Windows
Analysis Report
http://jennadewanunwrapped.net
Overview
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 3300 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) - chrome.exe (PID: 5852 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2052 --fi eld-trial- handle=195 2,i,132215 0193523829 0709,10592 0163737019 80767,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- chrome.exe (PID: 6552 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://jennad ewanunwrap ped.net" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- cleanup
- • AV Detection
- • Networking
- • System Summary
- • Boot Survival
Click to jump to signature section
AV Detection |
---|
Source: | SlashNext: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
100% | SlashNext | Credential Stealing type: Phishing & Social Engineering |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
google.com | 142.250.186.174 | true | false | high | |
a.nel.cloudflare.com | 35.190.80.1 | true | false | high | |
www.google.com | 216.58.206.68 | true | false | high | |
jennadewanunwrapped.net | 188.114.96.3 | true | false | unknown | |
korter-bartor.org | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
188.114.97.3 | unknown | European Union | 13335 | CLOUDFLARENETUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
192.168.2.10 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1584797 |
Start date and time: | 2025-01-06 14:32:18 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 2m 50s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://jennadewanunwrapped.net |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@22/8@25/6 |
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, d llhost.exe, SIHClient.exe, Sgr muserer.exe, conhost.exe, svch ost.exe - Excluded IPs from analysis (wh
itelisted): 142.250.186.99, 14 2.251.173.84, 216.58.206.78, 1 42.250.185.238, 142.250.181.23 8, 2.22.50.144, 172.217.16.206 , 142.250.185.78, 142.251.35.1 74, 74.125.0.74, 142.250.184.2 27, 13.107.246.60, 184.28.90.2 7, 20.12.23.50 - Excluded domains from analysis
(whitelisted): fs.microsoft.c om, accounts.google.com, otelr ules.azureedge.net, slscr.upda te.microsoft.com, ctldl.window supdate.com, clientservices.go ogleapis.com, r5.sn-t0aedn7e.g vt1.com, fe3cr.delivery.mp.mic rosoft.com, clients2.google.co m, edgedl.me.gvt1.com, redirec tor.gvt1.com, update.googleapi s.com, r5---sn-t0aedn7e.gvt1.c om, clients.l.google.com - Not all processes where analyz
ed, report is missing behavior information - VT rate limit hit for: http:/
/jennadewanunwrapped.net
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.981631202169437 |
Encrypted: | false |
SSDEEP: | 48:8SmbdITMSHkidAKZdA1uehwiZUklqehRy+3:8SpwGey |
MD5: | D65145BC0BFEF866F3A535043C5D6D39 |
SHA1: | 16A544AC1CD2930685D90BD15C51FD1F1DF5707D |
SHA-256: | DDCD139236E64B80D80C940ED110805ED602FDCDA6421CA4CAAB69853CAB952D |
SHA-512: | 9289BE2B73EF94924D07597BBCD151166CBAE90165987278CDE35AF756DC60C1651E0611A440FF8D35DABA718BA5DDBAEA00CCFE074C7690418BF445E954FFB5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.996936507994152 |
Encrypted: | false |
SSDEEP: | 48:8ImbdITMSHkidAKZdA1Heh/iZUkAQkqehOy+2:8Ipww9Qjy |
MD5: | 4CEEF5405E1CF3AB8C6121B4A8C05092 |
SHA1: | E1C7D36926A2E37D9AD2D7E94DAB7BF627BFE783 |
SHA-256: | 203AEA4EC2AB1BB369B9E11F2364241346DEF44F07C285AB18249B6A3566BC6E |
SHA-512: | 2F383C454ADB7D54465AE6893FEE47628AAC74FDBBAED674230BC83F14953344713270C5116A4D0C9761456665F45A8893D5534B82768F9BA9DD14339A89D65B |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.006172680946936 |
Encrypted: | false |
SSDEEP: | 48:8FmbdITMbHkidAKZdA149eh7sFiZUkmgqeh7soy+BX:8FpwHnyy |
MD5: | 1127D4240308FB38636D32405A278C45 |
SHA1: | 266FD97B2D7E7C0B6936D72EB1FC478B2C49AF14 |
SHA-256: | 79C56C076BE9204F27E8A442B758ADF535F486B961EB9B100841D8CE0E1EED53 |
SHA-512: | 4DE2B72D16FE36CF1825604583966001C7CE8BBCB81D46E77232C40C6B13BC40E1081AFCA33391029B8A503FB4FCD72B3FE2A6D54D9EF2C49D79D1BD7D563F80 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9950263483716744 |
Encrypted: | false |
SSDEEP: | 48:8QmbdITMSHkidAKZdA14ehDiZUkwqehKy+R:8QpwrAy |
MD5: | 8D0A5A370377EAE2CF736F782156F5F8 |
SHA1: | 28FB3128DF3C291E97A0B1FA9ED2F9A84AA842CF |
SHA-256: | 1C466C8B55773F04E1310C8E5F302C1B27FF1453624F3103BCBBB30A48260C1E |
SHA-512: | 8A9B7ADF7E647B64C9FD225915D9A1A967284F426C5C51D1A3223C05A58701E3948F2E66EBED0DE623DD5556785107873C6FB7005396641B4C062717FDCF498D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.983251887720001 |
Encrypted: | false |
SSDEEP: | 48:8embdITMSHkidAKZdA1mehBiZUk1W1qehMy+C:8epwb9sy |
MD5: | 152B12CE79B3EC0FCE5224CE68D714C8 |
SHA1: | 99BFC4D86CE0618A9B514901215D5897525D74F3 |
SHA-256: | 100F5B26C003D0B3478DDD2DE35A4279A99CF8C1B6353915697B3D6E682196C4 |
SHA-512: | 0596BEEF085A3C818F55A8B4800289915EB1C097C0DDC2DB0D9D7D71A3365F98B66B0198C6BF8F1FB637A9E7EB0995DD12E51AE912A3E86E2386B4BC068A7815 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.996587588795539 |
Encrypted: | false |
SSDEEP: | 48:8TmbdITMSHkidAKZdA1duT1ehOuTbbiZUk5OjqehOuTbyy+yT+:8Tpw6TyTbxWOvTbyy7T |
MD5: | 36B048C153EDEDA850AB24F2596C8B32 |
SHA1: | 8DC641CC09C022CF5A943A7B848244BACCF41E10 |
SHA-256: | 13850E50CADAA0E734FF3491B3A68922DDB43E8C817C2978EB7DC8529425D26C |
SHA-512: | 83925CD80C9A28FA3CA6486443BDA946FD2346FEA98C2A2EB805C767604B9AAD7E8D3EBD71DFCDF87EF428BAD935B063B1137E4E1CD8D606FF86D8A06F60CFD5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 184 |
Entropy (8bit): | 5.016717269823738 |
Encrypted: | false |
SSDEEP: | 3:PouVKQMB3tR4/toAcMBzEHjJqhJu+1zWagXRbHOJcr93AKFNTcWWGLv:h4QW3tu/0MOqhJVCaHJcp3AKF6fGLv |
MD5: | 0BF690ABEAEC869A1A2A629D80D8CECE |
SHA1: | 83F990AA8D103D79717C2F429D339E003893106A |
SHA-256: | 474DF52BDB2396F2B26302350E2C7D1C19F9106F43B65D4E942124134B48F490 |
SHA-512: | 61F49EBFC52FE1C04B939C2D4B5869BE74D903019BA2F3F5D179BA37F46F8453A093C2FDD069AF67906135AAE7A01A70E8D92A216CC7FB2FEA1351374F4C2F57 |
Malicious: | false |
Reputation: | low |
URL: | https://jennadewanunwrapped.net/ |
Preview: |
Download Network PCAP: filtered – full
- Total Packets: 120
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 6, 2025 14:33:02.895003080 CET | 49671 | 443 | 192.168.2.10 | 204.79.197.203 |
Jan 6, 2025 14:33:05.098165989 CET | 49674 | 443 | 192.168.2.10 | 173.222.162.55 |
Jan 6, 2025 14:33:05.098187923 CET | 49675 | 443 | 192.168.2.10 | 173.222.162.55 |
Jan 6, 2025 14:33:05.301265001 CET | 49671 | 443 | 192.168.2.10 | 204.79.197.203 |
Jan 6, 2025 14:33:10.113765955 CET | 49671 | 443 | 192.168.2.10 | 204.79.197.203 |
Jan 6, 2025 14:33:10.563591957 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:11.051337004 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:11.848202944 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:13.144460917 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:14.768841982 CET | 49674 | 443 | 192.168.2.10 | 173.222.162.55 |
Jan 6, 2025 14:33:14.768865108 CET | 49675 | 443 | 192.168.2.10 | 173.222.162.55 |
Jan 6, 2025 14:33:15.550101042 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:16.434706926 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:16.434746981 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:16.434827089 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:16.435062885 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:16.435081959 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:17.085874081 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:17.086236000 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:17.086249113 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:17.087291002 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:17.087357044 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:17.091939926 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:17.092015028 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:17.269545078 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:17.269560099 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:17.316426992 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:18.599350929 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:18.599389076 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:18.599459887 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:18.600064993 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:18.600080013 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.067859888 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.068164110 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.068192005 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.069271088 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.069324017 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.070625067 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.070667982 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.070691109 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.070760012 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.070772886 CET | 443 | 49747 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.070785046 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.070822001 CET | 49747 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.071317911 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.071352959 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.071415901 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.071618080 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.071630955 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.542290926 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.542589903 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.542603016 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.543731928 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.543817043 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.545159101 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.545231104 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.545401096 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.545411110 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.598030090 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.724704027 CET | 49671 | 443 | 192.168.2.10 | 204.79.197.203 |
Jan 6, 2025 14:33:19.777625084 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.777734041 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.777929068 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.779331923 CET | 49748 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.779350042 CET | 443 | 49748 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.859730959 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.859766960 CET | 443 | 49755 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:19.859862089 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.860259056 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:19.860277891 CET | 443 | 49755 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.042741060 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.042773008 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.042834997 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.043174028 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.043188095 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.329648018 CET | 443 | 49755 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.331172943 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.331202984 CET | 443 | 49755 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.332289934 CET | 443 | 49755 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.332355976 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.335761070 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.335786104 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.335846901 CET | 443 | 49755 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.335941076 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.335975885 CET | 49755 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.336420059 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.336457968 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.336882114 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.337321043 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.337332964 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.364530087 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:20.500524998 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.500824928 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.500854015 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.501929045 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.502047062 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.503294945 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.503375053 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.503483057 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.503490925 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.550806999 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.625986099 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.626239061 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.626312017 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.626610041 CET | 49761 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.626629114 CET | 443 | 49761 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.632543087 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.632594109 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.632726908 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.634032965 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:20.634047985 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.794753075 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.795068979 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.795099974 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.795449972 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.795870066 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:20.795924902 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:20.848618031 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:21.091430902 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.091723919 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:21.091753960 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.092159033 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.092583895 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:21.092648983 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.092773914 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:21.135345936 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.219249964 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.219369888 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.219561100 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:21.219620943 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:21.219643116 CET | 443 | 49763 | 35.190.80.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.219652891 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:21.219691992 CET | 49763 | 443 | 192.168.2.10 | 35.190.80.1 |
Jan 6, 2025 14:33:26.992391109 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:26.992448092 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:26.992496967 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:27.693057060 CET | 49730 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:33:27.693094969 CET | 443 | 49730 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:33:29.971834898 CET | 49677 | 443 | 192.168.2.10 | 20.42.65.85 |
Jan 6, 2025 14:33:35.703744888 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:35.703808069 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:35.703900099 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:37.693309069 CET | 49762 | 443 | 192.168.2.10 | 188.114.97.3 |
Jan 6, 2025 14:33:37.693315029 CET | 443 | 49762 | 188.114.97.3 | 192.168.2.10 |
Jan 6, 2025 14:33:55.152157068 CET | 52453 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:55.156970978 CET | 53 | 52453 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:55.157160044 CET | 52453 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:55.157250881 CET | 52453 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:55.162035942 CET | 53 | 52453 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:55.601644993 CET | 53 | 52453 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:55.602597952 CET | 52453 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:55.607642889 CET | 53 | 52453 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:55.607712984 CET | 52453 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:34:16.489335060 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:16.489372015 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:16.489440918 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:16.489790916 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:16.489803076 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:17.131695032 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:17.132075071 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:17.132091999 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:17.132385015 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:17.132709980 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:17.132767916 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:17.175375938 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:27.042434931 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:27.042516947 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Jan 6, 2025 14:34:27.042661905 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:27.693979979 CET | 52462 | 443 | 192.168.2.10 | 216.58.206.68 |
Jan 6, 2025 14:34:27.694011927 CET | 443 | 52462 | 216.58.206.68 | 192.168.2.10 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 6, 2025 14:33:12.937117100 CET | 53 | 64485 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:12.944314003 CET | 53 | 65528 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:14.186053991 CET | 53 | 64612 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:16.426678896 CET | 52957 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:16.426872015 CET | 59072 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:16.433516026 CET | 53 | 52957 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:16.433640957 CET | 53 | 59072 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:18.541179895 CET | 53115 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:18.541364908 CET | 53002 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:18.555932999 CET | 53 | 53115 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:18.556746960 CET | 53 | 53002 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:18.563334942 CET | 63243 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:18.563553095 CET | 65404 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:18.598350048 CET | 53 | 65404 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:18.598604918 CET | 53 | 63243 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:19.854911089 CET | 53867 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:19.855252981 CET | 61434 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:19.863790035 CET | 53 | 53867 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:19.869996071 CET | 53 | 61434 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:19.870425940 CET | 56468 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:19.885423899 CET | 53 | 56468 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:19.981167078 CET | 59014 | 53 | 192.168.2.10 | 8.8.8.8 |
Jan 6, 2025 14:33:19.981441021 CET | 57042 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:19.988522053 CET | 53 | 57042 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:19.989605904 CET | 53 | 59014 | 8.8.8.8 | 192.168.2.10 |
Jan 6, 2025 14:33:20.034908056 CET | 54078 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:20.035453081 CET | 58414 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:20.041836977 CET | 53 | 54078 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:20.042191029 CET | 53 | 58414 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.037014961 CET | 53609 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:21.037247896 CET | 57406 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:21.046684980 CET | 53 | 57406 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:21.052079916 CET | 53 | 53609 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:26.090131998 CET | 63302 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:26.090564013 CET | 54011 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:26.098680019 CET | 53 | 63302 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:26.105488062 CET | 53 | 54011 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:26.125595093 CET | 53150 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:26.140844107 CET | 53 | 53150 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:26.143098116 CET | 53734 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:26.143385887 CET | 60898 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:26.158138990 CET | 53 | 60898 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:26.158410072 CET | 53 | 53734 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:31.155220032 CET | 53 | 55428 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:50.089855909 CET | 53 | 58297 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:55.151393890 CET | 53 | 49756 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:56.180887938 CET | 55979 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:56.181070089 CET | 64956 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:56.195210934 CET | 53 | 64956 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:56.196650028 CET | 53 | 55979 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:33:56.197244883 CET | 55295 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:33:56.213258982 CET | 53 | 55295 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:34:08.135543108 CET | 138 | 138 | 192.168.2.10 | 192.168.2.255 |
Jan 6, 2025 14:34:11.160979986 CET | 50262 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:34:11.279722929 CET | 53 | 50262 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:34:12.498774052 CET | 53 | 60747 | 1.1.1.1 | 192.168.2.10 |
Jan 6, 2025 14:34:25.567295074 CET | 63514 | 53 | 192.168.2.10 | 1.1.1.1 |
Jan 6, 2025 14:34:25.575910091 CET | 53 | 63514 | 1.1.1.1 | 192.168.2.10 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jan 6, 2025 14:33:19.870073080 CET | 192.168.2.10 | 1.1.1.1 | c23f | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jan 6, 2025 14:33:16.426678896 CET | 192.168.2.10 | 1.1.1.1 | 0x55ac | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:16.426872015 CET | 192.168.2.10 | 1.1.1.1 | 0x4ce4 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:18.541179895 CET | 192.168.2.10 | 1.1.1.1 | 0x754b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:18.541364908 CET | 192.168.2.10 | 1.1.1.1 | 0x60e | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:18.563334942 CET | 192.168.2.10 | 1.1.1.1 | 0xe75e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:18.563553095 CET | 192.168.2.10 | 1.1.1.1 | 0xa742 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.854911089 CET | 192.168.2.10 | 1.1.1.1 | 0xa9a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.855252981 CET | 192.168.2.10 | 1.1.1.1 | 0xecf | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.870425940 CET | 192.168.2.10 | 1.1.1.1 | 0xaff5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.981167078 CET | 192.168.2.10 | 8.8.8.8 | 0x416c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.981441021 CET | 192.168.2.10 | 1.1.1.1 | 0x572 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:20.034908056 CET | 192.168.2.10 | 1.1.1.1 | 0x34e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:20.035453081 CET | 192.168.2.10 | 1.1.1.1 | 0x5250 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:21.037014961 CET | 192.168.2.10 | 1.1.1.1 | 0xf57d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:21.037247896 CET | 192.168.2.10 | 1.1.1.1 | 0xde02 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.090131998 CET | 192.168.2.10 | 1.1.1.1 | 0xed57 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.090564013 CET | 192.168.2.10 | 1.1.1.1 | 0x9259 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.125595093 CET | 192.168.2.10 | 1.1.1.1 | 0xdb07 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.143098116 CET | 192.168.2.10 | 1.1.1.1 | 0x612 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.143385887 CET | 192.168.2.10 | 1.1.1.1 | 0x755d | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:56.180887938 CET | 192.168.2.10 | 1.1.1.1 | 0xcaab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:56.181070089 CET | 192.168.2.10 | 1.1.1.1 | 0x6050 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:56.197244883 CET | 192.168.2.10 | 1.1.1.1 | 0xa46c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:34:11.160979986 CET | 192.168.2.10 | 1.1.1.1 | 0x1763 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:34:25.567295074 CET | 192.168.2.10 | 1.1.1.1 | 0x6fc0 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jan 6, 2025 14:33:16.433516026 CET | 1.1.1.1 | 192.168.2.10 | 0x55ac | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:16.433640957 CET | 1.1.1.1 | 192.168.2.10 | 0x4ce4 | No error (0) | 65 | IN (0x0001) | false | |||
Jan 6, 2025 14:33:18.555932999 CET | 1.1.1.1 | 192.168.2.10 | 0x754b | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:18.555932999 CET | 1.1.1.1 | 192.168.2.10 | 0x754b | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:18.556746960 CET | 1.1.1.1 | 192.168.2.10 | 0x60e | No error (0) | 65 | IN (0x0001) | false | |||
Jan 6, 2025 14:33:18.598350048 CET | 1.1.1.1 | 192.168.2.10 | 0xa742 | No error (0) | 65 | IN (0x0001) | false | |||
Jan 6, 2025 14:33:18.598604918 CET | 1.1.1.1 | 192.168.2.10 | 0xe75e | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:18.598604918 CET | 1.1.1.1 | 192.168.2.10 | 0xe75e | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:19.863790035 CET | 1.1.1.1 | 192.168.2.10 | 0xa9a1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.869996071 CET | 1.1.1.1 | 192.168.2.10 | 0xecf | Name error (3) | none | none | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.885423899 CET | 1.1.1.1 | 192.168.2.10 | 0xaff5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:19.988522053 CET | 1.1.1.1 | 192.168.2.10 | 0x572 | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:19.989605904 CET | 8.8.8.8 | 192.168.2.10 | 0x416c | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:20.041836977 CET | 1.1.1.1 | 192.168.2.10 | 0x34e6 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
Jan 6, 2025 14:33:21.046684980 CET | 1.1.1.1 | 192.168.2.10 | 0xde02 | Name error (3) | none | none | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:21.052079916 CET | 1.1.1.1 | 192.168.2.10 | 0xf57d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.098680019 CET | 1.1.1.1 | 192.168.2.10 | 0xed57 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.105488062 CET | 1.1.1.1 | 192.168.2.10 | 0x9259 | Name error (3) | none | none | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.140844107 CET | 1.1.1.1 | 192.168.2.10 | 0xdb07 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.158138990 CET | 1.1.1.1 | 192.168.2.10 | 0x755d | Name error (3) | none | none | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:26.158410072 CET | 1.1.1.1 | 192.168.2.10 | 0x612 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:56.195210934 CET | 1.1.1.1 | 192.168.2.10 | 0x6050 | Name error (3) | none | none | 65 | IN (0x0001) | false | |
Jan 6, 2025 14:33:56.196650028 CET | 1.1.1.1 | 192.168.2.10 | 0xcaab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:33:56.213258982 CET | 1.1.1.1 | 192.168.2.10 | 0xa46c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:34:11.279722929 CET | 1.1.1.1 | 192.168.2.10 | 0x1763 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Jan 6, 2025 14:34:25.575910091 CET | 1.1.1.1 | 192.168.2.10 | 0x6fc0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.10 | 49748 | 188.114.97.3 | 443 | 5852 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-06 13:33:19 UTC | 666 | OUT | |
2025-01-06 13:33:19 UTC | 806 | IN | |
2025-01-06 13:33:19 UTC | 190 | IN | |
2025-01-06 13:33:19 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.10 | 49761 | 35.190.80.1 | 443 | 5852 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-06 13:33:20 UTC | 554 | OUT | |
2025-01-06 13:33:20 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.10 | 49763 | 35.190.80.1 | 443 | 5852 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-06 13:33:21 UTC | 488 | OUT | |
2025-01-06 13:33:21 UTC | 420 | OUT | |
2025-01-06 13:33:21 UTC | 168 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 08:33:06 |
Start date: | 06/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6c5c30000 |
File size: | 3'242'272 bytes |
MD5 hash: | 83395EAB5B03DEA9720F8D7AC0D15CAA |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 4 |
Start time: | 08:33:10 |
Start date: | 06/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6c5c30000 |
File size: | 3'242'272 bytes |
MD5 hash: | 83395EAB5B03DEA9720F8D7AC0D15CAA |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 8 |
Start time: | 08:33:17 |
Start date: | 06/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6c5c30000 |
File size: | 3'242'272 bytes |
MD5 hash: | 83395EAB5B03DEA9720F8D7AC0D15CAA |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |