Windows
Analysis Report
https://claims-hadiah-dxna.t5t.my.id/
Overview
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 3472 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5912 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2340 --fi eld-trial- handle=228 0,i,293030 8555609301 425,231173 7329618430 439,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5612 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://claim s-hadiah-d xna.t5t.my .id/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: | ||
Source: | SlashNext: |
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing | ||
100% | SlashNext | Fraudulent Website type: Phishing & Social Engineering |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing | ||
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
a.nel.cloudflare.com | 35.190.80.1 | true | false | unknown | |
www.google.com | 142.250.186.68 | true | false | unknown | |
claims-hadiah-dxna.t5t.my.id | 172.67.167.190 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
157.123.68.40.in-addr.arpa | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
false |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
104.21.90.70 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.185.132 | unknown | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
172.67.167.190 | claims-hadiah-dxna.t5t.my.id | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.6 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1501465 |
Start date and time: | 2024-08-30 00:16:13 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 5s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://claims-hadiah-dxna.t5t.my.id/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal64.phis.win@16/15@10/8 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 216.58.212.163, 142.250.181.238, 108.177.15.84, 34.104.35.123, 52.165.165.26, 93.184.221.240, 192.229.221.95, 52.165.164.15, 13.95.31.18, 13.85.23.206, 20.3.187.198, 13.85.23.86, 40.68.123.157, 131.107.255.255, 142.250.185.131
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://claims-hadiah-dxna.t5t.my.id/
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.979177113191037 |
Encrypted: | false |
SSDEEP: | 48:8WdIlmjTolyPpLfHYidAKZdA19ehwiZUklqehey+3:8zlmjUlepLOty |
MD5: | 233B0A9B84BB7FCE43323CACD67FCAFE |
SHA1: | 95F6CF52FA9BB470A21DF812831E98CC63E8CDF3 |
SHA-256: | C846B04086151390FB2BCF69D121341C9FC08032AB0EE0B977A3780E4D728578 |
SHA-512: | 1B3BC48388E9C1562FF54B45768C7FE8D7AF202A0CE0E7A5701CEBDB360F7B12BA2176D71962EDF3358D684E48481F4DC312BEEF3CBEE0B01C19CDD1E712318A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9925371063091615 |
Encrypted: | false |
SSDEEP: | 48:8vOdIlmjTolyPpLfHYidAKZdA1weh/iZUkAQkqehdy+2:8jlmjUlepLM9Q0y |
MD5: | 8D7AD4A091AC8DB8075B9E197A497488 |
SHA1: | D7B469555EC3A1CADDF63A04DA383F3EA1CF415D |
SHA-256: | 34EF040E84AC8CC84151D71F82EF77DD08EC4A6031AF11FBAC9EB805CDB64D12 |
SHA-512: | A659604F9CE06A2DB5562857AC272D0B1C8F70D6D703071718C0546D37EA62B95C7D9E341A7B9281CFFE28B03E94201DDB9AE62D762D53A065118DE5EF88C0D4 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.005998762888736 |
Encrypted: | false |
SSDEEP: | 48:8xidIlmjTolyPpsHYidAKZdA14tseh7sFiZUkmgqeh7s7y+BX:8x3lmjUleppnRy |
MD5: | 39DF480CE98F523306C9E60149D8A905 |
SHA1: | 5A15611A52F42B5995B419A88109C62E0D4A1BC5 |
SHA-256: | E59FF61B356B0E9A5C6000DD34110B736E4AFA07C7183ADD902480C921509272 |
SHA-512: | F47134B11DF4D0411D2BF35F43E7ADE0239092F1E6DEF2F38B82EA21BC5F2783977CF8587EC8AF82F657802CF856FABBDA0C749DAF060A459E4138BE6CB08BCB |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.993319497892584 |
Encrypted: | false |
SSDEEP: | 48:84OdIlmjTolyPpLfHYidAKZdA1vehDiZUkwqehZy+R:8MlmjUlepL3jy |
MD5: | AA01FD3D2CC6CAB36766D19A904E99F0 |
SHA1: | 91073813FE13D54C0140717B24659FF041BC1484 |
SHA-256: | E2C0D442E65E1E03A77B2185ED331DAD83155F6356374C1491F770326859CB4B |
SHA-512: | E5017B7B5AF61F577051644B74D5130B0BB68E9668EBA92C049BC24B758A6CB02D1042954F9B079BA07E576770085F0B8CFC11B9141E6A4E8F613C1E60C678F0 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.979917380693294 |
Encrypted: | false |
SSDEEP: | 48:8edIlmjTolyPpLfHYidAKZdA1hehBiZUk1W1qeh/y+C:8LlmjUlepLH9fy |
MD5: | BA3C0AD9175322FDD7F445A4E91328DD |
SHA1: | 92502FFCD464CFA466BAE7EAE66B96D16385E221 |
SHA-256: | 0298D3723F34FF26E9DA41C5EEE00544E5F8D1F7126AA73A5A4D95A7E5223016 |
SHA-512: | 70EA63B40458FA860AEF88913F10BAE273C80ADA3A606D6330F4314ACF882EEF641BB01B041C3D8617B7F0F9538BF796DC2F6D8514FBD90D940AE7BFF2F15664 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9909814175852207 |
Encrypted: | false |
SSDEEP: | 48:8fOdIlmjTolyPpLfHYidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbRy+yT+:8TlmjUlepLPT/TbxWOvTbRy7T |
MD5: | FA5B48C71F240296A68E0FF7A9F9BE21 |
SHA1: | BDEB706C08298DF26F3BBCE5F44763F9124D6027 |
SHA-256: | D7334EE0FC2281CC6E52B0937011D39274ADFD3E6CACFB49E25F50C7D86F937D |
SHA-512: | 1EB46BC5EB90F7D78930C0C551D4A50F6EE14D1D268B34C747301128E1BC01829327EA0DD4A360009D34C459DF4DFBFC165601710C4D42B49001FFCC7D5EB555 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
URL: | https://claims-hadiah-dxna.t5t.my.id/cdn-cgi/images/icon-exclamation.png?1376755637 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24051 |
Entropy (8bit): | 4.941039417164537 |
Encrypted: | false |
SSDEEP: | 192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk |
MD5: | 5E8C69A459A691B5D1B9BE442332C87D |
SHA1: | F24DD1AD7C9080575D92A9A9A2C42620725EF836 |
SHA-256: | 84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091 |
SHA-512: | 6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42 |
Malicious: | false |
Reputation: | low |
URL: | https://claims-hadiah-dxna.t5t.my.id/cdn-cgi/styles/cf.errors.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 315 |
Entropy (8bit): | 5.0572271090563765 |
Encrypted: | false |
SSDEEP: | 6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR |
MD5: | A34AC19F4AFAE63ADC5D2F7BC970C07F |
SHA1: | A82190FC530C265AA40A045C21770D967F4767B8 |
SHA-256: | D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3 |
SHA-512: | 42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765 |
Malicious: | false |
Reputation: | low |
URL: | https://claims-hadiah-dxna.t5t.my.id/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4394 |
Entropy (8bit): | 5.083977402738777 |
Encrypted: | false |
SSDEEP: | 96:1j9jwIjYjUDK/D5DMF+BOisRA2ZLimCrR49PaQxJbGD:1j9jhjYjIK/Vo+ts7ZOmCrO9ieJGD |
MD5: | 26B1884022D5FE5EE5DF04F628D154EF |
SHA1: | 25AA42B4C355C131B4DFC813FB1AF8FC81E348A9 |
SHA-256: | 70BA1E02A69235B80E2652C3AFDFBA46BE820F08AD89F4BDFE5F7CED5B9B3460 |
SHA-512: | 16ED7184F4154744EB17C6C7570C50A5839FD2B73EB104E7C8459BD7F3537D637A5398E97576EF458A6A3D1B3FE77483440A0512597A459BE4706C0976A12523 |
Malicious: | false |
Reputation: | low |
URL: | https://claims-hadiah-dxna.t5t.my.id/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 30, 2024 00:16:58.769311905 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:16:58.769315004 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:16:58.894313097 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:17:08.483304024 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:17:08.560591936 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:17:08.619021893 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:17:10.192723036 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Aug 30, 2024 00:17:10.193496943 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Aug 30, 2024 00:17:10.864686966 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:10.864734888 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:10.864814043 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:10.872387886 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:10.872397900 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:10.872466087 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:10.891148090 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:10.891170979 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:10.894382000 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:10.894392014 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.359458923 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.361826897 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.361845970 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.362833023 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.362900972 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.363272905 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.366427898 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.366436958 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.366851091 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.366925955 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.367563009 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.367624998 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.367641926 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.367647886 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.369929075 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.369996071 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.411705971 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.411712885 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.417982101 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.464657068 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.498613119 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.498652935 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.498702049 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.498718977 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.503726006 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.503779888 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.503786087 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.503814936 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.503865004 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.836462021 CEST | 49710 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.836498022 CEST | 443 | 49710 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.846472979 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.888509989 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.946886063 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.946934938 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.946964979 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.946976900 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.947004080 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.947045088 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.947052002 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.947094917 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.947130919 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.947140932 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.947146893 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.947191954 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.947390079 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.948064089 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.948110104 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.948117971 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.953303099 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.953360081 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:11.953367949 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:11.994617939 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:12.035664082 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:12.035746098 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:12.035806894 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:12.035808086 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:12.035825014 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:12.035860062 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:12.035866976 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:12.035989046 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:12.036041975 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:12.048588991 CEST | 49709 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:12.048607111 CEST | 443 | 49709 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.058090925 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.058135033 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.058217049 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.058725119 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.058734894 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.086483002 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.086533070 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.086652994 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.087229013 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.087244034 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.636240005 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.642390013 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.642419100 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.642745972 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.644624949 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.644682884 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.645149946 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.692497969 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.697000980 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.697384119 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.697406054 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.698555946 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.698618889 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.725995064 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.726135969 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.771161079 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.771239996 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.771373034 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.778145075 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:13.778162003 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:13.783691883 CEST | 49714 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.783710957 CEST | 443 | 49714 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.805258989 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.805313110 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.805387020 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.805663109 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:13.805689096 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:13.823705912 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:14.141603947 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:14.141650915 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:14.141731024 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:14.144243956 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:14.144253969 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:14.272680044 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.273081064 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:14.273102045 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.273410082 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.273868084 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:14.273930073 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.274190903 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:14.316493988 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.540445089 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.540586948 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.540641069 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:14.544733047 CEST | 49715 | 443 | 192.168.2.5 | 172.67.167.190 |
Aug 30, 2024 00:17:14.544750929 CEST | 443 | 49715 | 172.67.167.190 | 192.168.2.5 |
Aug 30, 2024 00:17:14.551337004 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:14.551361084 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:14.551491976 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:14.551872969 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:14.551882029 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:14.599030972 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:14.599085093 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:14.599206924 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:14.599895000 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:14.599915028 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:14.790968895 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:14.791049004 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:14.957848072 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:14.957876921 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:14.958223104 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.027918100 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.057837963 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.073467970 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.084049940 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.084062099 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.085220098 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.085283041 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.226325035 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.354722977 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.557427883 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.557617903 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.557766914 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.557806969 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.558315039 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.558350086 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.559042931 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.559057951 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.559108019 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.599642038 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.601528883 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.601636887 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.602478027 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.602502108 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.640502930 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.667264938 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.683989048 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.684067965 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.684214115 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.684591055 CEST | 49719 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.684622049 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.685740948 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.685780048 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.685853004 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.686255932 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:15.686269999 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:15.713845015 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.713918924 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.718786001 CEST | 49720 | 443 | 192.168.2.5 | 104.21.90.70 |
Aug 30, 2024 00:17:15.718822002 CEST | 443 | 49720 | 104.21.90.70 | 192.168.2.5 |
Aug 30, 2024 00:17:15.803522110 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.803595066 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.803829908 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.817733049 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.817765951 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.817783117 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.817789078 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.860110044 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.860176086 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:15.860266924 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.860651970 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:15.860668898 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.137811899 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.138251066 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:16.138276100 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.138578892 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.138917923 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:16.138968945 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.139152050 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:16.180500984 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.265379906 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.265446901 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.265506983 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:16.265804052 CEST | 49721 | 443 | 192.168.2.5 | 35.190.80.1 |
Aug 30, 2024 00:17:16.265816927 CEST | 443 | 49721 | 35.190.80.1 | 192.168.2.5 |
Aug 30, 2024 00:17:16.493865013 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.493964911 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:16.521759033 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:16.521786928 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.522044897 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.523077965 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:16.568501949 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.801686049 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.801768064 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.801873922 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:16.803416014 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:16.803437948 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:16.803467035 CEST | 49722 | 443 | 192.168.2.5 | 184.28.90.27 |
Aug 30, 2024 00:17:16.803473949 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.5 |
Aug 30, 2024 00:17:22.955936909 CEST | 61316 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:22.961152077 CEST | 53 | 61316 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:22.961225033 CEST | 61316 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:22.961344957 CEST | 61316 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:22.966149092 CEST | 53 | 61316 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:23.410142899 CEST | 53 | 61316 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:23.414225101 CEST | 61316 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:23.420466900 CEST | 53 | 61316 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:23.420614004 CEST | 61316 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:23.599613905 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:23.599684954 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:17:23.599791050 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:24.426254034 CEST | 53043 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:24.433743000 CEST | 53 | 53043 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:24.433836937 CEST | 53043 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:24.434039116 CEST | 53043 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:24.440031052 CEST | 53 | 53043 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:24.879163980 CEST | 53 | 53043 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:24.884866953 CEST | 53043 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:24.891524076 CEST | 53 | 53043 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:24.891598940 CEST | 53043 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:25.018024921 CEST | 49713 | 443 | 192.168.2.5 | 142.250.186.68 |
Aug 30, 2024 00:17:25.018053055 CEST | 443 | 49713 | 142.250.186.68 | 192.168.2.5 |
Aug 30, 2024 00:18:12.586849928 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:12.586882114 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:12.586988926 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:12.587228060 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:12.587238073 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:13.221297026 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:13.221709967 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:13.221738100 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:13.222136021 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:13.222486973 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:13.222573996 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:13.276742935 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:23.127260923 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:23.127330065 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Aug 30, 2024 00:18:23.127437115 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:25.377407074 CEST | 53050 | 443 | 192.168.2.5 | 142.250.185.132 |
Aug 30, 2024 00:18:25.377427101 CEST | 443 | 53050 | 142.250.185.132 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 30, 2024 00:17:08.839806080 CEST | 53 | 65430 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:08.852965117 CEST | 53 | 53634 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:10.007544041 CEST | 53 | 54521 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:10.570991039 CEST | 61032 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:10.571546078 CEST | 58313 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:10.832631111 CEST | 53 | 61032 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:10.856533051 CEST | 53 | 58313 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:12.585932970 CEST | 61045 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:12.586150885 CEST | 60337 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:12.594680071 CEST | 53 | 61045 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:12.594944954 CEST | 53 | 60337 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:14.543761969 CEST | 58655 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:14.544255972 CEST | 49643 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:14.550463915 CEST | 53 | 58655 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:14.550828934 CEST | 53 | 49643 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:14.559443951 CEST | 63985 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:14.560183048 CEST | 51500 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:14.567100048 CEST | 53 | 63985 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:14.570779085 CEST | 53 | 51500 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:22.955452919 CEST | 53 | 62099 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:24.425462008 CEST | 53 | 60572 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:27.227006912 CEST | 60846 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:17:27.234112978 CEST | 53 | 60846 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:17:27.520026922 CEST | 53 | 57072 | 1.1.1.1 | 192.168.2.5 |
Aug 30, 2024 00:18:12.575510025 CEST | 49269 | 53 | 192.168.2.5 | 1.1.1.1 |
Aug 30, 2024 00:18:12.585550070 CEST | 53 | 49269 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Aug 30, 2024 00:17:10.570991039 CEST | 192.168.2.5 | 1.1.1.1 | 0xfa52 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:17:10.571546078 CEST | 192.168.2.5 | 1.1.1.1 | 0x2fc4 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 30, 2024 00:17:12.585932970 CEST | 192.168.2.5 | 1.1.1.1 | 0x23ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:17:12.586150885 CEST | 192.168.2.5 | 1.1.1.1 | 0x34d | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 30, 2024 00:17:14.543761969 CEST | 192.168.2.5 | 1.1.1.1 | 0xa451 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:17:14.544255972 CEST | 192.168.2.5 | 1.1.1.1 | 0x97c0 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 30, 2024 00:17:14.559443951 CEST | 192.168.2.5 | 1.1.1.1 | 0xe004 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Aug 30, 2024 00:17:14.560183048 CEST | 192.168.2.5 | 1.1.1.1 | 0xb154 | Standard query (0) | 65 | IN (0x0001) | false | |
Aug 30, 2024 00:17:27.227006912 CEST | 192.168.2.5 | 1.1.1.1 | 0x6c44 | Standard query (0) | PTR (Pointer record) | IN (0x0001) | false | |
Aug 30, 2024 00:18:12.575510025 CEST | 192.168.2.5 | 1.1.1.1 | 0xa497 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Aug 30, 2024 00:17:10.832631111 CEST | 1.1.1.1 | 192.168.2.5 | 0xfa52 | No error (0) | 172.67.167.190 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:10.832631111 CEST | 1.1.1.1 | 192.168.2.5 | 0xfa52 | No error (0) | 104.21.90.70 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:10.856533051 CEST | 1.1.1.1 | 192.168.2.5 | 0x2fc4 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 30, 2024 00:17:12.594680071 CEST | 1.1.1.1 | 192.168.2.5 | 0x23ed | No error (0) | 142.250.186.68 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:12.594944954 CEST | 1.1.1.1 | 192.168.2.5 | 0x34d | No error (0) | 65 | IN (0x0001) | false | |||
Aug 30, 2024 00:17:14.550463915 CEST | 1.1.1.1 | 192.168.2.5 | 0xa451 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:14.567100048 CEST | 1.1.1.1 | 192.168.2.5 | 0xe004 | No error (0) | 104.21.90.70 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:14.567100048 CEST | 1.1.1.1 | 192.168.2.5 | 0xe004 | No error (0) | 172.67.167.190 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:14.570779085 CEST | 1.1.1.1 | 192.168.2.5 | 0xb154 | No error (0) | 65 | IN (0x0001) | false | |||
Aug 30, 2024 00:17:20.279628992 CEST | 1.1.1.1 | 192.168.2.5 | 0x21cd | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:20.279628992 CEST | 1.1.1.1 | 192.168.2.5 | 0x21cd | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Aug 30, 2024 00:17:27.234112978 CEST | 1.1.1.1 | 192.168.2.5 | 0x6c44 | Name error (3) | none | none | PTR (Pointer record) | IN (0x0001) | false | |
Aug 30, 2024 00:18:12.585550070 CEST | 1.1.1.1 | 192.168.2.5 | 0xa497 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49710 | 172.67.167.190 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:11 UTC | 671 | OUT | |
2024-08-29 22:17:11 UTC | 563 | IN | |
2024-08-29 22:17:11 UTC | 806 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 858 | IN | |
2024-08-29 22:17:11 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49709 | 172.67.167.190 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:11 UTC | 583 | OUT | |
2024-08-29 22:17:11 UTC | 411 | IN | |
2024-08-29 22:17:11 UTC | 958 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN | |
2024-08-29 22:17:11 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49714 | 172.67.167.190 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:13 UTC | 675 | OUT | |
2024-08-29 22:17:13 UTC | 409 | IN | |
2024-08-29 22:17:13 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49715 | 172.67.167.190 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:14 UTC | 612 | OUT | |
2024-08-29 22:17:14 UTC | 623 | IN | |
2024-08-29 22:17:14 UTC | 322 | IN | |
2024-08-29 22:17:14 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49719 | 35.190.80.1 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:15 UTC | 559 | OUT | |
2024-08-29 22:17:15 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49716 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:15 UTC | 161 | OUT | |
2024-08-29 22:17:15 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49720 | 104.21.90.70 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:15 UTC | 398 | OUT | |
2024-08-29 22:17:15 UTC | 409 | IN | |
2024-08-29 22:17:15 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49721 | 35.190.80.1 | 443 | 5912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:16 UTC | 488 | OUT | |
2024-08-29 22:17:16 UTC | 447 | OUT | |
2024-08-29 22:17:16 UTC | 168 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49722 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-08-29 22:17:16 UTC | 239 | OUT | |
2024-08-29 22:17:16 UTC | 515 | IN | |
2024-08-29 22:17:16 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:17:00 |
Start date: | 29/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:17:06 |
Start date: | 29/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:17:09 |
Start date: | 29/08/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |