Windows
Analysis Report
https://www.google.cg/url?url=https://xzebqqeqx&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&uxkkrka=p0&&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&uxkkrka=p0&nwexrn=uxkkrka&pmbeq=xzebqqeqx&q=amp/pfop72j.lxnhgostxaxpazjod.com/xm2z7dsyo&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexr
Overview
General Information
Detection
Score: | 2 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2872 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4960 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2052 --fi eld-trial- handle=189 6,i,118421 8221580559 842,415497 6847397048 763,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6468 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://www.g oogle.cg/u rl?url=htt ps://xzebq qeqx&wjjl= vpbxjdcm&w jjl=vpbxjd cm&uxkkrka =p0&nwexrn =uxkkrka&u xkkrka=p0& &wjjl=vpbx jdcm&wjjl= vpbxjdcm&u xkkrka=p0& nwexrn=uxk krka&uxkkr ka=p0&nwex rn=uxkkrka &pmbeq=xze bqqeqx&q=a mp/pfop72j .lxnhgostx axpazjod.c om/xm2z7ds yo&wjjl=vp bxjdcm&wjj l=vpbxjdcm &uxkkrka=p 0&nwexrn=u xkkrka&pmb eq=xzebqqe qx&wjjl=vp bxjdcm&wjj l=vpbxjdcm &uxkkrka=p 0" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | HTTP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
pfop72j.lxnhgostxaxpazjod.com | 94.156.65.137 | true | false | unknown | |
www.google.com | 108.177.122.104 | true | false | unknown | |
www.google.cg | 216.58.206.35 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
198.187.3.20.in-addr.arpa | unknown | unknown | false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.164 | unknown | United States | 15169 | GOOGLEUS | false | |
94.156.65.137 | pfop72j.lxnhgostxaxpazjod.com | Bulgaria | 31420 | TERASYST-ASBG | false | |
108.177.122.104 | www.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.35 | www.google.cg | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1500053 |
Start date and time: | 2024-08-27 20:19:24 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 2m 57s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://www.google.cg/url?url=https://xzebqqeqx&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&uxkkrka=p0&&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&uxkkrka=p0&nwexrn=uxkkrka&pmbeq=xzebqqeqx&q=amp/pfop72j.lxnhgostxaxpazjod.com/xm2z7dsyo&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&pmbeq=xzebqqeqx&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean2.win@26/5@9/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 108.177.15.84, 142.250.9.102, 142.250.9.138, 142.250.9.139, 142.250.9.113, 142.250.9.101, 142.250.9.100, 172.217.16.195, 34.104.35.123, 40.68.123.157, 199.232.214.172, 192.229.221.95, 52.165.164.15, 13.95.31.18, 20.3.187.198, 13.85.23.86, 52.165.165.26, 142.250.186.163
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://www.google.cg/url?url=https://xzebqqeqx&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&uxkkrka=p0&&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&uxkkrka=p0&nwexrn=uxkkrka&pmbeq=xzebqqeqx&q=amp/pfop72j.lxnhgostxaxpazjod.com/xm2z7dsyo&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0&nwexrn=uxkkrka&pmbeq=xzebqqeqx&wjjl=vpbxjdcm&wjjl=vpbxjdcm&uxkkrka=p0
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2872_1617094001\LICENSE
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1558 |
Entropy (8bit): | 5.11458514637545 |
Encrypted: | false |
SSDEEP: | 48:OBOCrYJ4rYJVwUCLHDy43HV713XEyMmZ3teTHn:LCrYJ4rYJVwUCHZ3Z13XtdUTH |
MD5: | EE002CB9E51BB8DFA89640A406A1090A |
SHA1: | 49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2 |
SHA-256: | 3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B |
SHA-512: | D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2872_1617094001\_metadata\verified_contents.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1864 |
Entropy (8bit): | 6.021127689065198 |
Encrypted: | false |
SSDEEP: | 48:p/hUI1atAdI567akUmYWEFw/3+ovGJ4F3jkZUbvzk98g5m7:RnYQI47avYUwvVGJ41jkZIzxgA7 |
MD5: | 68E6B5733E04AB7BF19699A84D8ABBC2 |
SHA1: | 1C11F06CA1AD3ED8116D356AB9164FD1D52B5CF0 |
SHA-256: | F095F969D6711F53F97747371C83D5D634EAEF21C54CB1A6A1CC5B816D633709 |
SHA-512: | 9DC5D824A55C969820D5D1FBB0CA7773361F044AE0C255E7C48D994E16CE169FCEAC3DE180A3A544EBEF32337EA535683115584D592370E5FE7D85C68B86C891 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2872_1617094001\manifest.fingerprint
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 66 |
Entropy (8bit): | 3.9159446964030753 |
Encrypted: | false |
SSDEEP: | 3:Sq5TQRaELVHecsUDBAeHD5k:Sq5gJ+csHej5k |
MD5: | CFB54589424206D0AE6437B5673F498D |
SHA1: | D1EF6314F0F68EFDD0BA8F6CA9E59BFF863B1609 |
SHA-256: | 285AC183C35350B4B77332172413902F83726CA8F53D63859B5DA082FD425A1C |
SHA-512: | 70FDCA4A1E6B7A5FFED3414E2DB74FECA7E0FD17482B8CB30393DFEE20AB9AD2B0B00FF0C590DD0E8D744D0EAD876CE8844519AF66618ED14666BCA56DF2DA21 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2872_1617094001\manifest.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 85 |
Entropy (8bit): | 4.4533115571544695 |
Encrypted: | false |
SSDEEP: | 3:rR6TAulhFphifFCmMARWHJqS1tean:F6VlM8aRWpqS1ln |
MD5: | C3419069A1C30140B77045ABA38F12CF |
SHA1: | 11920F0C1E55CADC7D2893D1EEBB268B3459762A |
SHA-256: | DB9A702209807BA039871E542E8356219F342A8D9C9CA34BCD9A86727F4A3A0F |
SHA-512: | C5E95A4E9F5919CB14F4127539C4353A55C5F68062BF6F95E1843B6690CEBED3C93170BADB2412B7FB9F109A620385B0AE74783227D6813F26FF8C29074758A1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2872_1617094001\sets.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 9748 |
Entropy (8bit): | 4.629326694042306 |
Encrypted: | false |
SSDEEP: | 96:Mon4mvC4qX19s1blbw/BNKLcxbdmf56MFJtRTGXvcxN43uP+8qJq:v5C4ql7BkIVmtRTGXvcxBsq |
MD5: | EEA4913A6625BEB838B3E4E79999B627 |
SHA1: | 1B4966850F1B117041407413B70BFA925FD83703 |
SHA-256: | 20EF4DE871ECE3C5F14867C4AE8465999C7A2CC1633525E752320E61F78A373C |
SHA-512: | 31B1429A5FACD6787F6BB45216A4AB1C724C79438C18EBFA8C19CED83149C17783FD492A03197110A75AAF38486A9F58828CA30B58D41E0FE89DFE8BDFC8A004 |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 27, 2024 20:20:08.952959061 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Aug 27, 2024 20:20:18.561289072 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Aug 27, 2024 20:20:19.307543039 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.307590008 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.307717085 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.308041096 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.308048010 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.308199883 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.308273077 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.308286905 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.308510065 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.308525085 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.975734949 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.976031065 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.976061106 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.977502108 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.977565050 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.978961945 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.979032993 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.979155064 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.979170084 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.980288982 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.980545044 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.980570078 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.981596947 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:19.981659889 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.982116938 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:19.982187986 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.031713963 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.035729885 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.035759926 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.077265024 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.277497053 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.277564049 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.277642965 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.278404951 CEST | 49736 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.278429031 CEST | 443 | 49736 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.282319069 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.324497938 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.526138067 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.526815891 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.526853085 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.526896000 CEST | 443 | 49735 | 216.58.206.35 | 192.168.2.4 |
Aug 27, 2024 20:20:20.527010918 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.527010918 CEST | 49735 | 443 | 192.168.2.4 | 216.58.206.35 |
Aug 27, 2024 20:20:20.569684982 CEST | 49739 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:20.575287104 CEST | 80 | 49739 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:20.575400114 CEST | 49739 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:20.575588942 CEST | 49739 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:20.581198931 CEST | 80 | 49739 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:21.248249054 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.248282909 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.248348951 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.249222994 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.249233961 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.756347895 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.793008089 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.793029070 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.793998003 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.794059992 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.801922083 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.801986933 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.843256950 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:21.843266964 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:21.889806032 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:22.184643984 CEST | 80 | 49739 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:22.184710979 CEST | 49739 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:22.186237097 CEST | 49739 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:22.191404104 CEST | 80 | 49739 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:22.215775013 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:22.215828896 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:22.215905905 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:22.218408108 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:22.218430996 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:22.908088923 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:22.908198118 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:22.911789894 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:22.911819935 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:22.912048101 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:22.953324080 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:22.985383987 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.032496929 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:23.213377953 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:23.213416100 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:23.213510990 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.213707924 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.213707924 CEST | 49741 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.213733912 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:23.213747978 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:23.420730114 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.420778036 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:23.420849085 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.421797991 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:23.421821117 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:24.077311039 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:24.077717066 CEST | 49744 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:24.082493067 CEST | 80 | 49743 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:24.082564116 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:24.082766056 CEST | 80 | 49744 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:24.082814932 CEST | 49744 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:24.097882986 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:24.404512882 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.015485048 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.144088030 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.144222975 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:25.146836042 CEST | 80 | 49743 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.147087097 CEST | 80 | 49743 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.147162914 CEST | 80 | 49743 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.147581100 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:25.147597075 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.147838116 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.149921894 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:25.192512989 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.692743063 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.692807913 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.692900896 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:25.697344065 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:25.697370052 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.697382927 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Aug 27, 2024 20:20:25.697391033 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Aug 27, 2024 20:20:25.701802969 CEST | 80 | 49743 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.701868057 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.705285072 CEST | 80 | 49744 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.705363989 CEST | 49744 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.705516100 CEST | 49743 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.705861092 CEST | 49744 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.709650993 CEST | 49745 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.710388899 CEST | 80 | 49743 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.710882902 CEST | 80 | 49744 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.714663982 CEST | 80 | 49745 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:25.714750051 CEST | 49745 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.714962006 CEST | 49745 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:25.720778942 CEST | 80 | 49745 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:27.337168932 CEST | 80 | 49745 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:27.337254047 CEST | 49745 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:27.337765932 CEST | 49745 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:27.343293905 CEST | 80 | 49745 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:31.679033995 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:31.679088116 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:31.679199934 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:31.825057983 CEST | 49740 | 443 | 192.168.2.4 | 108.177.122.104 |
Aug 27, 2024 20:20:31.825076103 CEST | 443 | 49740 | 108.177.122.104 | 192.168.2.4 |
Aug 27, 2024 20:20:32.380781889 CEST | 49747 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:32.381202936 CEST | 49748 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:32.386749029 CEST | 80 | 49747 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:32.386888027 CEST | 80 | 49748 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:32.386981964 CEST | 49747 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:32.389180899 CEST | 49748 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:32.469939947 CEST | 49748 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:32.475212097 CEST | 80 | 49748 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:34.003243923 CEST | 80 | 49748 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:34.003350973 CEST | 49748 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:34.003460884 CEST | 49748 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:34.004146099 CEST | 49747 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:34.008431911 CEST | 80 | 49748 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:34.009331942 CEST | 80 | 49747 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:36.412379980 CEST | 80 | 49747 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:36.412440062 CEST | 49747 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:36.412549019 CEST | 49747 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:36.413094997 CEST | 49754 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:36.421308994 CEST | 80 | 49747 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:36.421533108 CEST | 80 | 49754 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:36.421691895 CEST | 49754 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:36.421880960 CEST | 49754 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:36.427010059 CEST | 80 | 49754 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:38.045851946 CEST | 80 | 49754 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:38.045969009 CEST | 49754 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:38.046468973 CEST | 49754 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:20:38.051834106 CEST | 80 | 49754 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:20:48.445940018 CEST | 57827 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 27, 2024 20:20:48.450818062 CEST | 53 | 57827 | 162.159.36.2 | 192.168.2.4 |
Aug 27, 2024 20:20:48.450894117 CEST | 57827 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 27, 2024 20:20:48.451021910 CEST | 57827 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 27, 2024 20:20:48.456080914 CEST | 53 | 57827 | 162.159.36.2 | 192.168.2.4 |
Aug 27, 2024 20:20:48.896939993 CEST | 53 | 57827 | 162.159.36.2 | 192.168.2.4 |
Aug 27, 2024 20:20:48.897634983 CEST | 57827 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 27, 2024 20:20:48.903048992 CEST | 53 | 57827 | 162.159.36.2 | 192.168.2.4 |
Aug 27, 2024 20:20:48.903112888 CEST | 57827 | 53 | 192.168.2.4 | 162.159.36.2 |
Aug 27, 2024 20:21:08.166378021 CEST | 57832 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:08.167990923 CEST | 57833 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:08.171336889 CEST | 80 | 57832 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:08.171442986 CEST | 57832 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:08.171705008 CEST | 57832 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:08.172909021 CEST | 80 | 57833 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:08.172972918 CEST | 57833 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:08.176637888 CEST | 80 | 57832 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:09.778796911 CEST | 80 | 57832 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:09.778862000 CEST | 57832 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:09.779458046 CEST | 57832 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:09.783061981 CEST | 80 | 57833 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:09.783121109 CEST | 57833 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:09.784296989 CEST | 80 | 57832 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:09.828902960 CEST | 57833 | 80 | 192.168.2.4 | 94.156.65.137 |
Aug 27, 2024 20:21:09.836976051 CEST | 80 | 57833 | 94.156.65.137 | 192.168.2.4 |
Aug 27, 2024 20:21:16.139041901 CEST | 60459 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:16.143882036 CEST | 53 | 60459 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:16.143971920 CEST | 60459 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:16.144094944 CEST | 60459 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:16.148849964 CEST | 53 | 60459 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:16.590037107 CEST | 53 | 60459 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:16.639166117 CEST | 60459 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:16.688225031 CEST | 60459 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:16.693948030 CEST | 53 | 60459 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:16.694004059 CEST | 60459 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:21.423058033 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:21.423094034 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:21.423165083 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:21.423841000 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:21.423862934 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:22.053312063 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:22.056967974 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:22.056991100 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:22.057320118 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:22.060318947 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:22.060384989 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:22.108814955 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:26.187231064 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 27, 2024 20:21:26.187294006 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 27, 2024 20:21:26.192588091 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Aug 27, 2024 20:21:26.192727089 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 27, 2024 20:21:26.192961931 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Aug 27, 2024 20:21:26.193030119 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Aug 27, 2024 20:21:31.962146044 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:31.962212086 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Aug 27, 2024 20:21:31.962697029 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:33.829809904 CEST | 60463 | 443 | 192.168.2.4 | 142.250.186.164 |
Aug 27, 2024 20:21:33.829842091 CEST | 443 | 60463 | 142.250.186.164 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 27, 2024 20:20:17.400525093 CEST | 53 | 54844 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:17.401545048 CEST | 53 | 56870 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:18.210197926 CEST | 53 | 55484 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:19.283781052 CEST | 62177 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:19.284061909 CEST | 58194 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:19.291322947 CEST | 53 | 62177 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:19.319842100 CEST | 53 | 58194 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:20.529851913 CEST | 61986 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:20.530014038 CEST | 56161 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:20.564673901 CEST | 53 | 61986 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:20.569160938 CEST | 53 | 56161 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:21.237150908 CEST | 62633 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:21.237962961 CEST | 56817 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:21.245944977 CEST | 53 | 62633 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:21.246407986 CEST | 53 | 56817 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:35.387202024 CEST | 53 | 59875 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:20:37.764655113 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Aug 27, 2024 20:20:48.445151091 CEST | 53 | 52884 | 162.159.36.2 | 192.168.2.4 |
Aug 27, 2024 20:20:48.914464951 CEST | 54563 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:20:48.925254107 CEST | 53 | 54563 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:08.145757914 CEST | 49952 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:08.162491083 CEST | 53 | 49952 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:16.137593985 CEST | 53 | 56836 | 1.1.1.1 | 192.168.2.4 |
Aug 27, 2024 20:21:21.412997007 CEST | 53643 | 53 | 192.168.2.4 | 1.1.1.1 |
Aug 27, 2024 20:21:21.420794010 CEST | 53 | 53643 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Aug 27, 2024 20:20:19.319927931 CEST | 192.168.2.4 | 1.1.1.1 | c21f | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Aug 27, 2024 20:20:19.283781052 CEST | 192.168.2.4 | 1.1.1.1 | 0x38f9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 27, 2024 20:20:19.284061909 CEST | 192.168.2.4 | 1.1.1.1 | 0x1685 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 27, 2024 20:20:20.529851913 CEST | 192.168.2.4 | 1.1.1.1 | 0x3293 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 27, 2024 20:20:20.530014038 CEST | 192.168.2.4 | 1.1.1.1 | 0xd43a | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 27, 2024 20:20:21.237150908 CEST | 192.168.2.4 | 1.1.1.1 | 0xf3f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 27, 2024 20:20:21.237962961 CEST | 192.168.2.4 | 1.1.1.1 | 0x3cfe | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 27, 2024 20:20:48.914464951 CEST | 192.168.2.4 | 1.1.1.1 | 0x9997 | Standard query (0) | PTR (Pointer record) | IN (0x0001) | false | |
Aug 27, 2024 20:21:08.145757914 CEST | 192.168.2.4 | 1.1.1.1 | 0xe70 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 27, 2024 20:21:21.412997007 CEST | 192.168.2.4 | 1.1.1.1 | 0x16a4 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Aug 27, 2024 20:20:19.291322947 CEST | 1.1.1.1 | 192.168.2.4 | 0x38f9 | No error (0) | 216.58.206.35 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:20.564673901 CEST | 1.1.1.1 | 192.168.2.4 | 0x3293 | No error (0) | 94.156.65.137 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.245944977 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3f3 | No error (0) | 108.177.122.104 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.245944977 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3f3 | No error (0) | 108.177.122.99 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.245944977 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3f3 | No error (0) | 108.177.122.106 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.245944977 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3f3 | No error (0) | 108.177.122.103 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.245944977 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3f3 | No error (0) | 108.177.122.147 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.245944977 CEST | 1.1.1.1 | 192.168.2.4 | 0xf3f3 | No error (0) | 108.177.122.105 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:21.246407986 CEST | 1.1.1.1 | 192.168.2.4 | 0x3cfe | No error (0) | 65 | IN (0x0001) | false | |||
Aug 27, 2024 20:20:32.508398056 CEST | 1.1.1.1 | 192.168.2.4 | 0xeca0 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:32.508398056 CEST | 1.1.1.1 | 192.168.2.4 | 0xeca0 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:33.051317930 CEST | 1.1.1.1 | 192.168.2.4 | 0x37b4 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:33.051317930 CEST | 1.1.1.1 | 192.168.2.4 | 0x37b4 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:46.428828955 CEST | 1.1.1.1 | 192.168.2.4 | 0xb687 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:46.428828955 CEST | 1.1.1.1 | 192.168.2.4 | 0xb687 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:20:48.925254107 CEST | 1.1.1.1 | 192.168.2.4 | 0x9997 | Name error (3) | none | none | PTR (Pointer record) | IN (0x0001) | false | |
Aug 27, 2024 20:21:08.162491083 CEST | 1.1.1.1 | 192.168.2.4 | 0xe70 | No error (0) | 94.156.65.137 | A (IP address) | IN (0x0001) | false | ||
Aug 27, 2024 20:21:21.420794010 CEST | 1.1.1.1 | 192.168.2.4 | 0x16a4 | No error (0) | 142.250.186.164 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49739 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:20:20.575588942 CEST | 453 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49743 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:20:24.097882986 CEST | 479 | OUT | |
Aug 27, 2024 20:20:24.404512882 CEST | 479 | OUT | |
Aug 27, 2024 20:20:25.015485048 CEST | 479 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49745 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:20:25.714962006 CEST | 479 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49748 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:20:32.469939947 CEST | 479 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49747 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:20:34.004146099 CEST | 479 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49754 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:20:36.421880960 CEST | 479 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 57832 | 94.156.65.137 | 80 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Aug 27, 2024 20:21:08.171705008 CEST | 479 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 216.58.206.35 | 443 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 18:20:19 UTC | 1143 | OUT | |
2024-08-27 18:20:20 UTC | 1007 | IN | |
2024-08-27 18:20:20 UTC | 262 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 216.58.206.35 | 443 | 4960 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 18:20:20 UTC | 1042 | OUT | |
2024-08-27 18:20:20 UTC | 815 | IN | |
2024-08-27 18:20:20 UTC | 243 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49741 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 18:20:22 UTC | 161 | OUT | |
2024-08-27 18:20:23 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49742 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-27 18:20:25 UTC | 239 | OUT | |
2024-08-27 18:20:25 UTC | 514 | IN | |
2024-08-27 18:20:25 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 14:20:13 |
Start date: | 27/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 14:20:15 |
Start date: | 27/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 14:20:18 |
Start date: | 27/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |