Linux
Analysis Report
zerx86.elf
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Sends malformed DNS queries
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Yara signature match
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1628712 |
Start date and time: | 2025-03-04 03:52:43 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 54s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | zerx86.elf |
Detection: | MAL |
Classification: | mal60.troj.linELF@0/0@42/0 |
Command: | /tmp/zerx86.elf |
PID: | 6271 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | gosh that chinese family at the other table sure ate a lot |
Standard Error: |
- system is lnxubuntu20
- zerx86.elf New Fork (PID: 6272, Parent: 6271)
- zerx86.elf New Fork (PID: 6273, Parent: 6272)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_b14f4c5d | unknown | unknown |
| |
Linux_Trojan_Mirai_88de437f | unknown | unknown |
| |
Linux_Trojan_Mirai_cc93863b | unknown | unknown |
| |
Linux_Trojan_Mirai_8aa7b5d3 | unknown | unknown |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_b14f4c5d | unknown | unknown |
| |
Linux_Trojan_Mirai_88de437f | unknown | unknown |
| |
Linux_Trojan_Mirai_cc93863b | unknown | unknown |
| |
Linux_Trojan_Mirai_8aa7b5d3 | unknown | unknown |
|
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | DNS traffic detected: |
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | .symtab present: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 2 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
43% | Virustotal | Browse | ||
45% | ReversingLabs | Linux.Backdoor.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
ohlookthereismyboats.geek | 46.19.143.10 | true | false | high | |
watchmepull.dyn. [malformed] | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
46.19.143.10 | ohlookthereismyboats.geek | Switzerland | 51852 | PLI-ASCH | false | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
46.19.143.10 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
109.202.202.202 | Get hash | malicious | Unknown | Browse |
| |
91.189.91.43 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Unknown | Browse | |||
91.189.91.42 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ohlookthereismyboats.geek | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
PLI-ASCH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INIT7CH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.3626367991338375 |
TrID: |
|
File name: | zerx86.elf |
File size: | 46'140 bytes |
MD5: | c4af54f2b2f4ca83586632ecb973c9ae |
SHA1: | e410db2d4a6766bd21b75a351122f940f521897a |
SHA256: | bb8fa9e2f5e7b24e949c278b2930c9a338466918a6acffc6de425cd41e2969df |
SHA512: | 28a8e40f94981226b931ae93950bd6bc3bb190e8282b130ca65ad5d9c8d8522a50701f40c6bef8c0f055c8341726db9443e4870a39a73ffb80c2120963d2306e |
SSDEEP: | 768:cD+yNVu5rQu0eKlanWBbWXmJGpdBon4UWfx4ImA+/JlrWqLiN9:cqyNVu5rQu0eKoWBbWXnZzfxTmL/JdWq |
TLSH: | 71234BC0A857DCF8D85605717037FB734AB6E03A6199EAC7D3AE9632EC42A11D24739C |
File Content Preview: | .ELF....................d...4...........4. ...(..............................................@...@..<...\(..........Q.td............................U..S.......{....h........[]...$.............U......=@B...t..5....D@.....D@......u........t....h.0.......... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 45700 |
Section Header Size: | 40 |
Number of Section Headers: | 11 |
Header String Table Index: | 10 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x8048094 | 0x94 | 0x1c | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.text | PROGBITS | 0x80480b0 | 0xb0 | 0xa4c6 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x8052576 | 0xa576 | 0x17 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.rodata | PROGBITS | 0x80525a0 | 0xa5a0 | 0xa60 | 0x0 | 0x2 | A | 0 | 0 | 32 |
.ctors | PROGBITS | 0x8054004 | 0xb004 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x805400c | 0xb00c | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.jcr | PROGBITS | 0x8054014 | 0xb014 | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x8054040 | 0xb040 | 0x200 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.bss | NOBITS | 0x8054240 | 0xb240 | 0x2620 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.shstrtab | STRTAB | 0x0 | 0xb240 | 0x43 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8048000 | 0x8048000 | 0xb000 | 0xb000 | 6.4119 | 0x5 | R E | 0x1000 | .init .text .fini .rodata | |
LOAD | 0xb004 | 0x8054004 | 0x8054004 | 0x23c | 0x285c | 2.5335 | 0x6 | RW | 0x1000 | .ctors .dtors .jcr .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 99
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 4, 2025 03:53:47.728658915 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Mar 4, 2025 03:53:47.752851963 CET | 43806 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:47.757992983 CET | 1440 | 43806 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:47.758066893 CET | 43806 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:47.758105040 CET | 43806 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:47.763248920 CET | 1440 | 43806 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:47.763307095 CET | 43806 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:47.768368959 CET | 1440 | 43806 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:53.104175091 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Mar 4, 2025 03:53:57.766988993 CET | 43806 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:57.772066116 CET | 1440 | 43806 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:57.960331917 CET | 1440 | 43806 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:57.960632086 CET | 43806 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:57.966922998 CET | 1440 | 43806 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:59.056716919 CET | 43808 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:59.062242031 CET | 1440 | 43808 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:59.062360048 CET | 43808 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:59.062401056 CET | 43808 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:59.067476034 CET | 1440 | 43808 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:53:59.067553043 CET | 43808 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:53:59.072633982 CET | 1440 | 43808 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:09.229765892 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Mar 4, 2025 03:54:09.619556904 CET | 1440 | 43808 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:09.619856119 CET | 43808 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:09.625057936 CET | 1440 | 43808 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:15.372968912 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Mar 4, 2025 03:54:19.468493938 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Mar 4, 2025 03:54:25.668181896 CET | 43810 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:25.673458099 CET | 1440 | 43810 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:25.673795938 CET | 43810 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:25.673854113 CET | 43810 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:25.679054022 CET | 1440 | 43810 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:25.679157972 CET | 43810 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:25.684286118 CET | 1440 | 43810 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:36.222851992 CET | 1440 | 43810 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:36.223197937 CET | 43810 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:36.228305101 CET | 1440 | 43810 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:37.242649078 CET | 43812 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:37.247698069 CET | 1440 | 43812 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:37.247880936 CET | 43812 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:37.247894049 CET | 43812 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:37.252899885 CET | 1440 | 43812 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:37.252960920 CET | 43812 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:37.258007050 CET | 1440 | 43812 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:47.810306072 CET | 1440 | 43812 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:47.810570002 CET | 43812 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:47.815664053 CET | 1440 | 43812 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:49.002325058 CET | 43814 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:49.007452011 CET | 1440 | 43814 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:49.007661104 CET | 43814 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:49.007661104 CET | 43814 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:49.012720108 CET | 1440 | 43814 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:49.012837887 CET | 43814 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:49.017970085 CET | 1440 | 43814 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:50.184248924 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Mar 4, 2025 03:54:59.567255974 CET | 1440 | 43814 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:54:59.567665100 CET | 43814 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:54:59.572659969 CET | 1440 | 43814 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:00.671677113 CET | 43816 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:00.676750898 CET | 1440 | 43816 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:00.677088976 CET | 43816 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:00.677088976 CET | 43816 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:00.682208061 CET | 1440 | 43816 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:00.682316065 CET | 43816 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:00.687371016 CET | 1440 | 43816 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:11.225439072 CET | 1440 | 43816 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:11.225681067 CET | 43816 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:11.231050968 CET | 1440 | 43816 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:12.670743942 CET | 43818 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:12.675765991 CET | 1440 | 43818 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:12.675852060 CET | 43818 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:12.676032066 CET | 43818 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:12.681024075 CET | 1440 | 43818 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:12.681140900 CET | 43818 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:12.686920881 CET | 1440 | 43818 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:22.684653044 CET | 43818 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:22.689685106 CET | 1440 | 43818 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:22.874145985 CET | 1440 | 43818 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:22.874393940 CET | 43818 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:22.879983902 CET | 1440 | 43818 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:24.317387104 CET | 43820 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:24.322434902 CET | 1440 | 43820 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:24.322565079 CET | 43820 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:24.322630882 CET | 43820 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:24.327699900 CET | 1440 | 43820 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:24.327822924 CET | 43820 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:24.332906008 CET | 1440 | 43820 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:34.878308058 CET | 1440 | 43820 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:34.878509045 CET | 43820 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:34.883584023 CET | 1440 | 43820 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:35.972274065 CET | 43822 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:35.977377892 CET | 1440 | 43822 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:35.977447987 CET | 43822 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:35.977474928 CET | 43822 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:35.982475996 CET | 1440 | 43822 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:35.982525110 CET | 43822 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:35.987622023 CET | 1440 | 43822 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:46.546821117 CET | 1440 | 43822 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:46.547080994 CET | 43822 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:46.555872917 CET | 1440 | 43822 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:47.714135885 CET | 43824 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:47.719132900 CET | 1440 | 43824 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:47.719242096 CET | 43824 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:47.719300985 CET | 43824 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:47.724288940 CET | 1440 | 43824 | 46.19.143.10 | 192.168.2.23 |
Mar 4, 2025 03:55:47.724365950 CET | 43824 | 1440 | 192.168.2.23 | 46.19.143.10 |
Mar 4, 2025 03:55:47.729352951 CET | 1440 | 43824 | 46.19.143.10 | 192.168.2.23 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 4, 2025 03:53:47.729607105 CET | 51771 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:53:47.752737045 CET | 53 | 51771 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:53:58.962804079 CET | 41615 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:53:58.980030060 CET | 53 | 41615 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:53:58.980201960 CET | 41256 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:53:59.003895998 CET | 53 | 41256 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:53:59.004302979 CET | 36835 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:53:59.021586895 CET | 53 | 36835 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:53:59.021800041 CET | 50634 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:53:59.038994074 CET | 53 | 50634 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:53:59.039208889 CET | 38197 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:53:59.056427002 CET | 53 | 38197 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:54:10.621957064 CET | 46335 | 53 | 192.168.2.23 | 51.158.108.203 |
Mar 4, 2025 03:54:15.626656055 CET | 43337 | 53 | 192.168.2.23 | 51.158.108.203 |
Mar 4, 2025 03:54:20.631108046 CET | 44947 | 53 | 192.168.2.23 | 51.158.108.203 |
Mar 4, 2025 03:54:25.635724068 CET | 40497 | 53 | 192.168.2.23 | 51.158.108.203 |
Mar 4, 2025 03:54:25.651680946 CET | 53 | 40497 | 51.158.108.203 | 192.168.2.23 |
Mar 4, 2025 03:54:25.651884079 CET | 55233 | 53 | 192.168.2.23 | 51.158.108.203 |
Mar 4, 2025 03:54:25.668046951 CET | 53 | 55233 | 51.158.108.203 | 192.168.2.23 |
Mar 4, 2025 03:54:37.224826097 CET | 57801 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 4, 2025 03:54:37.242525101 CET | 53 | 57801 | 202.61.197.122 | 192.168.2.23 |
Mar 4, 2025 03:54:48.813278913 CET | 47446 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 4, 2025 03:54:48.850830078 CET | 53 | 47446 | 185.181.61.24 | 192.168.2.23 |
Mar 4, 2025 03:54:48.851026058 CET | 35621 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 4, 2025 03:54:48.888461113 CET | 53 | 35621 | 185.181.61.24 | 192.168.2.23 |
Mar 4, 2025 03:54:48.888778925 CET | 51478 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 4, 2025 03:54:48.926327944 CET | 53 | 51478 | 185.181.61.24 | 192.168.2.23 |
Mar 4, 2025 03:54:48.926764011 CET | 33639 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 4, 2025 03:54:48.964411974 CET | 53 | 33639 | 185.181.61.24 | 192.168.2.23 |
Mar 4, 2025 03:54:48.964699984 CET | 53387 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 4, 2025 03:54:49.002162933 CET | 53 | 53387 | 185.181.61.24 | 192.168.2.23 |
Mar 4, 2025 03:55:00.570127964 CET | 35461 | 53 | 192.168.2.23 | 152.53.15.127 |
Mar 4, 2025 03:55:00.587670088 CET | 53 | 35461 | 152.53.15.127 | 192.168.2.23 |
Mar 4, 2025 03:55:00.587858915 CET | 40140 | 53 | 192.168.2.23 | 152.53.15.127 |
Mar 4, 2025 03:55:00.611233950 CET | 53 | 40140 | 152.53.15.127 | 192.168.2.23 |
Mar 4, 2025 03:55:00.611344099 CET | 32892 | 53 | 192.168.2.23 | 152.53.15.127 |
Mar 4, 2025 03:55:00.628551960 CET | 53 | 32892 | 152.53.15.127 | 192.168.2.23 |
Mar 4, 2025 03:55:00.629373074 CET | 37498 | 53 | 192.168.2.23 | 152.53.15.127 |
Mar 4, 2025 03:55:00.646812916 CET | 53 | 37498 | 152.53.15.127 | 192.168.2.23 |
Mar 4, 2025 03:55:00.646981001 CET | 50645 | 53 | 192.168.2.23 | 152.53.15.127 |
Mar 4, 2025 03:55:00.671456099 CET | 53 | 50645 | 152.53.15.127 | 192.168.2.23 |
Mar 4, 2025 03:55:12.227690935 CET | 52671 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:12.315128088 CET | 53 | 52671 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:12.315592051 CET | 42222 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:12.404612064 CET | 53 | 42222 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:12.405065060 CET | 34639 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:12.492645979 CET | 53 | 34639 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:12.492871046 CET | 48197 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:12.582480907 CET | 53 | 48197 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:12.582782984 CET | 35366 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:12.670383930 CET | 53 | 35366 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:23.876883984 CET | 55701 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:23.964620113 CET | 53 | 55701 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:23.965079069 CET | 58579 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:24.054467916 CET | 53 | 58579 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:24.054704905 CET | 47202 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:24.142007113 CET | 53 | 47202 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:24.142194033 CET | 51881 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:24.229222059 CET | 53 | 51881 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:24.229414940 CET | 51036 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 4, 2025 03:55:24.317147017 CET | 53 | 51036 | 168.235.111.72 | 192.168.2.23 |
Mar 4, 2025 03:55:35.880068064 CET | 34878 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:55:35.897272110 CET | 53 | 34878 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:55:35.897479057 CET | 52006 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:55:35.914556980 CET | 53 | 52006 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:55:35.914654970 CET | 46255 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:55:35.937705994 CET | 53 | 46255 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:55:35.937854052 CET | 46808 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:55:35.955014944 CET | 53 | 46808 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:55:35.955112934 CET | 51355 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 4, 2025 03:55:35.972178936 CET | 53 | 51355 | 194.36.144.87 | 192.168.2.23 |
Mar 4, 2025 03:55:47.549330950 CET | 50379 | 53 | 192.168.2.23 | 81.169.136.222 |
Mar 4, 2025 03:55:47.581145048 CET | 53 | 50379 | 81.169.136.222 | 192.168.2.23 |
Mar 4, 2025 03:55:47.581470966 CET | 39870 | 53 | 192.168.2.23 | 81.169.136.222 |
Mar 4, 2025 03:55:47.613234997 CET | 53 | 39870 | 81.169.136.222 | 192.168.2.23 |
Mar 4, 2025 03:55:47.613449097 CET | 47277 | 53 | 192.168.2.23 | 81.169.136.222 |
Mar 4, 2025 03:55:47.646336079 CET | 53 | 47277 | 81.169.136.222 | 192.168.2.23 |
Mar 4, 2025 03:55:47.646580935 CET | 60768 | 53 | 192.168.2.23 | 81.169.136.222 |
Mar 4, 2025 03:55:47.682281971 CET | 53 | 60768 | 81.169.136.222 | 192.168.2.23 |
Mar 4, 2025 03:55:47.682512999 CET | 34380 | 53 | 192.168.2.23 | 81.169.136.222 |
Mar 4, 2025 03:55:47.713922977 CET | 53 | 34380 | 81.169.136.222 | 192.168.2.23 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 4, 2025 03:53:47.729607105 CET | 192.168.2.23 | 194.36.144.87 | 0x42a1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:53:58.962804079 CET | 192.168.2.23 | 194.36.144.87 | 0xb3e8 | Standard query (0) | 256 | 326 | false | |
Mar 4, 2025 03:53:58.980201960 CET | 192.168.2.23 | 194.36.144.87 | 0xb3e8 | Standard query (0) | 256 | 327 | false | |
Mar 4, 2025 03:53:59.004302979 CET | 192.168.2.23 | 194.36.144.87 | 0xb3e8 | Standard query (0) | 256 | 327 | false | |
Mar 4, 2025 03:53:59.021800041 CET | 192.168.2.23 | 194.36.144.87 | 0xb3e8 | Standard query (0) | 256 | 327 | false | |
Mar 4, 2025 03:53:59.039208889 CET | 192.168.2.23 | 194.36.144.87 | 0xb3e8 | Standard query (0) | 256 | 327 | false | |
Mar 4, 2025 03:54:10.621957064 CET | 192.168.2.23 | 51.158.108.203 | 0x9a19 | Standard query (0) | 256 | 343 | false | |
Mar 4, 2025 03:54:15.626656055 CET | 192.168.2.23 | 51.158.108.203 | 0x9a19 | Standard query (0) | 256 | 347 | false | |
Mar 4, 2025 03:54:20.631108046 CET | 192.168.2.23 | 51.158.108.203 | 0x9a19 | Standard query (0) | 256 | 353 | false | |
Mar 4, 2025 03:54:25.635724068 CET | 192.168.2.23 | 51.158.108.203 | 0x9a19 | Standard query (0) | 256 | 353 | false | |
Mar 4, 2025 03:54:25.651884079 CET | 192.168.2.23 | 51.158.108.203 | 0x9a19 | Standard query (0) | 256 | 353 | false | |
Mar 4, 2025 03:54:37.224826097 CET | 192.168.2.23 | 202.61.197.122 | 0xbec9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:54:48.813278913 CET | 192.168.2.23 | 185.181.61.24 | 0xba25 | Standard query (0) | 256 | 376 | false | |
Mar 4, 2025 03:54:48.851026058 CET | 192.168.2.23 | 185.181.61.24 | 0xba25 | Standard query (0) | 256 | 376 | false | |
Mar 4, 2025 03:54:48.888778925 CET | 192.168.2.23 | 185.181.61.24 | 0xba25 | Standard query (0) | 256 | 376 | false | |
Mar 4, 2025 03:54:48.926764011 CET | 192.168.2.23 | 185.181.61.24 | 0xba25 | Standard query (0) | 256 | 376 | false | |
Mar 4, 2025 03:54:48.964699984 CET | 192.168.2.23 | 185.181.61.24 | 0xba25 | Standard query (0) | 256 | 377 | false | |
Mar 4, 2025 03:55:00.570127964 CET | 192.168.2.23 | 152.53.15.127 | 0x45e7 | Standard query (0) | 256 | 388 | false | |
Mar 4, 2025 03:55:00.587858915 CET | 192.168.2.23 | 152.53.15.127 | 0x45e7 | Standard query (0) | 256 | 388 | false | |
Mar 4, 2025 03:55:00.611344099 CET | 192.168.2.23 | 152.53.15.127 | 0x45e7 | Standard query (0) | 256 | 388 | false | |
Mar 4, 2025 03:55:00.629373074 CET | 192.168.2.23 | 152.53.15.127 | 0x45e7 | Standard query (0) | 256 | 388 | false | |
Mar 4, 2025 03:55:00.646981001 CET | 192.168.2.23 | 152.53.15.127 | 0x45e7 | Standard query (0) | 256 | 388 | false | |
Mar 4, 2025 03:55:12.227690935 CET | 192.168.2.23 | 168.235.111.72 | 0xd47a | Standard query (0) | 256 | 400 | false | |
Mar 4, 2025 03:55:12.315592051 CET | 192.168.2.23 | 168.235.111.72 | 0xd47a | Standard query (0) | 256 | 400 | false | |
Mar 4, 2025 03:55:12.405065060 CET | 192.168.2.23 | 168.235.111.72 | 0xd47a | Standard query (0) | 256 | 400 | false | |
Mar 4, 2025 03:55:12.492871046 CET | 192.168.2.23 | 168.235.111.72 | 0xd47a | Standard query (0) | 256 | 400 | false | |
Mar 4, 2025 03:55:12.582782984 CET | 192.168.2.23 | 168.235.111.72 | 0xd47a | Standard query (0) | 256 | 400 | false | |
Mar 4, 2025 03:55:23.876883984 CET | 192.168.2.23 | 168.235.111.72 | 0x3b58 | Standard query (0) | 256 | 411 | false | |
Mar 4, 2025 03:55:23.965079069 CET | 192.168.2.23 | 168.235.111.72 | 0x3b58 | Standard query (0) | 256 | 412 | false | |
Mar 4, 2025 03:55:24.054704905 CET | 192.168.2.23 | 168.235.111.72 | 0x3b58 | Standard query (0) | 256 | 412 | false | |
Mar 4, 2025 03:55:24.142194033 CET | 192.168.2.23 | 168.235.111.72 | 0x3b58 | Standard query (0) | 256 | 412 | false | |
Mar 4, 2025 03:55:24.229414940 CET | 192.168.2.23 | 168.235.111.72 | 0x3b58 | Standard query (0) | 256 | 412 | false | |
Mar 4, 2025 03:55:35.880068064 CET | 192.168.2.23 | 194.36.144.87 | 0x80d5 | Standard query (0) | 256 | 423 | false | |
Mar 4, 2025 03:55:35.897479057 CET | 192.168.2.23 | 194.36.144.87 | 0x80d5 | Standard query (0) | 256 | 423 | false | |
Mar 4, 2025 03:55:35.914654970 CET | 192.168.2.23 | 194.36.144.87 | 0x80d5 | Standard query (0) | 256 | 423 | false | |
Mar 4, 2025 03:55:35.937854052 CET | 192.168.2.23 | 194.36.144.87 | 0x80d5 | Standard query (0) | 256 | 423 | false | |
Mar 4, 2025 03:55:35.955112934 CET | 192.168.2.23 | 194.36.144.87 | 0x80d5 | Standard query (0) | 256 | 423 | false | |
Mar 4, 2025 03:55:47.549330950 CET | 192.168.2.23 | 81.169.136.222 | 0xceab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.581470966 CET | 192.168.2.23 | 81.169.136.222 | 0xceab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.613449097 CET | 192.168.2.23 | 81.169.136.222 | 0xceab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.646580935 CET | 192.168.2.23 | 81.169.136.222 | 0xceab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.682512999 CET | 192.168.2.23 | 81.169.136.222 | 0xceab | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 4, 2025 03:53:47.752737045 CET | 194.36.144.87 | 192.168.2.23 | 0x42a1 | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:53:58.980030060 CET | 194.36.144.87 | 192.168.2.23 | 0xb3e8 | Format error (1) | none | none | 256 | 326 | false | |
Mar 4, 2025 03:53:59.003895998 CET | 194.36.144.87 | 192.168.2.23 | 0xb3e8 | Format error (1) | none | none | 256 | 327 | false | |
Mar 4, 2025 03:53:59.021586895 CET | 194.36.144.87 | 192.168.2.23 | 0xb3e8 | Format error (1) | none | none | 256 | 327 | false | |
Mar 4, 2025 03:53:59.038994074 CET | 194.36.144.87 | 192.168.2.23 | 0xb3e8 | Format error (1) | none | none | 256 | 327 | false | |
Mar 4, 2025 03:53:59.056427002 CET | 194.36.144.87 | 192.168.2.23 | 0xb3e8 | Format error (1) | none | none | 256 | 327 | false | |
Mar 4, 2025 03:54:25.651680946 CET | 51.158.108.203 | 192.168.2.23 | 0x9a19 | Format error (1) | none | none | 256 | 353 | false | |
Mar 4, 2025 03:54:25.668046951 CET | 51.158.108.203 | 192.168.2.23 | 0x9a19 | Format error (1) | none | none | 256 | 353 | false | |
Mar 4, 2025 03:54:37.242525101 CET | 202.61.197.122 | 192.168.2.23 | 0xbec9 | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:55:00.587670088 CET | 152.53.15.127 | 192.168.2.23 | 0x45e7 | Format error (1) | none | none | 256 | 388 | false | |
Mar 4, 2025 03:55:00.611233950 CET | 152.53.15.127 | 192.168.2.23 | 0x45e7 | Format error (1) | none | none | 256 | 388 | false | |
Mar 4, 2025 03:55:00.628551960 CET | 152.53.15.127 | 192.168.2.23 | 0x45e7 | Format error (1) | none | none | 256 | 388 | false | |
Mar 4, 2025 03:55:00.646812916 CET | 152.53.15.127 | 192.168.2.23 | 0x45e7 | Format error (1) | none | none | 256 | 388 | false | |
Mar 4, 2025 03:55:00.671456099 CET | 152.53.15.127 | 192.168.2.23 | 0x45e7 | Format error (1) | none | none | 256 | 388 | false | |
Mar 4, 2025 03:55:35.897272110 CET | 194.36.144.87 | 192.168.2.23 | 0x80d5 | Format error (1) | none | none | 256 | 423 | false | |
Mar 4, 2025 03:55:35.914556980 CET | 194.36.144.87 | 192.168.2.23 | 0x80d5 | Format error (1) | none | none | 256 | 423 | false | |
Mar 4, 2025 03:55:35.937705994 CET | 194.36.144.87 | 192.168.2.23 | 0x80d5 | Format error (1) | none | none | 256 | 423 | false | |
Mar 4, 2025 03:55:35.955014944 CET | 194.36.144.87 | 192.168.2.23 | 0x80d5 | Format error (1) | none | none | 256 | 423 | false | |
Mar 4, 2025 03:55:35.972178936 CET | 194.36.144.87 | 192.168.2.23 | 0x80d5 | Format error (1) | none | none | 256 | 423 | false | |
Mar 4, 2025 03:55:47.581145048 CET | 81.169.136.222 | 192.168.2.23 | 0xceab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.613234997 CET | 81.169.136.222 | 192.168.2.23 | 0xceab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.646336079 CET | 81.169.136.222 | 192.168.2.23 | 0xceab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.682281971 CET | 81.169.136.222 | 192.168.2.23 | 0xceab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:55:47.713922977 CET | 81.169.136.222 | 192.168.2.23 | 0xceab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 02:53:47 |
Start date (UTC): | 04/03/2025 |
Path: | /tmp/zerx86.elf |
Arguments: | /tmp/zerx86.elf |
File size: | 46140 bytes |
MD5 hash: | c4af54f2b2f4ca83586632ecb973c9ae |
Start time (UTC): | 02:53:47 |
Start date (UTC): | 04/03/2025 |
Path: | /tmp/zerx86.elf |
Arguments: | - |
File size: | 46140 bytes |
MD5 hash: | c4af54f2b2f4ca83586632ecb973c9ae |
Start time (UTC): | 02:53:47 |
Start date (UTC): | 04/03/2025 |
Path: | /tmp/zerx86.elf |
Arguments: | - |
File size: | 46140 bytes |
MD5 hash: | c4af54f2b2f4ca83586632ecb973c9ae |