Linux
Analysis Report
zerm68k.elf
Overview
General Information
Sample name: | zerm68k.elf |
Analysis ID: | 1643379 |
MD5: | 4dd58768f271d36f3b23043c9866296f |
SHA1: | 133f7a911a2190b9e8653e3744f40bc05299384c |
SHA256: | a189b049572d348c7b6e967debfdc7d98c5acb66c51dae65f859c10068f8bc85 |
Tags: | elfuser-abuse_ch |
Infos: |
Detection
Score: | 52 |
Range: | 0 - 100 |
Signatures
Multi AV Scanner detection for submitted file
Sends malformed DNS queries
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample has stripped symbol table
Sample listens on a socket
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1643379 |
Start date and time: | 2025-03-19 19:57:26 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 49s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | zerm68k.elf |
Detection: | MAL |
Classification: | mal52.troj.linELF@0/0@35/0 |
Command: | /tmp/zerm68k.elf |
PID: | 6215 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | gosh that chinese family at the other table sure ate a lot |
Standard Error: |
- system is lnxubuntu20
- zerm68k.elf New Fork (PID: 6217, Parent: 6215)
- zerm68k.elf New Fork (PID: 6219, Parent: 6217)
- cleanup
⊘No yara matches
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | DNS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 2 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
34% | Virustotal | Browse | ||
28% | ReversingLabs | Linux.Backdoor.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
ohlookthereismyboats.geek | 45.147.251.145 | true | false | high | |
watchmepull.dyn. [malformed] | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
104.248.47.182 | unknown | United States | 14061 | DIGITALOCEAN-ASNUS | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
45.147.251.145 | ohlookthereismyboats.geek | Germany | 197518 | RACKMARKTES | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
109.202.202.202 | Get hash | malicious | Unknown | Browse |
| |
104.248.47.182 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
91.189.91.43 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
91.189.91.42 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
45.147.251.145 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ohlookthereismyboats.geek | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
DIGITALOCEAN-ASNUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
RACKMARKTES | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INIT7CH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.212182824059992 |
TrID: |
|
File name: | zerm68k.elf |
File size: | 47'980 bytes |
MD5: | 4dd58768f271d36f3b23043c9866296f |
SHA1: | 133f7a911a2190b9e8653e3744f40bc05299384c |
SHA256: | a189b049572d348c7b6e967debfdc7d98c5acb66c51dae65f859c10068f8bc85 |
SHA512: | 560ec5f717847e1bad3295b251cd2157cd7c63abe1b331dc5b8b61af5425bb6c5ae7de9373735d46777b95f7ad39d9989c1a6718acd7715804c4396cb6b79b40 |
SSDEEP: | 768:kmWPexCFxIdISH3hdUd84vztioO2ABveg7XHT8uqjFH8Z0v5Uu:kzPCCFzSHxdUeWtiB2AB/7XHwuqJ8Zwh |
TLSH: | EE231995A801AC3DFD4BE7BE8513090DF561375610820B3BA3ABFED36D722E49D26D81 |
File Content Preview: | .ELF.......................D...4.........4. ...(.................................. ............................... .dt.Q............................NV..a....da....PN^NuNV..J9...pf>"y.... QJ.g.X.#.....N."y.... QJ.f.A.....J.g.Hy....N.X........pN^NuNV..N^NuN |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 47540 |
Section Header Size: | 40 |
Number of Section Headers: | 11 |
Header String Table Index: | 10 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x80000094 | 0x94 | 0x14 | 0x0 | 0x6 | AX | 0 | 0 | 2 |
.text | PROGBITS | 0x800000a8 | 0xa8 | 0xaf7a | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.fini | PROGBITS | 0x8000b022 | 0xb022 | 0xe | 0x0 | 0x6 | AX | 0 | 0 | 2 |
.rodata | PROGBITS | 0x8000b030 | 0xb030 | 0x77e | 0x0 | 0x2 | A | 0 | 0 | 2 |
.ctors | PROGBITS | 0x8000d7b4 | 0xb7b4 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x8000d7bc | 0xb7bc | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.jcr | PROGBITS | 0x8000d7c4 | 0xb7c4 | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x8000d7c8 | 0xb7c8 | 0x1a8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x8000d970 | 0xb970 | 0x22c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0xb970 | 0x43 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x80000000 | 0x80000000 | 0xb7ae | 0xb7ae | 6.2551 | 0x5 | R E | 0x2000 | .init .text .fini .rodata | |
LOAD | 0xb7b4 | 0x8000d7b4 | 0x8000d7b4 | 0x1bc | 0x3e8 | 2.3209 | 0x6 | RW | 0x2000 | .ctors .dtors .jcr .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 99
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 19, 2025 19:58:15.275203943 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Mar 19, 2025 19:58:19.013299942 CET | 54350 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:19.018059015 CET | 1440 | 54350 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:19.021145105 CET | 54350 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:19.074059010 CET | 54350 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:19.078778982 CET | 1440 | 54350 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:19.079461098 CET | 54350 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:19.084152937 CET | 1440 | 54350 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:20.650818110 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Mar 19, 2025 19:58:21.418426991 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Mar 19, 2025 19:58:29.082956076 CET | 54350 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:29.093375921 CET | 1440 | 54350 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:29.308587074 CET | 1440 | 54350 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:29.308942080 CET | 54350 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:29.313630104 CET | 1440 | 54350 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:30.497742891 CET | 54352 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:30.502439022 CET | 1440 | 54352 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:30.502499104 CET | 54352 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:30.504391909 CET | 54352 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:30.509057999 CET | 1440 | 54352 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:30.509104013 CET | 54352 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:30.513799906 CET | 1440 | 54352 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:36.008343935 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Mar 19, 2025 19:58:41.123586893 CET | 1440 | 54352 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:41.124229908 CET | 54352 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:41.129353046 CET | 1440 | 54352 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:42.318721056 CET | 54354 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:42.323493958 CET | 1440 | 54354 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:42.323620081 CET | 54354 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:42.325048923 CET | 54354 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:42.329839945 CET | 1440 | 54354 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:42.329936981 CET | 54354 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:42.334590912 CET | 1440 | 54354 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:46.246941090 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Mar 19, 2025 19:58:52.390166998 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Mar 19, 2025 19:58:52.952117920 CET | 1440 | 54354 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:52.952550888 CET | 54354 | 1440 | 192.168.2.23 | 45.147.251.145 |
Mar 19, 2025 19:58:52.957351923 CET | 1440 | 54354 | 45.147.251.145 | 192.168.2.23 |
Mar 19, 2025 19:58:53.980611086 CET | 45244 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:58:53.985321045 CET | 1440 | 45244 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:58:53.985379934 CET | 45244 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:58:53.986747980 CET | 45244 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:58:53.991439104 CET | 1440 | 45244 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:58:53.991492033 CET | 45244 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:58:53.996201038 CET | 1440 | 45244 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:04.558557987 CET | 1440 | 45244 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:04.558876038 CET | 45244 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:04.564151049 CET | 1440 | 45244 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:05.656835079 CET | 45246 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:05.661750078 CET | 1440 | 45246 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:05.661812067 CET | 45246 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:05.662797928 CET | 45246 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:05.667459011 CET | 1440 | 45246 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:05.667570114 CET | 45246 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:05.672266006 CET | 1440 | 45246 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:16.243410110 CET | 1440 | 45246 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:16.243627071 CET | 45246 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:16.248367071 CET | 1440 | 45246 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:16.962759018 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Mar 19, 2025 19:59:17.272553921 CET | 45248 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:17.277839899 CET | 1440 | 45248 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:17.277954102 CET | 45248 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:17.279306889 CET | 45248 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:17.284454107 CET | 1440 | 45248 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:17.284527063 CET | 45248 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:17.290844917 CET | 1440 | 45248 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:27.875766039 CET | 1440 | 45248 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:27.876317978 CET | 45248 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:27.881048918 CET | 1440 | 45248 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:29.328950882 CET | 45250 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:29.333767891 CET | 1440 | 45250 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:29.333856106 CET | 45250 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:29.335488081 CET | 45250 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:29.340152979 CET | 1440 | 45250 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:29.340224981 CET | 45250 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:29.346261024 CET | 1440 | 45250 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:37.439856052 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Mar 19, 2025 19:59:39.343585014 CET | 45250 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:39.349205017 CET | 1440 | 45250 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:39.542864084 CET | 1440 | 45250 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:39.543154955 CET | 45250 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:39.547842026 CET | 1440 | 45250 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:40.564584017 CET | 45252 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:40.569325924 CET | 1440 | 45252 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:40.569452047 CET | 45252 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:40.571508884 CET | 45252 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:40.576245070 CET | 1440 | 45252 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:40.576318026 CET | 45252 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:40.581037045 CET | 1440 | 45252 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:51.165476084 CET | 1440 | 45252 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:51.165774107 CET | 45252 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:51.170588017 CET | 1440 | 45252 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:52.779273033 CET | 45254 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:52.783950090 CET | 1440 | 45254 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:52.784044981 CET | 45254 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:52.785423994 CET | 45254 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:52.790024042 CET | 1440 | 45254 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 19:59:52.790077925 CET | 45254 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 19:59:52.794702053 CET | 1440 | 45254 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:03.348254919 CET | 1440 | 45254 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:03.348558903 CET | 45254 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:03.353228092 CET | 1440 | 45254 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:04.367573023 CET | 45256 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:04.372309923 CET | 1440 | 45256 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:04.372369051 CET | 45256 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:04.373402119 CET | 45256 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:04.378045082 CET | 1440 | 45256 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:04.378096104 CET | 45256 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:04.382847071 CET | 1440 | 45256 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:14.949330091 CET | 1440 | 45256 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:14.949667931 CET | 45256 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:14.954374075 CET | 1440 | 45256 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:16.075364113 CET | 45258 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:16.080373049 CET | 1440 | 45258 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:16.080451012 CET | 45258 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:16.081633091 CET | 45258 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:16.086311102 CET | 1440 | 45258 | 104.248.47.182 | 192.168.2.23 |
Mar 19, 2025 20:00:16.086380005 CET | 45258 | 1440 | 192.168.2.23 | 104.248.47.182 |
Mar 19, 2025 20:00:16.091562033 CET | 1440 | 45258 | 104.248.47.182 | 192.168.2.23 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 19, 2025 19:58:18.938385963 CET | 34867 | 53 | 192.168.2.23 | 81.169.136.222 |
Mar 19, 2025 19:58:18.968059063 CET | 53 | 34867 | 81.169.136.222 | 192.168.2.23 |
Mar 19, 2025 19:58:30.311816931 CET | 57386 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:30.348360062 CET | 53 | 57386 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:30.350167036 CET | 52139 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:30.386076927 CET | 53 | 52139 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:30.387160063 CET | 58817 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:30.422776937 CET | 53 | 58817 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:30.423893929 CET | 37887 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:30.459500074 CET | 53 | 37887 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:30.461323023 CET | 57628 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:30.497081041 CET | 53 | 57628 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:42.130305052 CET | 48366 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:42.166039944 CET | 53 | 48366 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:42.168205976 CET | 47425 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:42.203798056 CET | 53 | 47425 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:42.206139088 CET | 37798 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:42.241698027 CET | 53 | 37798 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:42.243581057 CET | 47794 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:42.279023886 CET | 53 | 47794 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:42.281188011 CET | 33534 | 53 | 192.168.2.23 | 185.181.61.24 |
Mar 19, 2025 19:58:42.316809893 CET | 53 | 33534 | 185.181.61.24 | 192.168.2.23 |
Mar 19, 2025 19:58:53.955540895 CET | 41795 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 19:58:53.979490995 CET | 53 | 41795 | 194.36.144.87 | 192.168.2.23 |
Mar 19, 2025 19:59:05.561845064 CET | 33518 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 19, 2025 19:59:05.579330921 CET | 53 | 33518 | 202.61.197.122 | 192.168.2.23 |
Mar 19, 2025 19:59:05.580899000 CET | 43956 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 19, 2025 19:59:05.598627090 CET | 53 | 43956 | 202.61.197.122 | 192.168.2.23 |
Mar 19, 2025 19:59:05.600672007 CET | 60174 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 19, 2025 19:59:05.618324041 CET | 53 | 60174 | 202.61.197.122 | 192.168.2.23 |
Mar 19, 2025 19:59:05.619997025 CET | 47441 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 19, 2025 19:59:05.637651920 CET | 53 | 47441 | 202.61.197.122 | 192.168.2.23 |
Mar 19, 2025 19:59:05.638840914 CET | 38343 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 19, 2025 19:59:05.656157017 CET | 53 | 38343 | 202.61.197.122 | 192.168.2.23 |
Mar 19, 2025 19:59:17.247596025 CET | 42214 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 19:59:17.271200895 CET | 53 | 42214 | 194.36.144.87 | 192.168.2.23 |
Mar 19, 2025 19:59:28.879451990 CET | 55078 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:28.968696117 CET | 53 | 55078 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:28.970607042 CET | 47674 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:29.058770895 CET | 53 | 47674 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:29.060587883 CET | 60827 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:29.147984982 CET | 53 | 60827 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:29.149817944 CET | 34909 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:29.238691092 CET | 53 | 34909 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:29.240850925 CET | 47949 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:29.327655077 CET | 53 | 47949 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:40.545681000 CET | 48252 | 53 | 192.168.2.23 | 202.61.197.122 |
Mar 19, 2025 19:59:40.563940048 CET | 53 | 48252 | 202.61.197.122 | 192.168.2.23 |
Mar 19, 2025 19:59:52.169198990 CET | 41658 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:52.416045904 CET | 53 | 41658 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:52.417737007 CET | 54733 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:52.506804943 CET | 53 | 54733 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:52.508352041 CET | 48114 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:52.595469952 CET | 53 | 48114 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:52.597090006 CET | 53145 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:52.686135054 CET | 53 | 53145 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 19:59:52.687510967 CET | 41358 | 53 | 192.168.2.23 | 168.235.111.72 |
Mar 19, 2025 19:59:52.778234959 CET | 53 | 41358 | 168.235.111.72 | 192.168.2.23 |
Mar 19, 2025 20:00:04.351552963 CET | 59666 | 53 | 192.168.2.23 | 51.158.108.203 |
Mar 19, 2025 20:00:04.366988897 CET | 53 | 59666 | 51.158.108.203 | 192.168.2.23 |
Mar 19, 2025 20:00:15.952207088 CET | 35567 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 20:00:15.974725008 CET | 53 | 35567 | 194.36.144.87 | 192.168.2.23 |
Mar 19, 2025 20:00:15.976022959 CET | 50021 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 20:00:15.999417067 CET | 53 | 50021 | 194.36.144.87 | 192.168.2.23 |
Mar 19, 2025 20:00:16.000808954 CET | 60221 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 20:00:16.024589062 CET | 53 | 60221 | 194.36.144.87 | 192.168.2.23 |
Mar 19, 2025 20:00:16.025599003 CET | 57719 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 20:00:16.048108101 CET | 53 | 57719 | 194.36.144.87 | 192.168.2.23 |
Mar 19, 2025 20:00:16.049556971 CET | 51146 | 53 | 192.168.2.23 | 194.36.144.87 |
Mar 19, 2025 20:00:16.074584007 CET | 53 | 51146 | 194.36.144.87 | 192.168.2.23 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 19, 2025 19:58:18.938385963 CET | 192.168.2.23 | 81.169.136.222 | 0x6ecc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 19, 2025 19:58:30.311816931 CET | 192.168.2.23 | 185.181.61.24 | 0xb52c | Standard query (0) | 256 | 470 | false | |
Mar 19, 2025 19:58:30.350167036 CET | 192.168.2.23 | 185.181.61.24 | 0xb52c | Standard query (0) | 256 | 470 | false | |
Mar 19, 2025 19:58:30.387160063 CET | 192.168.2.23 | 185.181.61.24 | 0xb52c | Standard query (0) | 256 | 470 | false | |
Mar 19, 2025 19:58:30.423893929 CET | 192.168.2.23 | 185.181.61.24 | 0xb52c | Standard query (0) | 256 | 470 | false | |
Mar 19, 2025 19:58:30.461323023 CET | 192.168.2.23 | 185.181.61.24 | 0xb52c | Standard query (0) | 256 | 470 | false | |
Mar 19, 2025 19:58:42.130305052 CET | 192.168.2.23 | 185.181.61.24 | 0xb322 | Standard query (0) | 256 | 482 | false | |
Mar 19, 2025 19:58:42.168205976 CET | 192.168.2.23 | 185.181.61.24 | 0xb322 | Standard query (0) | 256 | 482 | false | |
Mar 19, 2025 19:58:42.206139088 CET | 192.168.2.23 | 185.181.61.24 | 0xb322 | Standard query (0) | 256 | 482 | false | |
Mar 19, 2025 19:58:42.243581057 CET | 192.168.2.23 | 185.181.61.24 | 0xb322 | Standard query (0) | 256 | 482 | false | |
Mar 19, 2025 19:58:42.281188011 CET | 192.168.2.23 | 185.181.61.24 | 0xb322 | Standard query (0) | 256 | 482 | false | |
Mar 19, 2025 19:58:53.955540895 CET | 192.168.2.23 | 194.36.144.87 | 0xe4bb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 19, 2025 19:59:05.561845064 CET | 192.168.2.23 | 202.61.197.122 | 0x173c | Standard query (0) | 256 | 505 | false | |
Mar 19, 2025 19:59:05.580899000 CET | 192.168.2.23 | 202.61.197.122 | 0x173c | Standard query (0) | 256 | 505 | false | |
Mar 19, 2025 19:59:05.600672007 CET | 192.168.2.23 | 202.61.197.122 | 0x173c | Standard query (0) | 256 | 505 | false | |
Mar 19, 2025 19:59:05.619997025 CET | 192.168.2.23 | 202.61.197.122 | 0x173c | Standard query (0) | 256 | 505 | false | |
Mar 19, 2025 19:59:05.638840914 CET | 192.168.2.23 | 202.61.197.122 | 0x173c | Standard query (0) | 256 | 505 | false | |
Mar 19, 2025 19:59:17.247596025 CET | 192.168.2.23 | 194.36.144.87 | 0x41c2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 19, 2025 19:59:28.879451990 CET | 192.168.2.23 | 168.235.111.72 | 0x9eef | Standard query (0) | 256 | 272 | false | |
Mar 19, 2025 19:59:28.970607042 CET | 192.168.2.23 | 168.235.111.72 | 0x9eef | Standard query (0) | 256 | 273 | false | |
Mar 19, 2025 19:59:29.060587883 CET | 192.168.2.23 | 168.235.111.72 | 0x9eef | Standard query (0) | 256 | 273 | false | |
Mar 19, 2025 19:59:29.149817944 CET | 192.168.2.23 | 168.235.111.72 | 0x9eef | Standard query (0) | 256 | 273 | false | |
Mar 19, 2025 19:59:29.240850925 CET | 192.168.2.23 | 168.235.111.72 | 0x9eef | Standard query (0) | 256 | 273 | false | |
Mar 19, 2025 19:59:40.545681000 CET | 192.168.2.23 | 202.61.197.122 | 0x472c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 19, 2025 19:59:52.169198990 CET | 192.168.2.23 | 168.235.111.72 | 0x69b6 | Standard query (0) | 256 | 296 | false | |
Mar 19, 2025 19:59:52.417737007 CET | 192.168.2.23 | 168.235.111.72 | 0x69b6 | Standard query (0) | 256 | 296 | false | |
Mar 19, 2025 19:59:52.508352041 CET | 192.168.2.23 | 168.235.111.72 | 0x69b6 | Standard query (0) | 256 | 296 | false | |
Mar 19, 2025 19:59:52.597090006 CET | 192.168.2.23 | 168.235.111.72 | 0x69b6 | Standard query (0) | 256 | 296 | false | |
Mar 19, 2025 19:59:52.687510967 CET | 192.168.2.23 | 168.235.111.72 | 0x69b6 | Standard query (0) | 256 | 296 | false | |
Mar 19, 2025 20:00:04.351552963 CET | 192.168.2.23 | 51.158.108.203 | 0x6603 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 19, 2025 20:00:15.952207088 CET | 192.168.2.23 | 194.36.144.87 | 0xdc93 | Standard query (0) | 256 | 319 | false | |
Mar 19, 2025 20:00:15.976022959 CET | 192.168.2.23 | 194.36.144.87 | 0xdc93 | Standard query (0) | 256 | 319 | false | |
Mar 19, 2025 20:00:16.000808954 CET | 192.168.2.23 | 194.36.144.87 | 0xdc93 | Standard query (0) | 256 | 320 | false | |
Mar 19, 2025 20:00:16.025599003 CET | 192.168.2.23 | 194.36.144.87 | 0xdc93 | Standard query (0) | 256 | 320 | false | |
Mar 19, 2025 20:00:16.049556971 CET | 192.168.2.23 | 194.36.144.87 | 0xdc93 | Standard query (0) | 256 | 320 | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 19, 2025 19:58:18.968059063 CET | 81.169.136.222 | 192.168.2.23 | 0x6ecc | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:58:18.968059063 CET | 81.169.136.222 | 192.168.2.23 | 0x6ecc | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:58:18.968059063 CET | 81.169.136.222 | 192.168.2.23 | 0x6ecc | No error (0) | 104.248.47.182 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:58:53.979490995 CET | 194.36.144.87 | 192.168.2.23 | 0xe4bb | No error (0) | 104.248.47.182 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:58:53.979490995 CET | 194.36.144.87 | 192.168.2.23 | 0xe4bb | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:58:53.979490995 CET | 194.36.144.87 | 192.168.2.23 | 0xe4bb | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:59:17.271200895 CET | 194.36.144.87 | 192.168.2.23 | 0x41c2 | No error (0) | 104.248.47.182 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:59:17.271200895 CET | 194.36.144.87 | 192.168.2.23 | 0x41c2 | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:59:17.271200895 CET | 194.36.144.87 | 192.168.2.23 | 0x41c2 | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:59:40.563940048 CET | 202.61.197.122 | 192.168.2.23 | 0x472c | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:59:40.563940048 CET | 202.61.197.122 | 192.168.2.23 | 0x472c | No error (0) | 104.248.47.182 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 19:59:40.563940048 CET | 202.61.197.122 | 192.168.2.23 | 0x472c | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 20:00:04.366988897 CET | 51.158.108.203 | 192.168.2.23 | 0x6603 | No error (0) | 104.248.47.182 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 20:00:04.366988897 CET | 51.158.108.203 | 192.168.2.23 | 0x6603 | No error (0) | 185.220.204.227 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 20:00:04.366988897 CET | 51.158.108.203 | 192.168.2.23 | 0x6603 | No error (0) | 45.147.251.145 | A (IP address) | IN (0x0001) | false | ||
Mar 19, 2025 20:00:15.974725008 CET | 194.36.144.87 | 192.168.2.23 | 0xdc93 | Format error (1) | none | none | 256 | 319 | false | |
Mar 19, 2025 20:00:15.999417067 CET | 194.36.144.87 | 192.168.2.23 | 0xdc93 | Format error (1) | none | none | 256 | 320 | false | |
Mar 19, 2025 20:00:16.024589062 CET | 194.36.144.87 | 192.168.2.23 | 0xdc93 | Format error (1) | none | none | 256 | 320 | false | |
Mar 19, 2025 20:00:16.048108101 CET | 194.36.144.87 | 192.168.2.23 | 0xdc93 | Format error (1) | none | none | 256 | 320 | false | |
Mar 19, 2025 20:00:16.074584007 CET | 194.36.144.87 | 192.168.2.23 | 0xdc93 | Format error (1) | none | none | 256 | 320 | false |
System Behavior
Start time (UTC): | 18:58:16 |
Start date (UTC): | 19/03/2025 |
Path: | /tmp/zerm68k.elf |
Arguments: | /tmp/zerm68k.elf |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time (UTC): | 18:58:18 |
Start date (UTC): | 19/03/2025 |
Path: | /tmp/zerm68k.elf |
Arguments: | - |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |
Start time (UTC): | 18:58:18 |
Start date (UTC): | 19/03/2025 |
Path: | /tmp/zerm68k.elf |
Arguments: | - |
File size: | 4463432 bytes |
MD5 hash: | cd177594338c77b895ae27c33f8f86cc |