion | LSASS Memory | 111 Security Software Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 DLL Side-Loading | 1 Process Injection | Security Account Manager | 11 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Obfuscated Files or Information | NTDS | 2 Process Discovery | Distributed Component Object Model | Input Capture | 2 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 DLL Side-Loading | LSA Secrets | 1 Application Window Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 File Deletion | Cached Domain Credentials | 1 System Service Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | Compile After Delivery | DCSync | 1 System Network Configuration Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | Indicator Removal from Tools | Proc Filesystem | 1 File and Directory Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 4 System Information Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
92% | ReversingLabs | Win32.Spyware.Nivdort | ||
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
87% | ReversingLabs | Win32.Spyware.Nivdort | ||
87% | ReversingLabs | Win32.Spyware.Nivdort | ||
87% | ReversingLabs | Win32.Spyware.Nivdort |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
thoughprobable.net | 3.94.10.34 | true | true | unknown | |
suddencomplete.net | 15.197.192.55 | true | false | unknown | |
englishproud.net | 44.221.84.105 | true | true | unknown | |
hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com | 52.86.6.113 | true | false | unknown | |
figurewithout.net | 34.246.200.160 | true | true | unknown | |
childrenbicycle.net | 217.70.152.246 | true | false | unknown | |
familykitchen.net | 3.64.163.50 | true | false | unknown | |
hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com | 34.205.242.146 | true | false | unknown | |
familybridge.net | 77.247.183.155 | true | true | unknown | |
becausewagon.net | 15.197.192.55 | true | false | unknown | |
picturecomplete.net | unknown | unknown | true | unknown | |
becausekitchen.net | unknown | unknown | true | unknown | |
expectwagon.net | unknown | unknown | true | unknown | |
cigarettewelcome.net | unknown | unknown | true | unknown | |
englishwhose.net | unknown | unknown | true | unknown | |
rightkitchen.net | unknown | unknown | true | unknown | |
eitherexcept.net | unknown | unknown | true | unknown | |
machineenough.net | unknown | unknown | true | unknown | |
becausenature.net | unknown | unknown | true | unknown | |
foreignwithout.net | unknown | unknown | true | unknown | |
whetherwithout.net | unknown | unknown | true | unknown | |
rightwithout.net | unknown | unknown | true | unknown | |
suddenproud.net | unknown | unknown | true | unknown | |
cigarettewhose.net | unknown | unknown | true | unknown | |
familywhose.net | unknown | unknown | true | unknown | |
childrenprobable.net | unknown | unknown | true | unknown | |
eitherwhose.net | unknown | unknown | true | unknown | |
cigaretteproud.net | unknown | unknown | true | unknown | |
englisharound.net | unknown | unknown | true | unknown | |
childrenwelcome.net | unknown | unknown | true | unknown | |
englishwelcome.net | unknown | unknown | true | unknown | |
suddenenough.net | unknown | unknown | true | unknown | |
figureproud.net | unknown | unknown | true | unknown | |
foreignnature.net | unknown | unknown | true | unknown | |
whetherprobable.net | unknown | unknown | true | unknown | |
becausewelcome.net | unknown | unknown | true | unknown | |
thoughwelcome.net | unknown | unknown | true | unknown | |
becausewithout.net | unknown | unknown | true | unknown | |
eitheraround.net | unknown | unknown | true | unknown | |
personenough.net | unknown | unknown | true | unknown | |
becausegovern.net | unknown | unknown | true | unknown | |
childrenexcept.net | unknown | unknown | true | unknown | |
rightcomplete.net | unknown | unknown | true | unknown | |
foreigngovern.net | unknown | unknown | true | unknown | |
englishexcept.net | unknown | unknown | true | unknown | |
whethernature.net | unknown | unknown | true | unknown | |
foreignproud.net | unknown | unknown | true | unknown | |
personwithout.net | unknown | unknown | true | unknown | |
suddenwithout.net | unknown | unknown | true | unknown | |
thoughcomplete.net | unknown | unknown | true | unknown | |
becauseprobable.net | unknown | unknown | true | unknown | |
eitherbridge.net | unknown | unknown | true | unknown | |
personneedle.net | unknown | unknown | true | unknown | |
rightprobable.net | unknown | unknown | true | unknown | |
childrenkitchen.net | unknown | unknown | true | unknown | |
whetherproud.net | unknown | unknown | true | unknown | |
picturewithout.net | unknown | unknown | true | unknown | |
suddennature.net | unknown | unknown | true | unknown | |
personproud.net | unknown | unknown | true | unknown | |
familyproud.net | unknown | unknown | true | unknown | |
childrenproud.net | unknown | unknown | true | unknown | |
pictureproud.net | unknown | unknown | true | unknown | |
becausearound.net | unknown | unknown | true | unknown | |
eitherwagon.net | unknown | unknown | true | unknown | |
picturearound.net | unknown | unknown | true | unknown | |
familycomplete.net | unknown | unknown | true | unknown | |
cigaretteprobable.net | unknown | unknown | true | unknown | |
machineneedle.net | unknown | unknown | true | unknown | |
englishbridge.net | unknown | unknown | true | unknown | |
eithercomplete.net | unknown | unknown | true | unknown | |
thoughwagon.net | unknown | unknown | true | unknown | |
becauseproud.net | unknown | unknown | true | unknown | |
picturekitchen.net | unknown | unknown | true | unknown | |
familywelcome.net | unknown | unknown | true | unknown | |
foreigncomplete.net | unknown | unknown | true | unknown | |
familybicycle.net | unknown | unknown | true | unknown | |
englishprobable.net | unknown | unknown | true | unknown | |
expectneedle.net | unknown | unknown | true | unknown | |
machinewagon.net | unknown | unknown | true | unknown | |
personcomplete.net | unknown | unknown | true | unknown | |
machinecomplete.net | unknown | unknown | true | unknown | |
expectcomplete.net | unknown | unknown | true | unknown | |
whetheraround.net | unknown | unknown | true | unknown | |
foreignneedle.net | unknown | unknown | true | unknown | |
figureprobable.net | unknown | unknown | true | unknown | |
whetherwelcome.net | unknown | unknown | true | unknown | |
machinewelcome.net | unknown | unknown | true | unknown | |
rightproud.net | unknown | unknown | true | unknown | |
expectenough.net | unknown | unknown | true | unknown | |
englishkitchen.net | unknown | unknown | true | unknown | |
expectprobable.net | unknown | unknown | true | unknown | |
expectproud.net | unknown | unknown | true | unknown | |
persongovern.net | unknown | unknown | true | unknown | |
childrenbridge.net | unknown | unknown | true | unknown | |
figurekitchen.net | unknown | unknown | true | unknown | |
picturewelcome.net | unknown | unknown | true | unknown | |
suddengovern.net | unknown | unknown | true | unknown | |
familyaround.net | unknown | unknown | true | unknown | |
expectnature.net | unknown | unknown | true | unknown | |
machinewithout.net | unknown | unknown | true | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
52.86.6.113 | hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com | United States | 14618 | AMAZON-AESUS | false | |
34.205.242.146 | hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com | United States | 14618 | AMAZON-AESUS | false | |
3.94.10.34 | thoughprobable.net | United States | 14618 | AMAZON-AESUS | true | |
77.247.183.155 | familybridge.net | Netherlands | 43350 | NFORCENL | true | |
34.246.200.160 | figurewithout.net | United States | 16509 | AMAZON-02US | true | |
44.221.84.105 | englishproud.net | United States | 14618 | AMAZON-AESUS | true | |
217.70.152.246 | childrenbicycle.net | Italy | 34081 | SERVER24-ASINCUBATECGmbH-SrlIT | false | |
15.197.192.55 | suddencomplete.net | United States | 7430 | TANDEMUS | false | |
3.64.163.50 | familykitchen.net | United States | 16509 | AMAZON-02US | false |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467010 |
Start date and time: | 2024-07-03 16:24:10 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 6m 30s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 15 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | 7sAylAXBOb.exerenamed because original name is a hash value |
Original Sample Name: | c634f44560fe43def439cbf47ba668dfee9905d2e5cae1bac2789e59f82e8526.exe |
Detection: | MAL |
Classification: | mal96.troj.winEXE@13/5@202/9 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- VT rate limit hit for: 7sAylAXBOb.exe
Time | Type | Description |
---|---|---|
10:25:38 | API Interceptor | |
10:26:25 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
52.86.6.113 | Get hash | malicious | FormBook | Browse |
| |
Get hash | malicious | Glupteba, SmokeLoader, Stealc | Browse |
| ||
Get hash | malicious | Glupteba, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | CryptoWall | Browse |
| ||
Get hash | malicious | FormBook, GuLoader | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Pushdo, DanaBot, SmokeLoader | Browse |
| ||
34.205.242.146 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Glupteba, SmokeLoader | Browse |
| ||
Get hash | malicious | Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Pushdo | Browse |
| ||
Get hash | malicious | FormBook, NSISDropper | Browse |
| ||
Get hash | malicious | XLoader | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
suddencomplete.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
englishproud.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
thoughprobable.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
figurewithout.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
familykitchen.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
childrenbicycle.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com | Get hash | malicious | FormBook | Browse |
| |
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | CMSBrute | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Glupteba, LummaC Stealer, SmokeLoader, Stealc, Xmrig | Browse |
| ||
Get hash | malicious | Glupteba, SmokeLoader, Stealc | Browse |
| ||
Get hash | malicious | Glupteba, LummaC Stealer, SmokeLoader | Browse |
| ||
hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | PureLog Stealer, SystemBC | Browse |
| ||
Get hash | malicious | PureLog Stealer, SystemBC | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | CMSBrute | Browse |
| ||
Get hash | malicious | SystemBC | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
AMAZON-AESUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
AMAZON-AESUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
AMAZON-02US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
AMAZON-AESUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
NFORCENL | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | CryptOne, Vidar | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Users\user\Desktop\7sAylAXBOb.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12 |
Entropy (8bit): | 3.584962500721156 |
Encrypted: | false |
SSDEEP: | 3:t0san:Tan |
MD5: | FCE0792EAE5493BDFEDF595683809BD3 |
SHA1: | D1598DAD5C24BBF13979E55479DE0518EEC8F34E |
SHA-256: | BEA41B7DD886CE210C67692BDD48A4111733BFF90823914534E99E2180235951 |
SHA-512: | FCD09FFC6B7AF14E3F996C741325AAAC6BF40BAAA719D604D7952B0F07FED7F9FA619E0AE567434C57C3C96568F77C9FC7F1AD2644F6BFCDEF14C42E930C0B11 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\7sAylAXBOb.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 359424 |
Entropy (8bit): | 6.767324484908409 |
Encrypted: | false |
SSDEEP: | 6144:m2dGPhmZjeu5aWA5l+xullevSa/iS5LNGaMGuTEIZzdK2dxP4QoO0kTajqO/jOiL:mxPg32l+s/fa/HLGaMGuhdxAjOeqbiJN |
MD5: | 85179AC6AEC3B32A40B06F35CFC6594B |
SHA1: | 6700B84FA70C4B5CCAB8688DB32AC71A2AAFEEB6 |
SHA-256: | C634F44560FE43DEF439CBF47BA668DFEE9905D2E5CAE1BAC2789E59F82E8526 |
SHA-512: | 589B192DBC3E541A440CE52439ACF746091556CA73418D3E4FE0D15003D27BB0E42AFE3365A6D3F86445B509A2968D59D38A07D24B7C7AD5B28222DCB74ADDAF |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 359424 |
Entropy (8bit): | 6.767324484908409 |
Encrypted: | false |
SSDEEP: | 6144:m2dGPhmZjeu5aWA5l+xullevSa/iS5LNGaMGuTEIZzdK2dxP4QoO0kTajqO/jOiL:mxPg32l+s/fa/HLGaMGuhdxAjOeqbiJN |
MD5: | 85179AC6AEC3B32A40B06F35CFC6594B |
SHA1: | 6700B84FA70C4B5CCAB8688DB32AC71A2AAFEEB6 |
SHA-256: | C634F44560FE43DEF439CBF47BA668DFEE9905D2E5CAE1BAC2789E59F82E8526 |
SHA-512: | 589B192DBC3E541A440CE52439ACF746091556CA73418D3E4FE0D15003D27BB0E42AFE3365A6D3F86445B509A2968D59D38A07D24B7C7AD5B28222DCB74ADDAF |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\zqzhokrkxswikv\akk3nwj1mabelfu4.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 359424 |
Entropy (8bit): | 6.767324484908409 |
Encrypted: | false |
SSDEEP: | 6144:m2dGPhmZjeu5aWA5l+xullevSa/iS5LNGaMGuTEIZzdK2dxP4QoO0kTajqO/jOiL:mxPg32l+s/fa/HLGaMGuhdxAjOeqbiJN |
MD5: | 85179AC6AEC3B32A40B06F35CFC6594B |
SHA1: | 6700B84FA70C4B5CCAB8688DB32AC71A2AAFEEB6 |
SHA-256: | C634F44560FE43DEF439CBF47BA668DFEE9905D2E5CAE1BAC2789E59F82E8526 |
SHA-512: | 589B192DBC3E541A440CE52439ACF746091556CA73418D3E4FE0D15003D27BB0E42AFE3365A6D3F86445B509A2968D59D38A07D24B7C7AD5B28222DCB74ADDAF |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\7sAylAXBOb.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12 |
Entropy (8bit): | 3.584962500721156 |
Encrypted: | false |
SSDEEP: | 3:t0san:Tan |
MD5: | FCE0792EAE5493BDFEDF595683809BD3 |
SHA1: | D1598DAD5C24BBF13979E55479DE0518EEC8F34E |
SHA-256: | BEA41B7DD886CE210C67692BDD48A4111733BFF90823914534E99E2180235951 |
SHA-512: | FCD09FFC6B7AF14E3F996C741325AAAC6BF40BAAA719D604D7952B0F07FED7F9FA619E0AE567434C57C3C96568F77C9FC7F1AD2644F6BFCDEF14C42E930C0B11 |
Malicious: | false |
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 6.767324484908409 |
TrID: |
|
File name: | 7sAylAXBOb.exe |
File size: | 359'424 bytes |
MD5: | 85179ac6aec3b32a40b06f35cfc6594b |
SHA1: | 6700b84fa70c4b5ccab8688db32ac71a2aafeeb6 |
SHA256: | c634f44560fe43def439cbf47ba668dfee9905d2e5cae1bac2789e59f82e8526 |
SHA512: | 589b192dbc3e541a440ce52439acf746091556ca73418d3e4fe0d15003d27bb0e42afe3365a6d3f86445b509a2968d59d38a07d24b7c7ad5b28222dcb74addaf |
SSDEEP: | 6144:m2dGPhmZjeu5aWA5l+xullevSa/iS5LNGaMGuTEIZzdK2dxP4QoO0kTajqO/jOiL:mxPg32l+s/fa/HLGaMGuhdxAjOeqbiJN |
TLSH: | 9974E7FEED8280DEDC42A4BC85B56373E3AD50547AA861CF5680378425B96F4E93730B |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........q!...O...O...O...4...O...N...O..B....O...@...O..B....O.Rich..O.........................PE..L....&zV.....................z..... |
Icon Hash: | 00928e8e8686b000 |
Entrypoint: | 0x42ffe0 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x567A26C6 [Wed Dec 23 04:44:54 2015 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 62aa572a88e25f17d15d26d7ecb13b7d |
Instruction |
---|
push ebp |
mov ebp, esp |
sub esp, 08h |
fld dword ptr [0044D308h] |
push esi |
fsub qword ptr [0044BAE8h] |
fistp qword ptr [ebp-08h] |
movzx eax, word ptr [ebp-08h] |
mov word ptr [0044D360h], ax |
fld dword ptr [0044D308h] |
fadd qword ptr [00445D50h] |
fstp dword ptr [0044D308h] |
call 00007F2E55055C6Eh |
mov cx, word ptr [0044D464h] |
movsx edx, cx |
mov eax, A9275A0Dh |
sub eax, edx |
add dword ptr [0044D41Ch], eax |
call 00007F2E55053EB2h |
movzx eax, word ptr [0044D148h] |
movsx ecx, ax |
mov dword ptr [ebp-04h], ecx |
push 00442124h |
push 0044211Ch |
fild dword ptr [ebp-04h] |
fmul qword ptr [0044D468h] |
fistp qword ptr [ebp-08h] |
movzx edx, word ptr [ebp-08h] |
mov word ptr [0044D148h], dx |
fld qword ptr [0044D468h] |
fsub qword ptr [00445D50h] |
fstp qword ptr [0044D468h] |
call 00007F2E5505401Dh |
fld dword ptr [0044D000h] |
movzx eax, word ptr [0044D144h] |
movsx ecx, ax |
sub ecx, 5E59A4D6h |
mov dword ptr [ebp-04h], ecx |
add esp, 08h |
fild dword ptr [ebp-04h] |
fsub qword ptr [0044D258h] |
fsubp st(1), st(0) |
fstp dword ptr [0044D000h] |
fld qword ptr [00000058h] |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x4baf0 | 0x50 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x4e000 | 0xc658 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x42000 | 0x11c | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x4076a | 0x40800 | 757686ffd2b3473a13f7214868c87335 | False | 0.5194290515988372 | data | 6.282613198302832 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x42000 | 0xa11e | 0xa200 | 00f389e651b558d4ce56c2c12532ab4b | False | 0.7437307098765432 | data | 6.501542072030581 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0x4d000 | 0xf7c | 0x600 | 022900d7974dbe9018ff64c0db27de13 | False | 0.716796875 | data | 5.406411759796486 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.reloc | 0x4e000 | 0xc6fc | 0xc800 | eb48425af4fe6450f92c4d0c5736331c | False | 0.66421875 | data | 6.837099023255398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
DLL | Import |
---|---|
GDI32.dll | GetMapMode, GetFontLanguageInfo, SetTextAlign, GetSystemPaletteUse, GetFontUnicodeRanges, GetNearestPaletteIndex, GetDCBrushColor, GetClipRgn, GetStretchBltMode, SetSystemPaletteUse, GetTextAlign, GetTextCharsetInfo, SetTextColor, GetTextCharset, GetBkColor, GetPolyFillMode, GetDeviceCaps, SetTextCharacterExtra |
USER32.dll | CharLowerBuffA, WindowFromDC, GetMenuItemCount, EndPaint, SetFocus, SetWindowTextA, GetCursor, GetDlgItemInt, PostMessageA, GetKeyboardType, CallWindowProcA, GetQueueStatus, CheckDlgButton, DrawTextA, GetMenuState, GetMenuCheckMarkDimensions, wvsprintfA, GetDialogBaseUnits |
KERNEL32.dll | GetProcAddress, CreateFileA, lstrlenA, HeapReAlloc, WriteFile, GetFileSize, CloseHandle, GlobalSize, GetCurrentThreadId, GetVersion, GetCurrentProcess, SizeofResource, GetModuleHandleA, IsProcessorFeaturePresent, DeleteFileA, SetFilePointer, GetStdHandle, QueryPerformanceCounter, HeapFree, GetProcessHeap, HeapAlloc, ExitProcess, SystemTimeToFileTime, GetSystemTime, IsDebuggerPresent, GetLastError, GetFileTime, GetCurrentProcessId, GetTickCount, GlobalFlags, MoveFileA, LockResource |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
07/03/24-16:25:11.482211 | TCP | 2037771 | ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst | 80 | 49710 | 34.246.200.160 | 192.168.2.9 |
07/03/24-16:25:12.587584 | UDP | 2811542 | ETPRO TROJAN Possible Tinba DGA NXDOMAIN Responses (net) | 53 | 58330 | 1.1.1.1 | 192.168.2.9 |
07/03/24-16:25:12.567884 | TCP | 2037771 | ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst | 80 | 49711 | 3.94.10.34 | 192.168.2.9 |
07/03/24-16:25:06.455531 | TCP | 2815568 | ETPRO TROJAN Terse HTTP 1.0 Request Possible Nivdort | 49706 | 80 | 192.168.2.9 | 77.247.183.155 |
07/03/24-16:26:32.618956 | TCP | 2815568 | ETPRO TROJAN Terse HTTP 1.0 Request Possible Nivdort | 53879 | 80 | 192.168.2.9 | 77.247.183.155 |
07/03/24-16:25:09.738416 | UDP | 2018316 | ET TROJAN Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses | 53 | 50077 | 1.1.1.1 | 192.168.2.9 |
07/03/24-16:25:17.978035 | TCP | 2037771 | ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst | 80 | 53875 | 44.221.84.105 | 192.168.2.9 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 16:25:06.448519945 CEST | 49706 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:25:06.454471111 CEST | 80 | 49706 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:25:06.454610109 CEST | 49706 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:25:06.455530882 CEST | 49706 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:25:06.460355997 CEST | 80 | 49706 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:25:07.076055050 CEST | 80 | 49706 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:25:07.076581001 CEST | 80 | 49706 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:25:07.076644897 CEST | 49706 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:25:07.076698065 CEST | 49706 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:25:07.081866980 CEST | 80 | 49706 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:25:07.112008095 CEST | 49707 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:25:07.118264914 CEST | 80 | 49707 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:25:07.118385077 CEST | 49707 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:25:07.118458986 CEST | 49707 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:25:07.123656034 CEST | 80 | 49707 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:25:07.779202938 CEST | 80 | 49707 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:25:07.780029058 CEST | 80 | 49707 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:25:07.780111074 CEST | 49707 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:25:07.780162096 CEST | 49707 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:25:07.787055969 CEST | 80 | 49707 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:25:08.273180962 CEST | 49708 | 80 | 192.168.2.9 | 34.205.242.146 |
Jul 3, 2024 16:25:08.278769970 CEST | 80 | 49708 | 34.205.242.146 | 192.168.2.9 |
Jul 3, 2024 16:25:08.278851986 CEST | 49708 | 80 | 192.168.2.9 | 34.205.242.146 |
Jul 3, 2024 16:25:08.285001040 CEST | 49708 | 80 | 192.168.2.9 | 34.205.242.146 |
Jul 3, 2024 16:25:08.291894913 CEST | 80 | 49708 | 34.205.242.146 | 192.168.2.9 |
Jul 3, 2024 16:25:08.759010077 CEST | 80 | 49708 | 34.205.242.146 | 192.168.2.9 |
Jul 3, 2024 16:25:08.759201050 CEST | 80 | 49708 | 34.205.242.146 | 192.168.2.9 |
Jul 3, 2024 16:25:08.759260893 CEST | 49708 | 80 | 192.168.2.9 | 34.205.242.146 |
Jul 3, 2024 16:25:08.773181915 CEST | 49708 | 80 | 192.168.2.9 | 34.205.242.146 |
Jul 3, 2024 16:25:08.777991056 CEST | 80 | 49708 | 34.205.242.146 | 192.168.2.9 |
Jul 3, 2024 16:25:09.149214983 CEST | 49709 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:09.157557011 CEST | 80 | 49709 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:09.157660961 CEST | 49709 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:09.157824039 CEST | 49709 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:09.167223930 CEST | 80 | 49709 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:09.642329931 CEST | 80 | 49709 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:09.642452955 CEST | 80 | 49709 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:09.642518997 CEST | 49709 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:09.642769098 CEST | 49709 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:09.651038885 CEST | 80 | 49709 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:10.731021881 CEST | 49710 | 80 | 192.168.2.9 | 34.246.200.160 |
Jul 3, 2024 16:25:10.736130953 CEST | 80 | 49710 | 34.246.200.160 | 192.168.2.9 |
Jul 3, 2024 16:25:10.736227989 CEST | 49710 | 80 | 192.168.2.9 | 34.246.200.160 |
Jul 3, 2024 16:25:10.736298084 CEST | 49710 | 80 | 192.168.2.9 | 34.246.200.160 |
Jul 3, 2024 16:25:10.741219044 CEST | 80 | 49710 | 34.246.200.160 | 192.168.2.9 |
Jul 3, 2024 16:25:11.482211113 CEST | 80 | 49710 | 34.246.200.160 | 192.168.2.9 |
Jul 3, 2024 16:25:11.482484102 CEST | 80 | 49710 | 34.246.200.160 | 192.168.2.9 |
Jul 3, 2024 16:25:11.482552052 CEST | 49710 | 80 | 192.168.2.9 | 34.246.200.160 |
Jul 3, 2024 16:25:11.492538929 CEST | 49710 | 80 | 192.168.2.9 | 34.246.200.160 |
Jul 3, 2024 16:25:11.497411966 CEST | 80 | 49710 | 34.246.200.160 | 192.168.2.9 |
Jul 3, 2024 16:25:12.054594040 CEST | 49711 | 80 | 192.168.2.9 | 3.94.10.34 |
Jul 3, 2024 16:25:12.059564114 CEST | 80 | 49711 | 3.94.10.34 | 192.168.2.9 |
Jul 3, 2024 16:25:12.059649944 CEST | 49711 | 80 | 192.168.2.9 | 3.94.10.34 |
Jul 3, 2024 16:25:12.059690952 CEST | 49711 | 80 | 192.168.2.9 | 3.94.10.34 |
Jul 3, 2024 16:25:12.064696074 CEST | 80 | 49711 | 3.94.10.34 | 192.168.2.9 |
Jul 3, 2024 16:25:12.567883968 CEST | 80 | 49711 | 3.94.10.34 | 192.168.2.9 |
Jul 3, 2024 16:25:12.567941904 CEST | 80 | 49711 | 3.94.10.34 | 192.168.2.9 |
Jul 3, 2024 16:25:12.568008900 CEST | 49711 | 80 | 192.168.2.9 | 3.94.10.34 |
Jul 3, 2024 16:25:12.573725939 CEST | 49711 | 80 | 192.168.2.9 | 3.94.10.34 |
Jul 3, 2024 16:25:12.578583956 CEST | 80 | 49711 | 3.94.10.34 | 192.168.2.9 |
Jul 3, 2024 16:25:12.822922945 CEST | 49712 | 80 | 192.168.2.9 | 3.64.163.50 |
Jul 3, 2024 16:25:12.827994108 CEST | 80 | 49712 | 3.64.163.50 | 192.168.2.9 |
Jul 3, 2024 16:25:12.828074932 CEST | 49712 | 80 | 192.168.2.9 | 3.64.163.50 |
Jul 3, 2024 16:25:12.828120947 CEST | 49712 | 80 | 192.168.2.9 | 3.64.163.50 |
Jul 3, 2024 16:25:12.834439993 CEST | 80 | 49712 | 3.64.163.50 | 192.168.2.9 |
Jul 3, 2024 16:25:13.460616112 CEST | 80 | 49712 | 3.64.163.50 | 192.168.2.9 |
Jul 3, 2024 16:25:13.460642099 CEST | 80 | 49712 | 3.64.163.50 | 192.168.2.9 |
Jul 3, 2024 16:25:13.460707903 CEST | 49712 | 80 | 192.168.2.9 | 3.64.163.50 |
Jul 3, 2024 16:25:13.460896015 CEST | 49712 | 80 | 192.168.2.9 | 3.64.163.50 |
Jul 3, 2024 16:25:13.466336966 CEST | 80 | 49712 | 3.64.163.50 | 192.168.2.9 |
Jul 3, 2024 16:25:15.325100899 CEST | 53874 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:15.330269098 CEST | 80 | 53874 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:15.330365896 CEST | 53874 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:15.330446959 CEST | 53874 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:15.335525990 CEST | 80 | 53874 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:15.786873102 CEST | 80 | 53874 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:15.787005901 CEST | 80 | 53874 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:15.787105083 CEST | 53874 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:15.794095039 CEST | 53874 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:25:15.799071074 CEST | 80 | 53874 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:25:17.499336958 CEST | 53875 | 80 | 192.168.2.9 | 44.221.84.105 |
Jul 3, 2024 16:25:17.504645109 CEST | 80 | 53875 | 44.221.84.105 | 192.168.2.9 |
Jul 3, 2024 16:25:17.504735947 CEST | 53875 | 80 | 192.168.2.9 | 44.221.84.105 |
Jul 3, 2024 16:25:17.504784107 CEST | 53875 | 80 | 192.168.2.9 | 44.221.84.105 |
Jul 3, 2024 16:25:17.511344910 CEST | 80 | 53875 | 44.221.84.105 | 192.168.2.9 |
Jul 3, 2024 16:25:17.978034973 CEST | 80 | 53875 | 44.221.84.105 | 192.168.2.9 |
Jul 3, 2024 16:25:17.978072882 CEST | 80 | 53875 | 44.221.84.105 | 192.168.2.9 |
Jul 3, 2024 16:25:17.978193998 CEST | 53875 | 80 | 192.168.2.9 | 44.221.84.105 |
Jul 3, 2024 16:25:17.978629112 CEST | 53875 | 80 | 192.168.2.9 | 44.221.84.105 |
Jul 3, 2024 16:25:17.983470917 CEST | 80 | 53875 | 44.221.84.105 | 192.168.2.9 |
Jul 3, 2024 16:26:32.613837004 CEST | 53879 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:26:32.618748903 CEST | 80 | 53879 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:26:32.618855000 CEST | 53879 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:26:32.618956089 CEST | 53879 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:26:32.625533104 CEST | 80 | 53879 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:26:33.227963924 CEST | 80 | 53879 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:26:33.228174925 CEST | 80 | 53879 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:26:33.228271961 CEST | 53879 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:26:33.228591919 CEST | 53879 | 80 | 192.168.2.9 | 77.247.183.155 |
Jul 3, 2024 16:26:33.233428001 CEST | 80 | 53879 | 77.247.183.155 | 192.168.2.9 |
Jul 3, 2024 16:26:34.246718884 CEST | 53880 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:26:34.255528927 CEST | 80 | 53880 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:26:34.255649090 CEST | 53880 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:26:34.255712986 CEST | 53880 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:26:34.265037060 CEST | 80 | 53880 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:26:34.914418936 CEST | 80 | 53880 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:26:34.914598942 CEST | 80 | 53880 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:26:34.914647102 CEST | 53880 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:26:34.914859056 CEST | 53880 | 80 | 192.168.2.9 | 217.70.152.246 |
Jul 3, 2024 16:26:34.919620991 CEST | 80 | 53880 | 217.70.152.246 | 192.168.2.9 |
Jul 3, 2024 16:26:42.486819983 CEST | 53881 | 80 | 192.168.2.9 | 52.86.6.113 |
Jul 3, 2024 16:26:42.491919041 CEST | 80 | 53881 | 52.86.6.113 | 192.168.2.9 |
Jul 3, 2024 16:26:42.492013931 CEST | 53881 | 80 | 192.168.2.9 | 52.86.6.113 |
Jul 3, 2024 16:26:42.496309996 CEST | 53881 | 80 | 192.168.2.9 | 52.86.6.113 |
Jul 3, 2024 16:26:42.501102924 CEST | 80 | 53881 | 52.86.6.113 | 192.168.2.9 |
Jul 3, 2024 16:26:42.972558022 CEST | 80 | 53881 | 52.86.6.113 | 192.168.2.9 |
Jul 3, 2024 16:26:42.972701073 CEST | 80 | 53881 | 52.86.6.113 | 192.168.2.9 |
Jul 3, 2024 16:26:42.972754955 CEST | 53881 | 80 | 192.168.2.9 | 52.86.6.113 |
Jul 3, 2024 16:26:42.973334074 CEST | 53881 | 80 | 192.168.2.9 | 52.86.6.113 |
Jul 3, 2024 16:26:42.978101015 CEST | 80 | 53881 | 52.86.6.113 | 192.168.2.9 |
Jul 3, 2024 16:26:49.159224033 CEST | 53882 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:26:49.164132118 CEST | 80 | 53882 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:26:49.164222956 CEST | 53882 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:26:49.164278030 CEST | 53882 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:26:49.169249058 CEST | 80 | 53882 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:26:49.620973110 CEST | 80 | 53882 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:26:49.621031046 CEST | 80 | 53882 | 15.197.192.55 | 192.168.2.9 |
Jul 3, 2024 16:26:49.621144056 CEST | 53882 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:26:49.621931076 CEST | 53882 | 80 | 192.168.2.9 | 15.197.192.55 |
Jul 3, 2024 16:26:49.626738071 CEST | 80 | 53882 | 15.197.192.55 | 192.168.2.9 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 16:25:06.217000961 CEST | 51193 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:06.253391027 CEST | 53 | 51193 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:06.255976915 CEST | 58917 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:06.285578966 CEST | 53 | 58917 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:06.287954092 CEST | 56733 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:06.305331945 CEST | 53 | 56733 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:06.307213068 CEST | 65288 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:06.319344044 CEST | 53 | 65288 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:06.321113110 CEST | 52448 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:06.445929050 CEST | 53 | 52448 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:07.078269005 CEST | 64687 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:07.111421108 CEST | 53 | 64687 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:07.781563044 CEST | 54488 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:07.792998075 CEST | 53 | 54488 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:07.794714928 CEST | 64405 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:07.806257010 CEST | 53 | 64405 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:07.807764053 CEST | 54308 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:07.842143059 CEST | 53 | 54308 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:07.843740940 CEST | 53776 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:07.857767105 CEST | 53 | 53776 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:07.861346006 CEST | 58093 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.049510956 CEST | 53 | 58093 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.051444054 CEST | 65035 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.062391043 CEST | 53 | 65035 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.063879013 CEST | 53514 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.258346081 CEST | 53 | 53514 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.807595015 CEST | 51464 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.844233036 CEST | 53 | 51464 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.913894892 CEST | 55637 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.925051928 CEST | 53 | 55637 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.929974079 CEST | 51299 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.947102070 CEST | 53 | 51299 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.952191114 CEST | 62383 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:08.984375000 CEST | 53 | 62383 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:08.986469984 CEST | 57142 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.020395994 CEST | 53 | 57142 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.024749041 CEST | 60461 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.148452044 CEST | 53 | 60461 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.644687891 CEST | 60417 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.665468931 CEST | 53 | 60417 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.667761087 CEST | 55691 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.679419994 CEST | 53 | 55691 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.681488991 CEST | 62942 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.697419882 CEST | 53 | 62942 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.699515104 CEST | 50077 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.738415956 CEST | 53 | 50077 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.740232944 CEST | 51750 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.757539034 CEST | 53 | 51750 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.759135008 CEST | 50118 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.780802965 CEST | 53 | 50118 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.782394886 CEST | 63445 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.799432993 CEST | 53 | 63445 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.801340103 CEST | 54934 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.813807964 CEST | 53 | 54934 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.815536022 CEST | 58278 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.830101013 CEST | 53 | 58278 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.831847906 CEST | 60685 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.846332073 CEST | 53 | 60685 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.848022938 CEST | 59056 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.862040997 CEST | 53 | 59056 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.864439011 CEST | 57678 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.876540899 CEST | 53 | 57678 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.880649090 CEST | 57561 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.918864965 CEST | 53 | 57561 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.922848940 CEST | 52689 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.964055061 CEST | 53 | 52689 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.966681957 CEST | 51758 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.980309963 CEST | 53 | 51758 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.982611895 CEST | 53870 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:09.993161917 CEST | 53 | 53870 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:09.994848013 CEST | 61242 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.027920961 CEST | 53 | 61242 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.029675961 CEST | 54789 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.040844917 CEST | 53 | 54789 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.045243025 CEST | 64225 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.077879906 CEST | 53 | 64225 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.079641104 CEST | 56476 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.243143082 CEST | 53 | 56476 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.244896889 CEST | 63756 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.256942034 CEST | 53 | 63756 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.258711100 CEST | 57269 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.269422054 CEST | 53 | 57269 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.281012058 CEST | 51143 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.291575909 CEST | 53 | 51143 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.293252945 CEST | 65189 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.311326981 CEST | 53 | 65189 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.312783003 CEST | 52724 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.324012041 CEST | 53 | 52724 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.325551987 CEST | 51339 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.358690977 CEST | 53 | 51339 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.360167027 CEST | 53070 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.393872976 CEST | 53 | 53070 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.395510912 CEST | 61046 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.405354023 CEST | 53 | 61046 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.406749964 CEST | 56648 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.438163042 CEST | 53 | 56648 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.439693928 CEST | 54636 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.453008890 CEST | 53 | 54636 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.454468012 CEST | 55600 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.465358973 CEST | 53 | 55600 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.466686010 CEST | 54004 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.501131058 CEST | 53 | 54004 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:10.502859116 CEST | 50823 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:10.730304956 CEST | 53 | 50823 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:11.530448914 CEST | 60919 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:11.540745974 CEST | 53 | 60919 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:11.569191933 CEST | 52749 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:11.579854012 CEST | 53 | 52749 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:11.618916035 CEST | 51527 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:11.636565924 CEST | 53 | 51527 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:11.639703035 CEST | 64255 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:11.650479078 CEST | 53 | 64255 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:11.712887049 CEST | 63192 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.053702116 CEST | 53 | 63192 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.576009035 CEST | 58330 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.587584019 CEST | 53 | 58330 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.589158058 CEST | 49937 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.600172043 CEST | 53 | 49937 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.601869106 CEST | 64186 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.637597084 CEST | 53 | 64186 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.639400959 CEST | 57024 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.652065039 CEST | 53 | 57024 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.653964996 CEST | 52482 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.667777061 CEST | 53 | 52482 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.669609070 CEST | 56721 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.702280045 CEST | 53 | 56721 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.704051018 CEST | 58364 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.716181993 CEST | 53 | 58364 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.720786095 CEST | 51892 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.734568119 CEST | 53 | 51892 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.736274958 CEST | 51189 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.750417948 CEST | 53 | 51189 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.752372026 CEST | 56481 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.765538931 CEST | 53 | 56481 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.767224073 CEST | 52058 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.780000925 CEST | 53 | 52058 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.781418085 CEST | 58875 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.793025017 CEST | 53 | 58875 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.794683933 CEST | 61760 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.806241035 CEST | 53 | 61760 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:12.807657957 CEST | 53197 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:12.822397947 CEST | 53 | 53197 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.462414980 CEST | 64344 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.473468065 CEST | 53 | 64344 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.475157976 CEST | 56269 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.488861084 CEST | 53 | 56269 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.492074966 CEST | 49734 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.502465963 CEST | 53 | 49734 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.504336119 CEST | 57202 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.517487049 CEST | 53 | 57202 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.519438028 CEST | 60669 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.530690908 CEST | 53 | 60669 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.532404900 CEST | 62029 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.544446945 CEST | 53 | 62029 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.546211958 CEST | 55223 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.557400942 CEST | 53 | 55223 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.559139967 CEST | 57162 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.800492048 CEST | 53 | 57162 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.802373886 CEST | 52037 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.813149929 CEST | 53 | 52037 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.814699888 CEST | 55444 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:13.987874031 CEST | 53 | 55444 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:13.989948988 CEST | 54139 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.001894951 CEST | 53 | 54139 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.003647089 CEST | 52163 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.039594889 CEST | 53 | 52163 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.041743040 CEST | 58773 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.055284977 CEST | 53 | 58773 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.068718910 CEST | 57987 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.080569983 CEST | 53 | 57987 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.082515001 CEST | 62699 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.093898058 CEST | 53 | 62699 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.095719099 CEST | 63759 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.107194901 CEST | 53 | 63759 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.108876944 CEST | 63484 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.122409105 CEST | 53 | 63484 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.124260902 CEST | 54122 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.138154984 CEST | 53 | 54122 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.139921904 CEST | 49843 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.151803970 CEST | 53 | 49843 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.153696060 CEST | 52303 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.186995983 CEST | 53 | 52303 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.189006090 CEST | 56527 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.350353956 CEST | 53 | 56527 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.352312088 CEST | 61241 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.363970995 CEST | 53 | 61241 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.365633965 CEST | 54151 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.374886990 CEST | 53 | 54151 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.376816988 CEST | 55951 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.410768986 CEST | 53 | 55951 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.422595024 CEST | 60689 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.454862118 CEST | 53 | 60689 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.456782103 CEST | 54079 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.488595009 CEST | 53 | 54079 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.490642071 CEST | 59879 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.501802921 CEST | 53 | 59879 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.503514051 CEST | 60622 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.535294056 CEST | 53 | 60622 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.536942005 CEST | 53843 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.548598051 CEST | 53 | 53843 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:14.550395012 CEST | 55643 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:14.559921026 CEST | 53 | 55643 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.055119991 CEST | 61993 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.093847036 CEST | 53 | 61993 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.096117020 CEST | 63780 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.130868912 CEST | 53 | 63780 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.132668972 CEST | 55373 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.324371099 CEST | 53 | 55373 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.795618057 CEST | 50775 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.829595089 CEST | 53 | 50775 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.831445932 CEST | 56190 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.846520901 CEST | 53 | 56190 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.848093987 CEST | 61615 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.863198996 CEST | 53 | 61615 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.864875078 CEST | 60176 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.875050068 CEST | 53 | 60176 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.876702070 CEST | 54697 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.890347004 CEST | 53 | 54697 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.891978979 CEST | 55856 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.903541088 CEST | 53 | 55856 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.905280113 CEST | 63591 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.941421032 CEST | 53 | 63591 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.943315983 CEST | 53828 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.956147909 CEST | 53 | 53828 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.958231926 CEST | 58444 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:15.988923073 CEST | 53 | 58444 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:15.991522074 CEST | 61778 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.002913952 CEST | 53 | 61778 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.005408049 CEST | 59747 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.026571989 CEST | 53 | 59747 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.028386116 CEST | 56463 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.068541050 CEST | 53 | 56463 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.070343018 CEST | 59907 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.081854105 CEST | 53 | 59907 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.083476067 CEST | 52868 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.119196892 CEST | 53 | 52868 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.120918989 CEST | 50677 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.130873919 CEST | 53 | 50677 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.182214975 CEST | 58703 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.219600916 CEST | 53 | 58703 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.221627951 CEST | 54582 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.240552902 CEST | 53 | 54582 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.260178089 CEST | 49694 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.300692081 CEST | 53 | 49694 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.330029011 CEST | 53324 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.342495918 CEST | 53 | 53324 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.348500013 CEST | 61950 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.387286901 CEST | 53 | 61950 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.483491898 CEST | 50628 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.644709110 CEST | 53 | 50628 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.763927937 CEST | 57983 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.776568890 CEST | 53 | 57983 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.785393953 CEST | 49527 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.802715063 CEST | 53 | 49527 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.863065958 CEST | 49790 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.876898050 CEST | 53 | 49790 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.885308981 CEST | 49875 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.897619963 CEST | 53 | 49875 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.899547100 CEST | 51343 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.962017059 CEST | 53 | 51343 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.963870049 CEST | 54244 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.976881027 CEST | 53 | 54244 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.979355097 CEST | 62035 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:16.994211912 CEST | 53 | 62035 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:16.996009111 CEST | 61790 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.031486988 CEST | 53 | 61790 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.033920050 CEST | 63668 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.045923948 CEST | 53 | 63668 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.047750950 CEST | 54485 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.080251932 CEST | 53 | 54485 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.082130909 CEST | 60667 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.115845919 CEST | 53 | 60667 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.117583036 CEST | 54421 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.158632994 CEST | 53 | 54421 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.160420895 CEST | 57888 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.175389051 CEST | 53 | 57888 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.177962065 CEST | 54759 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.194595098 CEST | 53 | 54759 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.196516037 CEST | 52672 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.215374947 CEST | 53 | 52672 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.217164040 CEST | 62682 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.257915020 CEST | 53 | 62682 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.259691000 CEST | 53823 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.297178984 CEST | 53 | 53823 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.299428940 CEST | 57618 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.492176056 CEST | 53 | 57618 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.980318069 CEST | 58336 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:17.992765903 CEST | 53 | 58336 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:17.994839907 CEST | 53577 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.031923056 CEST | 53 | 53577 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.034437895 CEST | 63885 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.044241905 CEST | 53 | 63885 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.046109915 CEST | 58170 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.057113886 CEST | 53 | 58170 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.059003115 CEST | 57244 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.070384026 CEST | 53 | 57244 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.071858883 CEST | 57774 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.082859993 CEST | 53 | 57774 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.084405899 CEST | 64703 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.096426964 CEST | 53 | 64703 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.098229885 CEST | 50782 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.109922886 CEST | 53 | 50782 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.112164021 CEST | 50801 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.123245001 CEST | 53 | 50801 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.124867916 CEST | 56093 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.167887926 CEST | 53 | 56093 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.169692993 CEST | 56411 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.211970091 CEST | 53 | 56411 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.213799000 CEST | 59145 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.224261045 CEST | 53 | 59145 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.236237049 CEST | 60738 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.246360064 CEST | 53 | 60738 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.247910976 CEST | 54553 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.258451939 CEST | 53 | 54553 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.260085106 CEST | 49749 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.271354914 CEST | 53 | 49749 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.272860050 CEST | 51027 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.283926964 CEST | 53 | 51027 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.285468102 CEST | 51278 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.296581984 CEST | 53 | 51278 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.298077106 CEST | 49587 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.329875946 CEST | 53 | 49587 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.331574917 CEST | 53691 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.368216038 CEST | 53 | 53691 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.369960070 CEST | 60386 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.382544994 CEST | 53 | 60386 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.384216070 CEST | 62270 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.417275906 CEST | 53 | 62270 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.419152021 CEST | 51032 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.429472923 CEST | 53 | 51032 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.430969954 CEST | 63804 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.441572905 CEST | 53 | 63804 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.442953110 CEST | 51890 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.475796938 CEST | 53 | 51890 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.477493048 CEST | 63025 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.510767937 CEST | 53 | 63025 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.512526989 CEST | 64134 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.523902893 CEST | 53 | 64134 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:25:18.529915094 CEST | 64124 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:25:18.564040899 CEST | 53 | 64124 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:29.516648054 CEST | 57428 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:29.530050993 CEST | 53 | 57428 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:30.534249067 CEST | 63371 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:30.569996119 CEST | 53 | 63371 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:31.583745956 CEST | 63089 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:31.594618082 CEST | 53 | 63089 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:35.924891949 CEST | 61139 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:35.940006018 CEST | 53 | 61139 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:36.993959904 CEST | 57922 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:37.033535957 CEST | 53 | 57922 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:38.086585045 CEST | 61765 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:38.099987030 CEST | 53 | 61765 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:39.112385988 CEST | 61642 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:39.125189066 CEST | 53 | 61642 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:40.128107071 CEST | 53462 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:40.138305902 CEST | 53 | 53462 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:41.145780087 CEST | 54884 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:41.158582926 CEST | 53 | 54884 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:42.174659967 CEST | 57132 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:42.421264887 CEST | 53 | 57132 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:43.987900019 CEST | 60279 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:44.020303965 CEST | 53 | 60279 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:45.034394979 CEST | 55475 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:45.067116976 CEST | 53 | 55475 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:46.081134081 CEST | 60595 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:46.113507032 CEST | 53 | 60595 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:47.127976894 CEST | 58726 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:47.138248920 CEST | 53 | 58726 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:48.143599033 CEST | 60239 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:48.154412985 CEST | 53 | 60239 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:50.628057003 CEST | 51795 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:50.639619112 CEST | 53 | 51795 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:51.643558979 CEST | 53647 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:51.682506084 CEST | 53 | 53647 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:52.691670895 CEST | 62992 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:52.708215952 CEST | 53 | 62992 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:53.723493099 CEST | 55938 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:53.734694004 CEST | 53 | 55938 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:54.737531900 CEST | 49245 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:54.771321058 CEST | 53 | 49245 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:55.784651041 CEST | 60835 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:55.797661066 CEST | 53 | 60835 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:56.815742970 CEST | 51604 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:56.829003096 CEST | 53 | 51604 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:57.846931934 CEST | 51585 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:57.858639002 CEST | 53 | 51585 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:58.862442017 CEST | 56359 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:58.895886898 CEST | 53 | 56359 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:26:59.909460068 CEST | 64396 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:26:59.922218084 CEST | 53 | 64396 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:00.925097942 CEST | 62540 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:00.936748028 CEST | 53 | 62540 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:01.987734079 CEST | 62067 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:02.000338078 CEST | 53 | 62067 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:03.034455061 CEST | 54120 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:03.046812057 CEST | 53 | 54120 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:04.049820900 CEST | 50812 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:04.060755014 CEST | 53 | 50812 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:05.037502050 CEST | 54576 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:05.272229910 CEST | 53 | 54576 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:06.222018957 CEST | 52504 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:06.464262962 CEST | 53 | 52504 | 1.1.1.1 | 192.168.2.9 |
Jul 3, 2024 16:27:07.472749949 CEST | 64135 | 53 | 192.168.2.9 | 1.1.1.1 |
Jul 3, 2024 16:27:07.503686905 CEST | 53 | 64135 | 1.1.1.1 | 192.168.2.9 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 16:25:06.217000961 CEST | 192.168.2.9 | 1.1.1.1 | 0x1243 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.255976915 CEST | 192.168.2.9 | 1.1.1.1 | 0x7b89 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.287954092 CEST | 192.168.2.9 | 1.1.1.1 | 0x20d6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.307213068 CEST | 192.168.2.9 | 1.1.1.1 | 0x946 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.321113110 CEST | 192.168.2.9 | 1.1.1.1 | 0x449a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.078269005 CEST | 192.168.2.9 | 1.1.1.1 | 0xeb0d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.781563044 CEST | 192.168.2.9 | 1.1.1.1 | 0xda3d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.794714928 CEST | 192.168.2.9 | 1.1.1.1 | 0xa7d0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.807764053 CEST | 192.168.2.9 | 1.1.1.1 | 0x7e4d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.843740940 CEST | 192.168.2.9 | 1.1.1.1 | 0xb2d6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.861346006 CEST | 192.168.2.9 | 1.1.1.1 | 0x5282 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.051444054 CEST | 192.168.2.9 | 1.1.1.1 | 0x21e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.063879013 CEST | 192.168.2.9 | 1.1.1.1 | 0x1213 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.807595015 CEST | 192.168.2.9 | 1.1.1.1 | 0x484f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.913894892 CEST | 192.168.2.9 | 1.1.1.1 | 0x8c2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.929974079 CEST | 192.168.2.9 | 1.1.1.1 | 0x603e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.952191114 CEST | 192.168.2.9 | 1.1.1.1 | 0xc971 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.986469984 CEST | 192.168.2.9 | 1.1.1.1 | 0x7e40 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.024749041 CEST | 192.168.2.9 | 1.1.1.1 | 0xf34f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.644687891 CEST | 192.168.2.9 | 1.1.1.1 | 0x806a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.667761087 CEST | 192.168.2.9 | 1.1.1.1 | 0x8c54 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.681488991 CEST | 192.168.2.9 | 1.1.1.1 | 0xab7a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.699515104 CEST | 192.168.2.9 | 1.1.1.1 | 0x460 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.740232944 CEST | 192.168.2.9 | 1.1.1.1 | 0x5258 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.759135008 CEST | 192.168.2.9 | 1.1.1.1 | 0xed05 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.782394886 CEST | 192.168.2.9 | 1.1.1.1 | 0x7523 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.801340103 CEST | 192.168.2.9 | 1.1.1.1 | 0xd603 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.815536022 CEST | 192.168.2.9 | 1.1.1.1 | 0xc6b9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.831847906 CEST | 192.168.2.9 | 1.1.1.1 | 0x89ba | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.848022938 CEST | 192.168.2.9 | 1.1.1.1 | 0xe4e9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.864439011 CEST | 192.168.2.9 | 1.1.1.1 | 0x252 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.880649090 CEST | 192.168.2.9 | 1.1.1.1 | 0xc635 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.922848940 CEST | 192.168.2.9 | 1.1.1.1 | 0xac1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.966681957 CEST | 192.168.2.9 | 1.1.1.1 | 0xa272 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.982611895 CEST | 192.168.2.9 | 1.1.1.1 | 0xf2c6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.994848013 CEST | 192.168.2.9 | 1.1.1.1 | 0x6e7d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.029675961 CEST | 192.168.2.9 | 1.1.1.1 | 0x9a85 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.045243025 CEST | 192.168.2.9 | 1.1.1.1 | 0x94ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.079641104 CEST | 192.168.2.9 | 1.1.1.1 | 0x57c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.244896889 CEST | 192.168.2.9 | 1.1.1.1 | 0xf6e4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.258711100 CEST | 192.168.2.9 | 1.1.1.1 | 0x665f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.281012058 CEST | 192.168.2.9 | 1.1.1.1 | 0xc588 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.293252945 CEST | 192.168.2.9 | 1.1.1.1 | 0x1525 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.312783003 CEST | 192.168.2.9 | 1.1.1.1 | 0x122 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.325551987 CEST | 192.168.2.9 | 1.1.1.1 | 0xaf50 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.360167027 CEST | 192.168.2.9 | 1.1.1.1 | 0xdfac | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.395510912 CEST | 192.168.2.9 | 1.1.1.1 | 0xa368 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.406749964 CEST | 192.168.2.9 | 1.1.1.1 | 0x338 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.439693928 CEST | 192.168.2.9 | 1.1.1.1 | 0xd126 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.454468012 CEST | 192.168.2.9 | 1.1.1.1 | 0xa3cf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.466686010 CEST | 192.168.2.9 | 1.1.1.1 | 0xab27 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.502859116 CEST | 192.168.2.9 | 1.1.1.1 | 0x3b41 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.530448914 CEST | 192.168.2.9 | 1.1.1.1 | 0xbb14 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.569191933 CEST | 192.168.2.9 | 1.1.1.1 | 0x9b66 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.618916035 CEST | 192.168.2.9 | 1.1.1.1 | 0x9559 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.639703035 CEST | 192.168.2.9 | 1.1.1.1 | 0x6d08 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.712887049 CEST | 192.168.2.9 | 1.1.1.1 | 0x55c2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.576009035 CEST | 192.168.2.9 | 1.1.1.1 | 0xdf6b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.589158058 CEST | 192.168.2.9 | 1.1.1.1 | 0x6a14 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.601869106 CEST | 192.168.2.9 | 1.1.1.1 | 0xd8b4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.639400959 CEST | 192.168.2.9 | 1.1.1.1 | 0xdd06 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.653964996 CEST | 192.168.2.9 | 1.1.1.1 | 0x3513 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.669609070 CEST | 192.168.2.9 | 1.1.1.1 | 0x5a22 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.704051018 CEST | 192.168.2.9 | 1.1.1.1 | 0xe9b3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.720786095 CEST | 192.168.2.9 | 1.1.1.1 | 0x8e5e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.736274958 CEST | 192.168.2.9 | 1.1.1.1 | 0x9ae9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.752372026 CEST | 192.168.2.9 | 1.1.1.1 | 0x502f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.767224073 CEST | 192.168.2.9 | 1.1.1.1 | 0x7178 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.781418085 CEST | 192.168.2.9 | 1.1.1.1 | 0x826a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.794683933 CEST | 192.168.2.9 | 1.1.1.1 | 0xc3d5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.807657957 CEST | 192.168.2.9 | 1.1.1.1 | 0xf0e3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.462414980 CEST | 192.168.2.9 | 1.1.1.1 | 0xd626 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.475157976 CEST | 192.168.2.9 | 1.1.1.1 | 0xd953 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.492074966 CEST | 192.168.2.9 | 1.1.1.1 | 0xc3a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.504336119 CEST | 192.168.2.9 | 1.1.1.1 | 0x997d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.519438028 CEST | 192.168.2.9 | 1.1.1.1 | 0x69a5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.532404900 CEST | 192.168.2.9 | 1.1.1.1 | 0x26ce | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.546211958 CEST | 192.168.2.9 | 1.1.1.1 | 0x6da1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.559139967 CEST | 192.168.2.9 | 1.1.1.1 | 0xf1e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.802373886 CEST | 192.168.2.9 | 1.1.1.1 | 0x6429 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.814699888 CEST | 192.168.2.9 | 1.1.1.1 | 0x3867 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.989948988 CEST | 192.168.2.9 | 1.1.1.1 | 0x1cbb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.003647089 CEST | 192.168.2.9 | 1.1.1.1 | 0x63ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.041743040 CEST | 192.168.2.9 | 1.1.1.1 | 0x6db5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.068718910 CEST | 192.168.2.9 | 1.1.1.1 | 0x3f4e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.082515001 CEST | 192.168.2.9 | 1.1.1.1 | 0xd820 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.095719099 CEST | 192.168.2.9 | 1.1.1.1 | 0x8fbb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.108876944 CEST | 192.168.2.9 | 1.1.1.1 | 0xb0d2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.124260902 CEST | 192.168.2.9 | 1.1.1.1 | 0x1fff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.139921904 CEST | 192.168.2.9 | 1.1.1.1 | 0x57e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.153696060 CEST | 192.168.2.9 | 1.1.1.1 | 0x1189 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.189006090 CEST | 192.168.2.9 | 1.1.1.1 | 0xd95c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.352312088 CEST | 192.168.2.9 | 1.1.1.1 | 0x104d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.365633965 CEST | 192.168.2.9 | 1.1.1.1 | 0x7174 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.376816988 CEST | 192.168.2.9 | 1.1.1.1 | 0xd10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.422595024 CEST | 192.168.2.9 | 1.1.1.1 | 0x46f0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.456782103 CEST | 192.168.2.9 | 1.1.1.1 | 0xa137 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.490642071 CEST | 192.168.2.9 | 1.1.1.1 | 0xa79a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.503514051 CEST | 192.168.2.9 | 1.1.1.1 | 0x3483 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.536942005 CEST | 192.168.2.9 | 1.1.1.1 | 0xefeb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.550395012 CEST | 192.168.2.9 | 1.1.1.1 | 0x95ac | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.055119991 CEST | 192.168.2.9 | 1.1.1.1 | 0x423 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.096117020 CEST | 192.168.2.9 | 1.1.1.1 | 0x9c4a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.132668972 CEST | 192.168.2.9 | 1.1.1.1 | 0xef54 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.795618057 CEST | 192.168.2.9 | 1.1.1.1 | 0x2c22 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.831445932 CEST | 192.168.2.9 | 1.1.1.1 | 0x7652 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.848093987 CEST | 192.168.2.9 | 1.1.1.1 | 0x3478 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.864875078 CEST | 192.168.2.9 | 1.1.1.1 | 0x2891 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.876702070 CEST | 192.168.2.9 | 1.1.1.1 | 0x777f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.891978979 CEST | 192.168.2.9 | 1.1.1.1 | 0x2f8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.905280113 CEST | 192.168.2.9 | 1.1.1.1 | 0xfa18 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.943315983 CEST | 192.168.2.9 | 1.1.1.1 | 0x2869 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.958231926 CEST | 192.168.2.9 | 1.1.1.1 | 0x6865 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.991522074 CEST | 192.168.2.9 | 1.1.1.1 | 0x4130 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.005408049 CEST | 192.168.2.9 | 1.1.1.1 | 0x34a3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.028386116 CEST | 192.168.2.9 | 1.1.1.1 | 0xfcd2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.070343018 CEST | 192.168.2.9 | 1.1.1.1 | 0x5db6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.083476067 CEST | 192.168.2.9 | 1.1.1.1 | 0x1350 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.120918989 CEST | 192.168.2.9 | 1.1.1.1 | 0xfb6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.182214975 CEST | 192.168.2.9 | 1.1.1.1 | 0x491d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.221627951 CEST | 192.168.2.9 | 1.1.1.1 | 0x21e0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.260178089 CEST | 192.168.2.9 | 1.1.1.1 | 0x19e9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.330029011 CEST | 192.168.2.9 | 1.1.1.1 | 0x897f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.348500013 CEST | 192.168.2.9 | 1.1.1.1 | 0x2955 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.483491898 CEST | 192.168.2.9 | 1.1.1.1 | 0xb06e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.763927937 CEST | 192.168.2.9 | 1.1.1.1 | 0xd243 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.785393953 CEST | 192.168.2.9 | 1.1.1.1 | 0xdcab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.863065958 CEST | 192.168.2.9 | 1.1.1.1 | 0xa221 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.885308981 CEST | 192.168.2.9 | 1.1.1.1 | 0xebf8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.899547100 CEST | 192.168.2.9 | 1.1.1.1 | 0x547c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.963870049 CEST | 192.168.2.9 | 1.1.1.1 | 0x3fb2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.979355097 CEST | 192.168.2.9 | 1.1.1.1 | 0x70a3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.996009111 CEST | 192.168.2.9 | 1.1.1.1 | 0x1baf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.033920050 CEST | 192.168.2.9 | 1.1.1.1 | 0xbf9d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.047750950 CEST | 192.168.2.9 | 1.1.1.1 | 0x9d7a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.082130909 CEST | 192.168.2.9 | 1.1.1.1 | 0x10e8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.117583036 CEST | 192.168.2.9 | 1.1.1.1 | 0x1e3e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.160420895 CEST | 192.168.2.9 | 1.1.1.1 | 0x78d8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.177962065 CEST | 192.168.2.9 | 1.1.1.1 | 0xc50f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.196516037 CEST | 192.168.2.9 | 1.1.1.1 | 0xdc32 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.217164040 CEST | 192.168.2.9 | 1.1.1.1 | 0x669d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.259691000 CEST | 192.168.2.9 | 1.1.1.1 | 0xba62 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.299428940 CEST | 192.168.2.9 | 1.1.1.1 | 0x6719 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.980318069 CEST | 192.168.2.9 | 1.1.1.1 | 0xa3a7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.994839907 CEST | 192.168.2.9 | 1.1.1.1 | 0xe36d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.034437895 CEST | 192.168.2.9 | 1.1.1.1 | 0x5a0a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.046109915 CEST | 192.168.2.9 | 1.1.1.1 | 0x334 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.059003115 CEST | 192.168.2.9 | 1.1.1.1 | 0xce4d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.071858883 CEST | 192.168.2.9 | 1.1.1.1 | 0xa396 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.084405899 CEST | 192.168.2.9 | 1.1.1.1 | 0x69dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.098229885 CEST | 192.168.2.9 | 1.1.1.1 | 0xf4b2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.112164021 CEST | 192.168.2.9 | 1.1.1.1 | 0xb7ba | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.124867916 CEST | 192.168.2.9 | 1.1.1.1 | 0xdce7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.169692993 CEST | 192.168.2.9 | 1.1.1.1 | 0x1842 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.213799000 CEST | 192.168.2.9 | 1.1.1.1 | 0x8aff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.236237049 CEST | 192.168.2.9 | 1.1.1.1 | 0xaa37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.247910976 CEST | 192.168.2.9 | 1.1.1.1 | 0x473 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.260085106 CEST | 192.168.2.9 | 1.1.1.1 | 0x1f4c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.272860050 CEST | 192.168.2.9 | 1.1.1.1 | 0x74cb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.285468102 CEST | 192.168.2.9 | 1.1.1.1 | 0xbd7e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.298077106 CEST | 192.168.2.9 | 1.1.1.1 | 0xf8e4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.331574917 CEST | 192.168.2.9 | 1.1.1.1 | 0xb7a8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.369960070 CEST | 192.168.2.9 | 1.1.1.1 | 0x15f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.384216070 CEST | 192.168.2.9 | 1.1.1.1 | 0xb772 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.419152021 CEST | 192.168.2.9 | 1.1.1.1 | 0x9372 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.430969954 CEST | 192.168.2.9 | 1.1.1.1 | 0xedc1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.442953110 CEST | 192.168.2.9 | 1.1.1.1 | 0x9cfc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.477493048 CEST | 192.168.2.9 | 1.1.1.1 | 0x90db | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.512526989 CEST | 192.168.2.9 | 1.1.1.1 | 0x7a03 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.529915094 CEST | 192.168.2.9 | 1.1.1.1 | 0xbf0e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:29.516648054 CEST | 192.168.2.9 | 1.1.1.1 | 0x9e14 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:30.534249067 CEST | 192.168.2.9 | 1.1.1.1 | 0xac53 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:31.583745956 CEST | 192.168.2.9 | 1.1.1.1 | 0x6f56 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:35.924891949 CEST | 192.168.2.9 | 1.1.1.1 | 0x5dd6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:36.993959904 CEST | 192.168.2.9 | 1.1.1.1 | 0xb805 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:38.086585045 CEST | 192.168.2.9 | 1.1.1.1 | 0xfffc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:39.112385988 CEST | 192.168.2.9 | 1.1.1.1 | 0xae7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:40.128107071 CEST | 192.168.2.9 | 1.1.1.1 | 0x4dc5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:41.145780087 CEST | 192.168.2.9 | 1.1.1.1 | 0x6f80 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:42.174659967 CEST | 192.168.2.9 | 1.1.1.1 | 0xd016 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:43.987900019 CEST | 192.168.2.9 | 1.1.1.1 | 0xb195 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:45.034394979 CEST | 192.168.2.9 | 1.1.1.1 | 0xc154 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:46.081134081 CEST | 192.168.2.9 | 1.1.1.1 | 0x2b81 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:47.127976894 CEST | 192.168.2.9 | 1.1.1.1 | 0x6ec6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:48.143599033 CEST | 192.168.2.9 | 1.1.1.1 | 0x54bf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:50.628057003 CEST | 192.168.2.9 | 1.1.1.1 | 0x73ea | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:51.643558979 CEST | 192.168.2.9 | 1.1.1.1 | 0x402c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:52.691670895 CEST | 192.168.2.9 | 1.1.1.1 | 0x8f93 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:53.723493099 CEST | 192.168.2.9 | 1.1.1.1 | 0x16a5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:54.737531900 CEST | 192.168.2.9 | 1.1.1.1 | 0x18ec | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:55.784651041 CEST | 192.168.2.9 | 1.1.1.1 | 0x35dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:56.815742970 CEST | 192.168.2.9 | 1.1.1.1 | 0x9a4c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:57.846931934 CEST | 192.168.2.9 | 1.1.1.1 | 0x120c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:58.862442017 CEST | 192.168.2.9 | 1.1.1.1 | 0x8916 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:59.909460068 CEST | 192.168.2.9 | 1.1.1.1 | 0xac02 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:00.925097942 CEST | 192.168.2.9 | 1.1.1.1 | 0xc8f7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:01.987734079 CEST | 192.168.2.9 | 1.1.1.1 | 0x2520 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:03.034455061 CEST | 192.168.2.9 | 1.1.1.1 | 0xbf72 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:04.049820900 CEST | 192.168.2.9 | 1.1.1.1 | 0xb18a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:05.037502050 CEST | 192.168.2.9 | 1.1.1.1 | 0xe9e8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:06.222018957 CEST | 192.168.2.9 | 1.1.1.1 | 0x206d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:07.472749949 CEST | 192.168.2.9 | 1.1.1.1 | 0x24ee | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 16:25:06.253391027 CEST | 1.1.1.1 | 192.168.2.9 | 0x1243 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.285578966 CEST | 1.1.1.1 | 192.168.2.9 | 0x7b89 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.305331945 CEST | 1.1.1.1 | 192.168.2.9 | 0x20d6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.319344044 CEST | 1.1.1.1 | 192.168.2.9 | 0x946 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:06.445929050 CEST | 1.1.1.1 | 192.168.2.9 | 0x449a | No error (0) | 77.247.183.155 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:07.111421108 CEST | 1.1.1.1 | 192.168.2.9 | 0xeb0d | No error (0) | 217.70.152.246 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:07.792998075 CEST | 1.1.1.1 | 192.168.2.9 | 0xda3d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.806257010 CEST | 1.1.1.1 | 192.168.2.9 | 0xa7d0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.842143059 CEST | 1.1.1.1 | 192.168.2.9 | 0x7e4d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:07.857767105 CEST | 1.1.1.1 | 192.168.2.9 | 0xb2d6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.049510956 CEST | 1.1.1.1 | 192.168.2.9 | 0x5282 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.062391043 CEST | 1.1.1.1 | 192.168.2.9 | 0x21e6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.258346081 CEST | 1.1.1.1 | 192.168.2.9 | 0x1213 | No error (0) | traff-5.hugedomains.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:08.258346081 CEST | 1.1.1.1 | 192.168.2.9 | 0x1213 | No error (0) | hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:08.258346081 CEST | 1.1.1.1 | 192.168.2.9 | 0x1213 | No error (0) | 34.205.242.146 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:08.258346081 CEST | 1.1.1.1 | 192.168.2.9 | 0x1213 | No error (0) | 54.161.222.85 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:08.844233036 CEST | 1.1.1.1 | 192.168.2.9 | 0x484f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.925051928 CEST | 1.1.1.1 | 192.168.2.9 | 0x8c2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.947102070 CEST | 1.1.1.1 | 192.168.2.9 | 0x603e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:08.984375000 CEST | 1.1.1.1 | 192.168.2.9 | 0xc971 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.020395994 CEST | 1.1.1.1 | 192.168.2.9 | 0x7e40 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.148452044 CEST | 1.1.1.1 | 192.168.2.9 | 0xf34f | No error (0) | 15.197.192.55 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:09.665468931 CEST | 1.1.1.1 | 192.168.2.9 | 0x806a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.679419994 CEST | 1.1.1.1 | 192.168.2.9 | 0x8c54 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.697419882 CEST | 1.1.1.1 | 192.168.2.9 | 0xab7a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.738415956 CEST | 1.1.1.1 | 192.168.2.9 | 0x460 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.757539034 CEST | 1.1.1.1 | 192.168.2.9 | 0x5258 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.780802965 CEST | 1.1.1.1 | 192.168.2.9 | 0xed05 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.799432993 CEST | 1.1.1.1 | 192.168.2.9 | 0x7523 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.813807964 CEST | 1.1.1.1 | 192.168.2.9 | 0xd603 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.830101013 CEST | 1.1.1.1 | 192.168.2.9 | 0xc6b9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.846332073 CEST | 1.1.1.1 | 192.168.2.9 | 0x89ba | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.862040997 CEST | 1.1.1.1 | 192.168.2.9 | 0xe4e9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.876540899 CEST | 1.1.1.1 | 192.168.2.9 | 0x252 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.918864965 CEST | 1.1.1.1 | 192.168.2.9 | 0xc635 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.964055061 CEST | 1.1.1.1 | 192.168.2.9 | 0xac1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.980309963 CEST | 1.1.1.1 | 192.168.2.9 | 0xa272 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:09.993161917 CEST | 1.1.1.1 | 192.168.2.9 | 0xf2c6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.027920961 CEST | 1.1.1.1 | 192.168.2.9 | 0x6e7d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.040844917 CEST | 1.1.1.1 | 192.168.2.9 | 0x9a85 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.077879906 CEST | 1.1.1.1 | 192.168.2.9 | 0x94ed | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.243143082 CEST | 1.1.1.1 | 192.168.2.9 | 0x57c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.256942034 CEST | 1.1.1.1 | 192.168.2.9 | 0xf6e4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.269422054 CEST | 1.1.1.1 | 192.168.2.9 | 0x665f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.291575909 CEST | 1.1.1.1 | 192.168.2.9 | 0xc588 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.311326981 CEST | 1.1.1.1 | 192.168.2.9 | 0x1525 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.324012041 CEST | 1.1.1.1 | 192.168.2.9 | 0x122 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.358690977 CEST | 1.1.1.1 | 192.168.2.9 | 0xaf50 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.393872976 CEST | 1.1.1.1 | 192.168.2.9 | 0xdfac | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.405354023 CEST | 1.1.1.1 | 192.168.2.9 | 0xa368 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.438163042 CEST | 1.1.1.1 | 192.168.2.9 | 0x338 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.453008890 CEST | 1.1.1.1 | 192.168.2.9 | 0xd126 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.465358973 CEST | 1.1.1.1 | 192.168.2.9 | 0xa3cf | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.501131058 CEST | 1.1.1.1 | 192.168.2.9 | 0xab27 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:10.730304956 CEST | 1.1.1.1 | 192.168.2.9 | 0x3b41 | No error (0) | 34.246.200.160 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:11.540745974 CEST | 1.1.1.1 | 192.168.2.9 | 0xbb14 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.579854012 CEST | 1.1.1.1 | 192.168.2.9 | 0x9b66 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.636565924 CEST | 1.1.1.1 | 192.168.2.9 | 0x9559 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:11.650479078 CEST | 1.1.1.1 | 192.168.2.9 | 0x6d08 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.053702116 CEST | 1.1.1.1 | 192.168.2.9 | 0x55c2 | No error (0) | 3.94.10.34 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:12.587584019 CEST | 1.1.1.1 | 192.168.2.9 | 0xdf6b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.600172043 CEST | 1.1.1.1 | 192.168.2.9 | 0x6a14 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.637597084 CEST | 1.1.1.1 | 192.168.2.9 | 0xd8b4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.652065039 CEST | 1.1.1.1 | 192.168.2.9 | 0xdd06 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.667777061 CEST | 1.1.1.1 | 192.168.2.9 | 0x3513 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.702280045 CEST | 1.1.1.1 | 192.168.2.9 | 0x5a22 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.716181993 CEST | 1.1.1.1 | 192.168.2.9 | 0xe9b3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.734568119 CEST | 1.1.1.1 | 192.168.2.9 | 0x8e5e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.750417948 CEST | 1.1.1.1 | 192.168.2.9 | 0x9ae9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.765538931 CEST | 1.1.1.1 | 192.168.2.9 | 0x502f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.780000925 CEST | 1.1.1.1 | 192.168.2.9 | 0x7178 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.793025017 CEST | 1.1.1.1 | 192.168.2.9 | 0x826a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.806241035 CEST | 1.1.1.1 | 192.168.2.9 | 0xc3d5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:12.822397947 CEST | 1.1.1.1 | 192.168.2.9 | 0xf0e3 | No error (0) | 3.64.163.50 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:13.473468065 CEST | 1.1.1.1 | 192.168.2.9 | 0xd626 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.488861084 CEST | 1.1.1.1 | 192.168.2.9 | 0xd953 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.502465963 CEST | 1.1.1.1 | 192.168.2.9 | 0xc3a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.517487049 CEST | 1.1.1.1 | 192.168.2.9 | 0x997d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.530690908 CEST | 1.1.1.1 | 192.168.2.9 | 0x69a5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.544446945 CEST | 1.1.1.1 | 192.168.2.9 | 0x26ce | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.557400942 CEST | 1.1.1.1 | 192.168.2.9 | 0x6da1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.800492048 CEST | 1.1.1.1 | 192.168.2.9 | 0xf1e | Server failure (2) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.813149929 CEST | 1.1.1.1 | 192.168.2.9 | 0x6429 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:13.987874031 CEST | 1.1.1.1 | 192.168.2.9 | 0x3867 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.001894951 CEST | 1.1.1.1 | 192.168.2.9 | 0x1cbb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.039594889 CEST | 1.1.1.1 | 192.168.2.9 | 0x63ff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.055284977 CEST | 1.1.1.1 | 192.168.2.9 | 0x6db5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.080569983 CEST | 1.1.1.1 | 192.168.2.9 | 0x3f4e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.093898058 CEST | 1.1.1.1 | 192.168.2.9 | 0xd820 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.107194901 CEST | 1.1.1.1 | 192.168.2.9 | 0x8fbb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.122409105 CEST | 1.1.1.1 | 192.168.2.9 | 0xb0d2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.138154984 CEST | 1.1.1.1 | 192.168.2.9 | 0x1fff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.151803970 CEST | 1.1.1.1 | 192.168.2.9 | 0x57e6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.186995983 CEST | 1.1.1.1 | 192.168.2.9 | 0x1189 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.350353956 CEST | 1.1.1.1 | 192.168.2.9 | 0xd95c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.363970995 CEST | 1.1.1.1 | 192.168.2.9 | 0x104d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.374886990 CEST | 1.1.1.1 | 192.168.2.9 | 0x7174 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.410768986 CEST | 1.1.1.1 | 192.168.2.9 | 0xd10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.454862118 CEST | 1.1.1.1 | 192.168.2.9 | 0x46f0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.488595009 CEST | 1.1.1.1 | 192.168.2.9 | 0xa137 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.501802921 CEST | 1.1.1.1 | 192.168.2.9 | 0xa79a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.535294056 CEST | 1.1.1.1 | 192.168.2.9 | 0x3483 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:14.548598051 CEST | 1.1.1.1 | 192.168.2.9 | 0xefeb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.093847036 CEST | 1.1.1.1 | 192.168.2.9 | 0x423 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.130868912 CEST | 1.1.1.1 | 192.168.2.9 | 0x9c4a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.324371099 CEST | 1.1.1.1 | 192.168.2.9 | 0xef54 | No error (0) | 15.197.192.55 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:15.829595089 CEST | 1.1.1.1 | 192.168.2.9 | 0x2c22 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.846520901 CEST | 1.1.1.1 | 192.168.2.9 | 0x7652 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.863198996 CEST | 1.1.1.1 | 192.168.2.9 | 0x3478 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.875050068 CEST | 1.1.1.1 | 192.168.2.9 | 0x2891 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.890347004 CEST | 1.1.1.1 | 192.168.2.9 | 0x777f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.903541088 CEST | 1.1.1.1 | 192.168.2.9 | 0x2f8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.941421032 CEST | 1.1.1.1 | 192.168.2.9 | 0xfa18 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.956147909 CEST | 1.1.1.1 | 192.168.2.9 | 0x2869 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:15.988923073 CEST | 1.1.1.1 | 192.168.2.9 | 0x6865 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.002913952 CEST | 1.1.1.1 | 192.168.2.9 | 0x4130 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.026571989 CEST | 1.1.1.1 | 192.168.2.9 | 0x34a3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.068541050 CEST | 1.1.1.1 | 192.168.2.9 | 0xfcd2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.081854105 CEST | 1.1.1.1 | 192.168.2.9 | 0x5db6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.119196892 CEST | 1.1.1.1 | 192.168.2.9 | 0x1350 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.130873919 CEST | 1.1.1.1 | 192.168.2.9 | 0xfb6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.219600916 CEST | 1.1.1.1 | 192.168.2.9 | 0x491d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.240552902 CEST | 1.1.1.1 | 192.168.2.9 | 0x21e0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.300692081 CEST | 1.1.1.1 | 192.168.2.9 | 0x19e9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.342495918 CEST | 1.1.1.1 | 192.168.2.9 | 0x897f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.387286901 CEST | 1.1.1.1 | 192.168.2.9 | 0x2955 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.644709110 CEST | 1.1.1.1 | 192.168.2.9 | 0xb06e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.776568890 CEST | 1.1.1.1 | 192.168.2.9 | 0xd243 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.802715063 CEST | 1.1.1.1 | 192.168.2.9 | 0xdcab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.876898050 CEST | 1.1.1.1 | 192.168.2.9 | 0xa221 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.897619963 CEST | 1.1.1.1 | 192.168.2.9 | 0xebf8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.976881027 CEST | 1.1.1.1 | 192.168.2.9 | 0x3fb2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:16.994211912 CEST | 1.1.1.1 | 192.168.2.9 | 0x70a3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.031486988 CEST | 1.1.1.1 | 192.168.2.9 | 0x1baf | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.045923948 CEST | 1.1.1.1 | 192.168.2.9 | 0xbf9d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.080251932 CEST | 1.1.1.1 | 192.168.2.9 | 0x9d7a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.115845919 CEST | 1.1.1.1 | 192.168.2.9 | 0x10e8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.158632994 CEST | 1.1.1.1 | 192.168.2.9 | 0x1e3e | Server failure (2) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.175389051 CEST | 1.1.1.1 | 192.168.2.9 | 0x78d8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.194595098 CEST | 1.1.1.1 | 192.168.2.9 | 0xc50f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.215374947 CEST | 1.1.1.1 | 192.168.2.9 | 0xdc32 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.257915020 CEST | 1.1.1.1 | 192.168.2.9 | 0x669d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.297178984 CEST | 1.1.1.1 | 192.168.2.9 | 0xba62 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:17.492176056 CEST | 1.1.1.1 | 192.168.2.9 | 0x6719 | No error (0) | 44.221.84.105 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:25:17.992765903 CEST | 1.1.1.1 | 192.168.2.9 | 0xa3a7 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.031923056 CEST | 1.1.1.1 | 192.168.2.9 | 0xe36d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.044241905 CEST | 1.1.1.1 | 192.168.2.9 | 0x5a0a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.057113886 CEST | 1.1.1.1 | 192.168.2.9 | 0x334 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.070384026 CEST | 1.1.1.1 | 192.168.2.9 | 0xce4d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.082859993 CEST | 1.1.1.1 | 192.168.2.9 | 0xa396 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.096426964 CEST | 1.1.1.1 | 192.168.2.9 | 0x69dc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.109922886 CEST | 1.1.1.1 | 192.168.2.9 | 0xf4b2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.123245001 CEST | 1.1.1.1 | 192.168.2.9 | 0xb7ba | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.167887926 CEST | 1.1.1.1 | 192.168.2.9 | 0xdce7 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.211970091 CEST | 1.1.1.1 | 192.168.2.9 | 0x1842 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.224261045 CEST | 1.1.1.1 | 192.168.2.9 | 0x8aff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.246360064 CEST | 1.1.1.1 | 192.168.2.9 | 0xaa37 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.258451939 CEST | 1.1.1.1 | 192.168.2.9 | 0x473 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.271354914 CEST | 1.1.1.1 | 192.168.2.9 | 0x1f4c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.283926964 CEST | 1.1.1.1 | 192.168.2.9 | 0x74cb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.296581984 CEST | 1.1.1.1 | 192.168.2.9 | 0xbd7e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.329875946 CEST | 1.1.1.1 | 192.168.2.9 | 0xf8e4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.368216038 CEST | 1.1.1.1 | 192.168.2.9 | 0xb7a8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.382544994 CEST | 1.1.1.1 | 192.168.2.9 | 0x15f3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.417275906 CEST | 1.1.1.1 | 192.168.2.9 | 0xb772 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.429472923 CEST | 1.1.1.1 | 192.168.2.9 | 0x9372 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.441572905 CEST | 1.1.1.1 | 192.168.2.9 | 0xedc1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.475796938 CEST | 1.1.1.1 | 192.168.2.9 | 0x9cfc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.510767937 CEST | 1.1.1.1 | 192.168.2.9 | 0x90db | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.523902893 CEST | 1.1.1.1 | 192.168.2.9 | 0x7a03 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:25:18.564040899 CEST | 1.1.1.1 | 192.168.2.9 | 0xbf0e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:29.530050993 CEST | 1.1.1.1 | 192.168.2.9 | 0x9e14 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:30.569996119 CEST | 1.1.1.1 | 192.168.2.9 | 0xac53 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:31.594618082 CEST | 1.1.1.1 | 192.168.2.9 | 0x6f56 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:35.940006018 CEST | 1.1.1.1 | 192.168.2.9 | 0x5dd6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:37.033535957 CEST | 1.1.1.1 | 192.168.2.9 | 0xb805 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:38.099987030 CEST | 1.1.1.1 | 192.168.2.9 | 0xfffc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:39.125189066 CEST | 1.1.1.1 | 192.168.2.9 | 0xae7 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:40.138305902 CEST | 1.1.1.1 | 192.168.2.9 | 0x4dc5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:41.158582926 CEST | 1.1.1.1 | 192.168.2.9 | 0x6f80 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:42.421264887 CEST | 1.1.1.1 | 192.168.2.9 | 0xd016 | No error (0) | traff-4.hugedomains.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 16:26:42.421264887 CEST | 1.1.1.1 | 192.168.2.9 | 0xd016 | No error (0) | hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 16:26:42.421264887 CEST | 1.1.1.1 | 192.168.2.9 | 0xd016 | No error (0) | 52.86.6.113 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:26:42.421264887 CEST | 1.1.1.1 | 192.168.2.9 | 0xd016 | No error (0) | 3.94.41.167 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 16:26:44.020303965 CEST | 1.1.1.1 | 192.168.2.9 | 0xb195 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:45.067116976 CEST | 1.1.1.1 | 192.168.2.9 | 0xc154 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:46.113507032 CEST | 1.1.1.1 | 192.168.2.9 | 0x2b81 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:47.138248920 CEST | 1.1.1.1 | 192.168.2.9 | 0x6ec6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:48.154412985 CEST | 1.1.1.1 | 192.168.2.9 | 0x54bf | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:50.639619112 CEST | 1.1.1.1 | 192.168.2.9 | 0x73ea | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:51.682506084 CEST | 1.1.1.1 | 192.168.2.9 | 0x402c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:52.708215952 CEST | 1.1.1.1 | 192.168.2.9 | 0x8f93 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:53.734694004 CEST | 1.1.1.1 | 192.168.2.9 | 0x16a5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:54.771321058 CEST | 1.1.1.1 | 192.168.2.9 | 0x18ec | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:55.797661066 CEST | 1.1.1.1 | 192.168.2.9 | 0x35dc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:56.829003096 CEST | 1.1.1.1 | 192.168.2.9 | 0x9a4c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:57.858639002 CEST | 1.1.1.1 | 192.168.2.9 | 0x120c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:58.895886898 CEST | 1.1.1.1 | 192.168.2.9 | 0x8916 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:26:59.922218084 CEST | 1.1.1.1 | 192.168.2.9 | 0xac02 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:00.936748028 CEST | 1.1.1.1 | 192.168.2.9 | 0xc8f7 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:02.000338078 CEST | 1.1.1.1 | 192.168.2.9 | 0x2520 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:03.046812057 CEST | 1.1.1.1 | 192.168.2.9 | 0xbf72 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:04.060755014 CEST | 1.1.1.1 | 192.168.2.9 | 0xb18a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:05.272229910 CEST | 1.1.1.1 | 192.168.2.9 | 0xe9e8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:06.464262962 CEST | 1.1.1.1 | 192.168.2.9 | 0x206d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 16:27:07.503686905 CEST | 1.1.1.1 | 192.168.2.9 | 0x24ee | Name error (3) | none | none | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.9 | 49706 | 77.247.183.155 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:06.455530882 CEST | 83 | OUT | |
Jul 3, 2024 16:25:07.076055050 CEST | 934 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.9 | 49707 | 217.70.152.246 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:07.118458986 CEST | 86 | OUT | |
Jul 3, 2024 16:25:07.779202938 CEST | 189 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.9 | 49708 | 34.205.242.146 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:08.285001040 CEST | 84 | OUT | |
Jul 3, 2024 16:25:08.759010077 CEST | 175 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.9 | 49709 | 15.197.192.55 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:09.157824039 CEST | 83 | OUT | |
Jul 3, 2024 16:25:09.642329931 CEST | 254 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.9 | 49710 | 34.246.200.160 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:10.736298084 CEST | 84 | OUT | |
Jul 3, 2024 16:25:11.482211113 CEST | 382 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.9 | 49711 | 3.94.10.34 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:12.059690952 CEST | 85 | OUT | |
Jul 3, 2024 16:25:12.567883968 CEST | 383 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.9 | 49712 | 3.64.163.50 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:12.828120947 CEST | 84 | OUT | |
Jul 3, 2024 16:25:13.460616112 CEST | 282 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.9 | 53874 | 15.197.192.55 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:15.330446959 CEST | 85 | OUT | |
Jul 3, 2024 16:25:15.786873102 CEST | 254 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.9 | 53875 | 44.221.84.105 | 80 | 660 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:25:17.504784107 CEST | 83 | OUT | |
Jul 3, 2024 16:25:17.978034973 CEST | 381 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.9 | 53879 | 77.247.183.155 | 80 | 4536 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:26:32.618956089 CEST | 83 | OUT | |
Jul 3, 2024 16:26:33.227963924 CEST | 934 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.9 | 53880 | 217.70.152.246 | 80 | 4536 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:26:34.255712986 CEST | 86 | OUT | |
Jul 3, 2024 16:26:34.914418936 CEST | 189 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
11 | 192.168.2.9 | 53881 | 52.86.6.113 | 80 | 4536 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:26:42.496309996 CEST | 84 | OUT | |
Jul 3, 2024 16:26:42.972558022 CEST | 175 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
12 | 192.168.2.9 | 53882 | 15.197.192.55 | 80 | 4536 | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 3, 2024 16:26:49.164278030 CEST | 83 | OUT | |
Jul 3, 2024 16:26:49.620973110 CEST | 254 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 10:25:00 |
Start date: | 03/07/2024 |
Path: | C:\Users\user\Desktop\7sAylAXBOb.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x630000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 2 |
Start time: | 10:25:00 |
Start date: | 03/07/2024 |
Path: | C:\zqzhokrkxswikv\akk3nwj1mabelfu4.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xe20000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 3 |
Start time: | 10:25:01 |
Start date: | 03/07/2024 |
Path: | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x760000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 4 |
Start time: | 10:25:03 |
Start date: | 03/07/2024 |
Path: | C:\zqzhokrkxswikv\gyyuuofs.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xe10000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 5 |
Start time: | 10:25:04 |
Start date: | 03/07/2024 |
Path: | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x760000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 9 |
Start time: | 10:25:47 |
Start date: | 03/07/2024 |
Path: | C:\Windows\System32\svchost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff77afe0000 |
File size: | 55'320 bytes |
MD5 hash: | B7F884C1B74A263F746EE12A5F7C9F6A |
Has elevated privileges: | true |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 12 |
Start time: | 10:26:24 |
Start date: | 03/07/2024 |
Path: | C:\zqzhokrkxswikv\nlsxqvtcr.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x760000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 13 |
Start time: | 10:26:25 |
Start date: | 03/07/2024 |
Path: | C:\zqzhokrkxswikv\gyyuuofs.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xfd0000 |
File size: | 359'424 bytes |
MD5 hash: | 85179AC6AEC3B32A40B06F35CFC6594B |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Execution Graph
Execution Coverage: | 26.7% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 19.2% |
Total number of Nodes: | 2000 |
Total number of Limit Nodes: | 12 |
Graph
Function 00631338 Relevance: 314.5, APIs: 142, Strings: 33, Instructions: 8244COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006582D0 Relevance: 31.3, APIs: 12, Strings: 5, Instructions: 1565fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00655250 Relevance: 10.8, APIs: 5, Strings: 1, Instructions: 350sleepCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006407D0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 246memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00667D20 Relevance: 3.0, APIs: 2, Instructions: 28memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006339F0 Relevance: 173.8, APIs: 78, Strings: 19, Instructions: 4014libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00634D76 Relevance: 123.6, APIs: 54, Strings: 15, Instructions: 2872libraryloaderCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00634EA1 Relevance: 121.8, APIs: 53, Strings: 15, Instructions: 2823libraryloaderCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0063570C Relevance: 100.3, APIs: 43, Strings: 13, Instructions: 2328libraryloaderCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00635F99 Relevance: 77.1, APIs: 31, Strings: 12, Instructions: 1867libraryloaderCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0064BFC0 Relevance: 10.9, APIs: 7, Instructions: 426fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00657D00 Relevance: 9.1, APIs: 3, Strings: 2, Instructions: 350fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00669DB0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 167processCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00660BF0 Relevance: 3.0, APIs: 2, Instructions: 48memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00642640 Relevance: 3.0, APIs: 2, Instructions: 27stringCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006599D9 Relevance: 1.7, APIs: 1, Instructions: 157COMMON
Control-flow Graph
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006600C3 Relevance: 1.5, APIs: 1, Instructions: 13COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00640D90 Relevance: 26.0, APIs: 11, Strings: 3, Instructions: 1468networkCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0063C260 Relevance: 11.0, APIs: 5, Strings: 1, Instructions: 543serviceCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00667635 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 215timeCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00650EE7 Relevance: 2.3, Strings: 1, Instructions: 1081COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00650F01 Relevance: 2.2, Strings: 1, Instructions: 995COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0064BB60 Relevance: 1.5, APIs: 1, Instructions: 29COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006497C0 Relevance: .5, Instructions: 533COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00670590 Relevance: 14.4, APIs: 7, Strings: 1, Instructions: 391processCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00663450 Relevance: 12.4, APIs: 8, Instructions: 359registrysynchronizationCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00657640 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 134synchronizationthreadCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0064BBE0 Relevance: 7.7, APIs: 5, Instructions: 238fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006453A0 Relevance: 6.3, APIs: 4, Instructions: 309fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0065BA80 Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 370libraryloaderCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 006535F0 Relevance: 5.1, APIs: 4, Instructions: 62memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 18.6% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 3.4% |
Total number of Nodes: | 1558 |
Total number of Limit Nodes: | 15 |
Graph
Function 00E32C10 Relevance: 27.5, APIs: 13, Strings: 2, Instructions: 1254memorylibraryloaderCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E4BA80 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 370libraryloaderencryptionCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E21338 Relevance: 311.0, APIs: 141, Strings: 32, Instructions: 8244COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E239F0 Relevance: 168.5, APIs: 78, Strings: 16, Instructions: 4014libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E24D76 Relevance: 118.4, APIs: 54, Strings: 12, Instructions: 2872libraryloaderCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E24EA1 Relevance: 116.6, APIs: 53, Strings: 12, Instructions: 2823libraryloaderCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E2570C Relevance: 95.1, APIs: 43, Strings: 10, Instructions: 2328libraryloaderCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E25F99 Relevance: 71.9, APIs: 31, Strings: 9, Instructions: 1867libraryloaderCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E482D0 Relevance: 29.6, APIs: 12, Strings: 4, Instructions: 1565fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E29165 Relevance: 25.3, APIs: 12, Strings: 2, Instructions: 831sleepfilenetworkCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E59DB0 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 167processCOMMON
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E353A0 Relevance: 6.3, APIs: 4, Instructions: 309fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E47D00 Relevance: 4.8, APIs: 3, Instructions: 350fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E307D0 Relevance: 4.7, APIs: 3, Instructions: 246memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E50BF0 Relevance: 3.0, APIs: 2, Instructions: 48memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E57D20 Relevance: 3.0, APIs: 2, Instructions: 28memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E32640 Relevance: 3.0, APIs: 2, Instructions: 27stringCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E58B90 Relevance: 2.4, APIs: 1, Instructions: 863COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E5A080 Relevance: 1.7, APIs: 1, Instructions: 211fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00E4E950 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|