Linux
Analysis Report
zermips.elf
Overview
General Information
Detection
Score: | 56 |
Range: | 0 - 100 |
Signatures
Multi AV Scanner detection for submitted file
Connects to many ports of the same IP (likely port scanning)
Sends malformed DNS queries
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample has stripped symbol table
Sample listens on a socket
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1633213 |
Start date and time: | 2025-03-10 03:00:00 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 9s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | zermips.elf |
Detection: | MAL |
Classification: | mal56.troj.linELF@0/0@31/0 |
Command: | /tmp/zermips.elf |
PID: | 5580 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | gosh that chinese family at the other table sure ate a lot |
Standard Error: |
- system is lnxubuntu20
- zermips.elf New Fork (PID: 5583, Parent: 5580)
- zermips.elf New Fork (PID: 5585, Parent: 5583)
- cleanup
⊘No yara matches
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | TCP traffic: |
Source: | DNS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
26% | Virustotal | Browse | ||
34% | ReversingLabs | Linux.Backdoor.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
ohlookthereismyboats.geek | 159.89.101.70 | true | false | high | |
watchmepull.dyn. [malformed] | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
64.227.79.152 | unknown | United States | 14061 | DIGITALOCEAN-ASNUS | false | |
185.220.204.227 | unknown | Israel | 41436 | CLOUDWEBMANAGE-EUGB | false | |
159.89.101.70 | ohlookthereismyboats.geek | United States | 14061 | DIGITALOCEAN-ASNUS | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
64.227.79.152 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
185.220.204.227 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
159.89.101.70 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ohlookthereismyboats.geek | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CLOUDWEBMANAGE-EUGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
DIGITALOCEAN-ASNUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
DIGITALOCEAN-ASNUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 5.346608727186837 |
TrID: |
|
File name: | zermips.elf |
File size: | 67'712 bytes |
MD5: | c0492cb1b02faeed6398f126687869ad |
SHA1: | 277d2b75702b1260157f59d405860fd6ea7f24b5 |
SHA256: | 427a626825c9571592a7818802230afde85043377f8f84dd9202df910e99f0f4 |
SHA512: | bed9cbefe173bc58065ee82071ec918731ce16a5d83c3819ed9b060562e2d201cefb7d3e7462879d7d32765a6cc50e9196f06d3355b99ebbfd9c1e7389995c00 |
SSDEEP: | 1536:F8YRDkvHm7ecR+GzkD3Bc57Fi8kn5wYbsa:zRDIHmtR/zkT6FKnOYIa |
TLSH: | 9363B81E2E228FACFBAC823547B78F31964833D536E1C685E15CE9015EB034D645FBA9 |
File Content Preview: | .ELF.....................@.`...4...(.....4. ...(.............@...@...........................E...E..................dt.Q............................<...'..\...!'.......................<...'..8...!... ....'9... ......................<...'......!........'9. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 67112 |
Section Header Size: | 40 |
Number of Section Headers: | 15 |
Header String Table Index: | 14 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x8c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x400120 | 0x120 | 0xf0f0 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x40f210 | 0xf210 | 0x5c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x40f270 | 0xf270 | 0x880 | 0x0 | 0x2 | A | 0 | 0 | 16 |
.ctors | PROGBITS | 0x450000 | 0x10000 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x450008 | 0x10008 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.jcr | PROGBITS | 0x450010 | 0x10010 | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data.rel.ro | PROGBITS | 0x450014 | 0x10014 | 0x10 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x450030 | 0x10030 | 0x1d0 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.got | PROGBITS | 0x450200 | 0x10200 | 0x3bc | 0x4 | 0x10000003 | WAp | 0 | 0 | 16 |
.sbss | NOBITS | 0x4505bc | 0x105bc | 0x1c | 0x0 | 0x10000003 | WAp | 0 | 0 | 4 |
.bss | NOBITS | 0x4505e0 | 0x105bc | 0x2d0 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.mdebug.abi32 | PROGBITS | 0x73e | 0x105bc | 0x0 | 0x0 | 0x0 | 0 | 0 | 1 | |
.shstrtab | STRTAB | 0x0 | 0x105bc | 0x69 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0xfaf0 | 0xfaf0 | 5.4451 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0x10000 | 0x450000 | 0x450000 | 0x5bc | 0x8b0 | 3.5812 | 0x6 | RW | 0x10000 | .ctors .dtors .jcr .data.rel.ro .data .got .sbss .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 87
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 10, 2025 03:01:03.063941956 CET | 52056 | 1440 | 192.168.2.14 | 64.227.79.152 |
Mar 10, 2025 03:01:03.069154978 CET | 1440 | 52056 | 64.227.79.152 | 192.168.2.14 |
Mar 10, 2025 03:01:03.069993973 CET | 52056 | 1440 | 192.168.2.14 | 64.227.79.152 |
Mar 10, 2025 03:01:03.087543964 CET | 52056 | 1440 | 192.168.2.14 | 64.227.79.152 |
Mar 10, 2025 03:01:03.092612982 CET | 1440 | 52056 | 64.227.79.152 | 192.168.2.14 |
Mar 10, 2025 03:01:03.092684984 CET | 52056 | 1440 | 192.168.2.14 | 64.227.79.152 |
Mar 10, 2025 03:01:03.097762108 CET | 1440 | 52056 | 64.227.79.152 | 192.168.2.14 |
Mar 10, 2025 03:01:13.097560883 CET | 52056 | 1440 | 192.168.2.14 | 64.227.79.152 |
Mar 10, 2025 03:01:13.102699995 CET | 1440 | 52056 | 64.227.79.152 | 192.168.2.14 |
Mar 10, 2025 03:01:13.291991949 CET | 1440 | 52056 | 64.227.79.152 | 192.168.2.14 |
Mar 10, 2025 03:01:13.292534113 CET | 52056 | 1440 | 192.168.2.14 | 64.227.79.152 |
Mar 10, 2025 03:01:13.297648907 CET | 1440 | 52056 | 64.227.79.152 | 192.168.2.14 |
Mar 10, 2025 03:01:14.316382885 CET | 48388 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:14.321466923 CET | 2840 | 48388 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:14.321549892 CET | 48388 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:14.322714090 CET | 48388 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:14.327745914 CET | 2840 | 48388 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:14.327861071 CET | 48388 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:14.333142042 CET | 2840 | 48388 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:24.915041924 CET | 2840 | 48388 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:24.915482044 CET | 48388 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:24.921571970 CET | 2840 | 48388 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:26.017525911 CET | 48390 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:26.022763014 CET | 2840 | 48390 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:26.022911072 CET | 48390 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:26.024138927 CET | 48390 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:26.029156923 CET | 2840 | 48390 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:26.029213905 CET | 48390 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:26.034516096 CET | 2840 | 48390 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:36.665992022 CET | 2840 | 48390 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:36.666434050 CET | 48390 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:36.671526909 CET | 2840 | 48390 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:38.005064964 CET | 48392 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:38.010615110 CET | 2840 | 48392 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:38.010705948 CET | 48392 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:38.012103081 CET | 48392 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:38.017612934 CET | 2840 | 48392 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:38.017678022 CET | 48392 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:38.028024912 CET | 2840 | 48392 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:48.597588062 CET | 2840 | 48392 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:48.598397970 CET | 48392 | 2840 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:01:48.603532076 CET | 2840 | 48392 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:01:49.620882988 CET | 47252 | 911 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:01:49.626171112 CET | 911 | 47252 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:01:49.626251936 CET | 47252 | 911 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:01:49.627446890 CET | 47252 | 911 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:01:49.632469893 CET | 911 | 47252 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:01:49.632574081 CET | 47252 | 911 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:01:49.637659073 CET | 911 | 47252 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:00.207722902 CET | 911 | 47252 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:00.208139896 CET | 47252 | 911 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:00.213263988 CET | 911 | 47252 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:01.243448019 CET | 52108 | 1440 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:02:01.248615980 CET | 1440 | 52108 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:02:01.248676062 CET | 52108 | 1440 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:02:01.249871016 CET | 52108 | 1440 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:02:01.254995108 CET | 1440 | 52108 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:02:01.255065918 CET | 52108 | 1440 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:02:01.260205030 CET | 1440 | 52108 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:02:11.840985060 CET | 1440 | 52108 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:02:11.841281891 CET | 52108 | 1440 | 192.168.2.14 | 159.89.101.70 |
Mar 10, 2025 03:02:11.846451998 CET | 1440 | 52108 | 159.89.101.70 | 192.168.2.14 |
Mar 10, 2025 03:02:12.883815050 CET | 51238 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:12.889002085 CET | 1440 | 51238 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:12.889097929 CET | 51238 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:12.890270948 CET | 51238 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:12.895334005 CET | 1440 | 51238 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:12.895390987 CET | 51238 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:12.900499105 CET | 1440 | 51238 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:22.896135092 CET | 51238 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:22.901145935 CET | 1440 | 51238 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:23.088083029 CET | 1440 | 51238 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:23.088221073 CET | 51238 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:23.095628023 CET | 1440 | 51238 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:24.248897076 CET | 51240 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:24.253994942 CET | 1440 | 51240 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:24.254089117 CET | 51240 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:24.254884958 CET | 51240 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:24.259908915 CET | 1440 | 51240 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:24.259999037 CET | 51240 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:24.265079021 CET | 1440 | 51240 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:34.831017971 CET | 1440 | 51240 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:34.831197023 CET | 51240 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:34.836230040 CET | 1440 | 51240 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:35.953362942 CET | 51242 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:35.960707903 CET | 1440 | 51242 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:35.960796118 CET | 51242 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:35.962057114 CET | 51242 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:35.969361067 CET | 1440 | 51242 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:35.969429016 CET | 51242 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:35.977052927 CET | 1440 | 51242 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:46.542294979 CET | 1440 | 51242 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:46.542615891 CET | 51242 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:46.547750950 CET | 1440 | 51242 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:47.678134918 CET | 51244 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:47.683233023 CET | 1440 | 51244 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:47.683336020 CET | 51244 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:47.684773922 CET | 51244 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:47.689820051 CET | 1440 | 51244 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:47.689898014 CET | 51244 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:47.694996119 CET | 1440 | 51244 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:58.256944895 CET | 1440 | 51244 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:58.257335901 CET | 51244 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:58.262492895 CET | 1440 | 51244 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:59.279875994 CET | 51246 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:59.285012960 CET | 1440 | 51246 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:59.285144091 CET | 51246 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:59.286340952 CET | 51246 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:59.291683912 CET | 1440 | 51246 | 185.220.204.227 | 192.168.2.14 |
Mar 10, 2025 03:02:59.291738987 CET | 51246 | 1440 | 192.168.2.14 | 185.220.204.227 |
Mar 10, 2025 03:02:59.297025919 CET | 1440 | 51246 | 185.220.204.227 | 192.168.2.14 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 10, 2025 03:01:03.041903973 CET | 54450 | 53 | 192.168.2.14 | 202.61.197.122 |
Mar 10, 2025 03:01:03.059962988 CET | 53 | 54450 | 202.61.197.122 | 192.168.2.14 |
Mar 10, 2025 03:01:14.296924114 CET | 59010 | 53 | 192.168.2.14 | 202.61.197.122 |
Mar 10, 2025 03:01:14.315452099 CET | 53 | 59010 | 202.61.197.122 | 192.168.2.14 |
Mar 10, 2025 03:01:25.919517994 CET | 45730 | 53 | 192.168.2.14 | 51.158.108.203 |
Mar 10, 2025 03:01:25.943895102 CET | 53 | 45730 | 51.158.108.203 | 192.168.2.14 |
Mar 10, 2025 03:01:25.946266890 CET | 53741 | 53 | 192.168.2.14 | 51.158.108.203 |
Mar 10, 2025 03:01:25.962254047 CET | 53 | 53741 | 51.158.108.203 | 192.168.2.14 |
Mar 10, 2025 03:01:25.963920116 CET | 45806 | 53 | 192.168.2.14 | 51.158.108.203 |
Mar 10, 2025 03:01:25.979959965 CET | 53 | 45806 | 51.158.108.203 | 192.168.2.14 |
Mar 10, 2025 03:01:25.981829882 CET | 60764 | 53 | 192.168.2.14 | 51.158.108.203 |
Mar 10, 2025 03:01:25.997751951 CET | 53 | 60764 | 51.158.108.203 | 192.168.2.14 |
Mar 10, 2025 03:01:26.000089884 CET | 44650 | 53 | 192.168.2.14 | 51.158.108.203 |
Mar 10, 2025 03:01:26.015990973 CET | 53 | 44650 | 51.158.108.203 | 192.168.2.14 |
Mar 10, 2025 03:01:37.671972990 CET | 38504 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:01:37.701713085 CET | 53 | 38504 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:01:37.704639912 CET | 58483 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:01:37.901942968 CET | 53 | 58483 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:01:37.904110909 CET | 50133 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:01:37.937165022 CET | 53 | 50133 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:01:37.938910007 CET | 51302 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:01:37.971671104 CET | 53 | 51302 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:01:37.973807096 CET | 57136 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:01:38.003983974 CET | 53 | 57136 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:01:49.604283094 CET | 35669 | 53 | 192.168.2.14 | 51.158.108.203 |
Mar 10, 2025 03:01:49.620215893 CET | 53 | 35669 | 51.158.108.203 | 192.168.2.14 |
Mar 10, 2025 03:02:01.212129116 CET | 52593 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:02:01.242577076 CET | 53 | 52593 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:02:12.845077991 CET | 33391 | 53 | 192.168.2.14 | 185.181.61.24 |
Mar 10, 2025 03:02:12.882991076 CET | 53 | 33391 | 185.181.61.24 | 192.168.2.14 |
Mar 10, 2025 03:02:24.091007948 CET | 33220 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:02:24.121093035 CET | 53 | 33220 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:02:24.122170925 CET | 59815 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:02:24.151998997 CET | 53 | 59815 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:02:24.156034946 CET | 34487 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:02:24.186018944 CET | 53 | 34487 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:02:24.187252045 CET | 60632 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:02:24.217164040 CET | 53 | 60632 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:02:24.218275070 CET | 45053 | 53 | 192.168.2.14 | 81.169.136.222 |
Mar 10, 2025 03:02:24.248346090 CET | 53 | 45053 | 81.169.136.222 | 192.168.2.14 |
Mar 10, 2025 03:02:35.833914042 CET | 55840 | 53 | 192.168.2.14 | 194.36.144.87 |
Mar 10, 2025 03:02:35.857086897 CET | 53 | 55840 | 194.36.144.87 | 192.168.2.14 |
Mar 10, 2025 03:02:35.858382940 CET | 45504 | 53 | 192.168.2.14 | 194.36.144.87 |
Mar 10, 2025 03:02:35.881834030 CET | 53 | 45504 | 194.36.144.87 | 192.168.2.14 |
Mar 10, 2025 03:02:35.883157969 CET | 37305 | 53 | 192.168.2.14 | 194.36.144.87 |
Mar 10, 2025 03:02:35.906049013 CET | 53 | 37305 | 194.36.144.87 | 192.168.2.14 |
Mar 10, 2025 03:02:35.907357931 CET | 40585 | 53 | 192.168.2.14 | 194.36.144.87 |
Mar 10, 2025 03:02:35.931386948 CET | 53 | 40585 | 194.36.144.87 | 192.168.2.14 |
Mar 10, 2025 03:02:35.932754993 CET | 41520 | 53 | 192.168.2.14 | 194.36.144.87 |
Mar 10, 2025 03:02:35.952671051 CET | 53 | 41520 | 194.36.144.87 | 192.168.2.14 |
Mar 10, 2025 03:02:47.546988010 CET | 53621 | 53 | 192.168.2.14 | 152.53.15.127 |
Mar 10, 2025 03:02:47.570482969 CET | 53 | 53621 | 152.53.15.127 | 192.168.2.14 |
Mar 10, 2025 03:02:47.572149038 CET | 52481 | 53 | 192.168.2.14 | 152.53.15.127 |
Mar 10, 2025 03:02:47.595542908 CET | 53 | 52481 | 152.53.15.127 | 192.168.2.14 |
Mar 10, 2025 03:02:47.597372055 CET | 35892 | 53 | 192.168.2.14 | 152.53.15.127 |
Mar 10, 2025 03:02:47.623728037 CET | 53 | 35892 | 152.53.15.127 | 192.168.2.14 |
Mar 10, 2025 03:02:47.625462055 CET | 44832 | 53 | 192.168.2.14 | 152.53.15.127 |
Mar 10, 2025 03:02:47.651387930 CET | 53 | 44832 | 152.53.15.127 | 192.168.2.14 |
Mar 10, 2025 03:02:47.653086901 CET | 59707 | 53 | 192.168.2.14 | 152.53.15.127 |
Mar 10, 2025 03:02:47.677361012 CET | 53 | 59707 | 152.53.15.127 | 192.168.2.14 |
Mar 10, 2025 03:02:59.260871887 CET | 33647 | 53 | 192.168.2.14 | 202.61.197.122 |
Mar 10, 2025 03:02:59.278747082 CET | 53 | 33647 | 202.61.197.122 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 10, 2025 03:01:03.041903973 CET | 192.168.2.14 | 202.61.197.122 | 0x1159 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 10, 2025 03:01:14.296924114 CET | 192.168.2.14 | 202.61.197.122 | 0x1f9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 10, 2025 03:01:25.919517994 CET | 192.168.2.14 | 51.158.108.203 | 0x517d | Standard query (0) | 256 | 501 | false | |
Mar 10, 2025 03:01:25.946266890 CET | 192.168.2.14 | 51.158.108.203 | 0x517d | Standard query (0) | 256 | 501 | false | |
Mar 10, 2025 03:01:25.963920116 CET | 192.168.2.14 | 51.158.108.203 | 0x517d | Standard query (0) | 256 | 501 | false | |
Mar 10, 2025 03:01:25.981829882 CET | 192.168.2.14 | 51.158.108.203 | 0x517d | Standard query (0) | 256 | 501 | false | |
Mar 10, 2025 03:01:26.000089884 CET | 192.168.2.14 | 51.158.108.203 | 0x517d | Standard query (0) | 256 | 502 | false | |
Mar 10, 2025 03:01:37.671972990 CET | 192.168.2.14 | 81.169.136.222 | 0xf2ba | Standard query (0) | 256 | 257 | false | |
Mar 10, 2025 03:01:37.704639912 CET | 192.168.2.14 | 81.169.136.222 | 0xf2ba | Standard query (0) | 256 | 257 | false | |
Mar 10, 2025 03:01:37.904110909 CET | 192.168.2.14 | 81.169.136.222 | 0xf2ba | Standard query (0) | 256 | 257 | false | |
Mar 10, 2025 03:01:37.938910007 CET | 192.168.2.14 | 81.169.136.222 | 0xf2ba | Standard query (0) | 256 | 257 | false | |
Mar 10, 2025 03:01:37.973807096 CET | 192.168.2.14 | 81.169.136.222 | 0xf2ba | Standard query (0) | 256 | 258 | false | |
Mar 10, 2025 03:01:49.604283094 CET | 192.168.2.14 | 51.158.108.203 | 0x165a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 10, 2025 03:02:01.212129116 CET | 192.168.2.14 | 81.169.136.222 | 0x21de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 10, 2025 03:02:12.845077991 CET | 192.168.2.14 | 185.181.61.24 | 0xbe33 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 10, 2025 03:02:24.091007948 CET | 192.168.2.14 | 81.169.136.222 | 0x46f | Standard query (0) | 256 | 304 | false | |
Mar 10, 2025 03:02:24.122170925 CET | 192.168.2.14 | 81.169.136.222 | 0x46f | Standard query (0) | 256 | 304 | false | |
Mar 10, 2025 03:02:24.156034946 CET | 192.168.2.14 | 81.169.136.222 | 0x46f | Standard query (0) | 256 | 304 | false | |
Mar 10, 2025 03:02:24.187252045 CET | 192.168.2.14 | 81.169.136.222 | 0x46f | Standard query (0) | 256 | 304 | false | |
Mar 10, 2025 03:02:24.218275070 CET | 192.168.2.14 | 81.169.136.222 | 0x46f | Standard query (0) | 256 | 304 | false | |
Mar 10, 2025 03:02:35.833914042 CET | 192.168.2.14 | 194.36.144.87 | 0x47c5 | Standard query (0) | 256 | 315 | false | |
Mar 10, 2025 03:02:35.858382940 CET | 192.168.2.14 | 194.36.144.87 | 0x47c5 | Standard query (0) | 256 | 315 | false | |
Mar 10, 2025 03:02:35.883157969 CET | 192.168.2.14 | 194.36.144.87 | 0x47c5 | Standard query (0) | 256 | 315 | false | |
Mar 10, 2025 03:02:35.907357931 CET | 192.168.2.14 | 194.36.144.87 | 0x47c5 | Standard query (0) | 256 | 315 | false | |
Mar 10, 2025 03:02:35.932754993 CET | 192.168.2.14 | 194.36.144.87 | 0x47c5 | Standard query (0) | 256 | 315 | false | |
Mar 10, 2025 03:02:47.546988010 CET | 192.168.2.14 | 152.53.15.127 | 0x8343 | Standard query (0) | 256 | 327 | false | |
Mar 10, 2025 03:02:47.572149038 CET | 192.168.2.14 | 152.53.15.127 | 0x8343 | Standard query (0) | 256 | 327 | false | |
Mar 10, 2025 03:02:47.597372055 CET | 192.168.2.14 | 152.53.15.127 | 0x8343 | Standard query (0) | 256 | 327 | false | |
Mar 10, 2025 03:02:47.625462055 CET | 192.168.2.14 | 152.53.15.127 | 0x8343 | Standard query (0) | 256 | 327 | false | |
Mar 10, 2025 03:02:47.653086901 CET | 192.168.2.14 | 152.53.15.127 | 0x8343 | Standard query (0) | 256 | 327 | false | |
Mar 10, 2025 03:02:59.260871887 CET | 192.168.2.14 | 202.61.197.122 | 0x5e2a | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 10, 2025 03:01:03.059962988 CET | 202.61.197.122 | 192.168.2.14 | 0x1159 | No error (0) | 159.89.101.70 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:03.059962988 CET | 202.61.197.122 | 192.168.2.14 | 0x1159 | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:03.059962988 CET | 202.61.197.122 | 192.168.2.14 | 0x1159 | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:03.059962988 CET | 202.61.197.122 | 192.168.2.14 | 0x1159 | No error (0) | 64.227.79.152 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:14.315452099 CET | 202.61.197.122 | 192.168.2.14 | 0x1f9 | No error (0) | 159.89.101.70 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:14.315452099 CET | 202.61.197.122 | 192.168.2.14 | 0x1f9 | No error (0) | 64.227.79.152 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:14.315452099 CET | 202.61.197.122 | 192.168.2.14 | 0x1f9 | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:14.315452099 CET | 202.61.197.122 | 192.168.2.14 | 0x1f9 | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:25.943895102 CET | 51.158.108.203 | 192.168.2.14 | 0x517d | Format error (1) | none | none | 256 | 501 | false | |
Mar 10, 2025 03:01:25.962254047 CET | 51.158.108.203 | 192.168.2.14 | 0x517d | Format error (1) | none | none | 256 | 501 | false | |
Mar 10, 2025 03:01:25.979959965 CET | 51.158.108.203 | 192.168.2.14 | 0x517d | Format error (1) | none | none | 256 | 501 | false | |
Mar 10, 2025 03:01:25.997751951 CET | 51.158.108.203 | 192.168.2.14 | 0x517d | Format error (1) | none | none | 256 | 502 | false | |
Mar 10, 2025 03:01:26.015990973 CET | 51.158.108.203 | 192.168.2.14 | 0x517d | Format error (1) | none | none | 256 | 502 | false | |
Mar 10, 2025 03:01:49.620215893 CET | 51.158.108.203 | 192.168.2.14 | 0x165a | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:49.620215893 CET | 51.158.108.203 | 192.168.2.14 | 0x165a | No error (0) | 159.89.101.70 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:49.620215893 CET | 51.158.108.203 | 192.168.2.14 | 0x165a | No error (0) | 64.227.79.152 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:01:49.620215893 CET | 51.158.108.203 | 192.168.2.14 | 0x165a | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:01.242577076 CET | 81.169.136.222 | 192.168.2.14 | 0x21de | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:01.242577076 CET | 81.169.136.222 | 192.168.2.14 | 0x21de | No error (0) | 159.89.101.70 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:01.242577076 CET | 81.169.136.222 | 192.168.2.14 | 0x21de | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:01.242577076 CET | 81.169.136.222 | 192.168.2.14 | 0x21de | No error (0) | 64.227.79.152 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:12.882991076 CET | 185.181.61.24 | 192.168.2.14 | 0xbe33 | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:12.882991076 CET | 185.181.61.24 | 192.168.2.14 | 0xbe33 | No error (0) | 159.89.101.70 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:12.882991076 CET | 185.181.61.24 | 192.168.2.14 | 0xbe33 | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:12.882991076 CET | 185.181.61.24 | 192.168.2.14 | 0xbe33 | No error (0) | 64.227.79.152 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:35.857086897 CET | 194.36.144.87 | 192.168.2.14 | 0x47c5 | Format error (1) | none | none | 256 | 315 | false | |
Mar 10, 2025 03:02:35.881834030 CET | 194.36.144.87 | 192.168.2.14 | 0x47c5 | Format error (1) | none | none | 256 | 315 | false | |
Mar 10, 2025 03:02:35.906049013 CET | 194.36.144.87 | 192.168.2.14 | 0x47c5 | Format error (1) | none | none | 256 | 315 | false | |
Mar 10, 2025 03:02:35.931386948 CET | 194.36.144.87 | 192.168.2.14 | 0x47c5 | Format error (1) | none | none | 256 | 315 | false | |
Mar 10, 2025 03:02:35.952671051 CET | 194.36.144.87 | 192.168.2.14 | 0x47c5 | Format error (1) | none | none | 256 | 315 | false | |
Mar 10, 2025 03:02:47.570482969 CET | 152.53.15.127 | 192.168.2.14 | 0x8343 | Format error (1) | none | none | 256 | 327 | false | |
Mar 10, 2025 03:02:47.595542908 CET | 152.53.15.127 | 192.168.2.14 | 0x8343 | Format error (1) | none | none | 256 | 327 | false | |
Mar 10, 2025 03:02:47.623728037 CET | 152.53.15.127 | 192.168.2.14 | 0x8343 | Format error (1) | none | none | 256 | 327 | false | |
Mar 10, 2025 03:02:47.651387930 CET | 152.53.15.127 | 192.168.2.14 | 0x8343 | Format error (1) | none | none | 256 | 327 | false | |
Mar 10, 2025 03:02:47.677361012 CET | 152.53.15.127 | 192.168.2.14 | 0x8343 | Format error (1) | none | none | 256 | 327 | false | |
Mar 10, 2025 03:02:59.278747082 CET | 202.61.197.122 | 192.168.2.14 | 0x5e2a | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:59.278747082 CET | 202.61.197.122 | 192.168.2.14 | 0x5e2a | No error (0) | 159.89.101.70 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:59.278747082 CET | 202.61.197.122 | 192.168.2.14 | 0x5e2a | No error (0) | 64.227.79.152 | A (IP address) | IN (0x0001) | false | ||
Mar 10, 2025 03:02:59.278747082 CET | 202.61.197.122 | 192.168.2.14 | 0x5e2a | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 02:01:00 |
Start date (UTC): | 10/03/2025 |
Path: | /tmp/zermips.elf |
Arguments: | /tmp/zermips.elf |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 02:01:01 |
Start date (UTC): | 10/03/2025 |
Path: | /tmp/zermips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 02:01:01 |
Start date (UTC): | 10/03/2025 |
Path: | /tmp/zermips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |