Windows
Analysis Report
http://api.wavebrowser.co
Overview
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 4488 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 6440 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2456 --fi eld-trial- handle=235 6,i,256266 2744788510 625,178336 6576662448 9649,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- chrome.exe (PID: 7032 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://api.wa vebrowser. co" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.210.172 | true | false | unknown | |
www.google.com | 142.250.185.132 | true | false | unknown | |
api.wavebrowser.co | 52.22.205.24 | true | false | unknown | |
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | 217.20.57.18 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
52.22.205.24 | api.wavebrowser.co | United States | 14618 | AMAZON-AESUS | false |
IP |
---|
192.168.2.6 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1520808 |
Start date and time: | 2024-09-27 23:29:45 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 5s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://api.wavebrowser.co |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/7@4/4 |
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.35, 142.250.184.206, 74.125.206.84, 34.104.35.123, 20.12.23.50, 192.229.221.95, 13.85.23.206, 88.221.110.91, 2.16.100.168, 40.69.42.241, 216.58.206.67, 93.184.221.240
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, a767.dspw65.akamai.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, client.wns.windows.com, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://api.wavebrowser.co
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4488_1352463856\LICENSE
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1558 |
Entropy (8bit): | 5.11458514637545 |
Encrypted: | false |
SSDEEP: | 48:OBOCrYJ4rYJVwUCLHDy43HV713XEyMmZ3teTHn:LCrYJ4rYJVwUCHZ3Z13XtdUTH |
MD5: | EE002CB9E51BB8DFA89640A406A1090A |
SHA1: | 49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2 |
SHA-256: | 3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B |
SHA-512: | D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4488_1352463856\_metadata\verified_contents.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1864 |
Entropy (8bit): | 6.021127689065198 |
Encrypted: | false |
SSDEEP: | 48:p/hUI1atAdI567akUmYWEFw/3+ovGJ4F3jkZUbvzk98g5m7:RnYQI47avYUwvVGJ41jkZIzxgA7 |
MD5: | 68E6B5733E04AB7BF19699A84D8ABBC2 |
SHA1: | 1C11F06CA1AD3ED8116D356AB9164FD1D52B5CF0 |
SHA-256: | F095F969D6711F53F97747371C83D5D634EAEF21C54CB1A6A1CC5B816D633709 |
SHA-512: | 9DC5D824A55C969820D5D1FBB0CA7773361F044AE0C255E7C48D994E16CE169FCEAC3DE180A3A544EBEF32337EA535683115584D592370E5FE7D85C68B86C891 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4488_1352463856\manifest.fingerprint
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 66 |
Entropy (8bit): | 3.9159446964030753 |
Encrypted: | false |
SSDEEP: | 3:Sq5TQRaELVHecsUDBAeHD5k:Sq5gJ+csHej5k |
MD5: | CFB54589424206D0AE6437B5673F498D |
SHA1: | D1EF6314F0F68EFDD0BA8F6CA9E59BFF863B1609 |
SHA-256: | 285AC183C35350B4B77332172413902F83726CA8F53D63859B5DA082FD425A1C |
SHA-512: | 70FDCA4A1E6B7A5FFED3414E2DB74FECA7E0FD17482B8CB30393DFEE20AB9AD2B0B00FF0C590DD0E8D744D0EAD876CE8844519AF66618ED14666BCA56DF2DA21 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4488_1352463856\manifest.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 85 |
Entropy (8bit): | 4.4533115571544695 |
Encrypted: | false |
SSDEEP: | 3:rR6TAulhFphifFCmMARWHJqS1tean:F6VlM8aRWpqS1ln |
MD5: | C3419069A1C30140B77045ABA38F12CF |
SHA1: | 11920F0C1E55CADC7D2893D1EEBB268B3459762A |
SHA-256: | DB9A702209807BA039871E542E8356219F342A8D9C9CA34BCD9A86727F4A3A0F |
SHA-512: | C5E95A4E9F5919CB14F4127539C4353A55C5F68062BF6F95E1843B6690CEBED3C93170BADB2412B7FB9F109A620385B0AE74783227D6813F26FF8C29074758A1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4488_1352463856\sets.json
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 9748 |
Entropy (8bit): | 4.629326694042306 |
Encrypted: | false |
SSDEEP: | 96:Mon4mvC4qX19s1blbw/BNKLcxbdmf56MFJtRTGXvcxN43uP+8qJq:v5C4ql7BkIVmtRTGXvcxBsq |
MD5: | EEA4913A6625BEB838B3E4E79999B627 |
SHA1: | 1B4966850F1B117041407413B70BFA925FD83703 |
SHA-256: | 20EF4DE871ECE3C5F14867C4AE8465999C7A2CC1633525E752320E61F78A373C |
SHA-512: | 31B1429A5FACD6787F6BB45216A4AB1C724C79438C18EBFA8C19CED83149C17783FD492A03197110A75AAF38486A9F58828CA30B58D41E0FE89DFE8BDFC8A004 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 93 |
Entropy (8bit): | 5.290630489189161 |
Encrypted: | false |
SSDEEP: | 3:FttfB7YXIyJFccScVv9ocNMxxxnc8//:XtJ7YfJmHcVlBNiXNX |
MD5: | 7638ED5F11C8D15CB2907E0A559A9FD7 |
SHA1: | EA46226874D4CB25888A8AF5298BCE7CA70C940B |
SHA-256: | 711070D76BBA3E485A814F47D76669753FCCA313F50697E8FD27EEB57EC136A4 |
SHA-512: | 556AD191674A1BE05727BCD331A477638BA11C656D67AC083FB0D1440D2F7D02C18C244A51BE4223153D14A46066DAC8C4C0AB7ABDC92C3FECBA84687BB411AC |
Malicious: | false |
Reputation: | low |
URL: | http://api.wavebrowser.co/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 23:30:32.202050924 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:32.202114105 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:32.498924971 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:40.433307886 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:40.433357000 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:40.433414936 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:40.434127092 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:40.434139967 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.327194929 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.327271938 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.332334995 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.332364082 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.332756996 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.341419935 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.341485023 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.341497898 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.341618061 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.383430958 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.524045944 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.524458885 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.524488926 CEST | 443 | 49713 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:41.524516106 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.524580002 CEST | 49713 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:41.641587019 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:41.641926050 CEST | 49717 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:41.649943113 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:41.650063992 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:41.650214911 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:41.650768042 CEST | 80 | 49717 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:41.650830984 CEST | 49717 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:41.655363083 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:41.811198950 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:41.841681004 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:42.109154940 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:42.145795107 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:42.201942921 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:42.272984982 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:42.320724010 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:42.376302958 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:42.381254911 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:42.478157997 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:30:42.528291941 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:30:43.770926952 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:30:43.771015882 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:44.769742966 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:44.769792080 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:44.770464897 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:44.790487051 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:44.790508986 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:45.060271025 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.060318947 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:45.060400963 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.062618971 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.062643051 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:45.442020893 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:45.442435980 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:45.442455053 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:45.443897009 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:45.443953037 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:45.452903032 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:45.453003883 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:45.496681929 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:45.496701956 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:45.543562889 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:45.734469891 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:45.734543085 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.737063885 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.737073898 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:45.737404108 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:45.777930975 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.789951086 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:45.831418037 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.061302900 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.061387062 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.061439037 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.061494112 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.061494112 CEST | 49722 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.061517000 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.061531067 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.094636917 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.094686031 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.094755888 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.095032930 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.095048904 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.772057056 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.772550106 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.774010897 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.774019957 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.774265051 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:46.775962114 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:46.823417902 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:47.052155972 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:47.052232027 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:47.054563046 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:47.067677975 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:47.067708015 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:47.067965031 CEST | 49723 | 443 | 192.168.2.6 | 184.28.90.27 |
Sep 27, 2024 23:30:47.067974091 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.6 |
Sep 27, 2024 23:30:48.537131071 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:48.537183046 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:48.537297964 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:48.537806988 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:48.537825108 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.406470060 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.406539917 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.408361912 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.408381939 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.408668995 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.410511971 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.410566092 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.410581112 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.410689116 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.451445103 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.591774940 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.592349052 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.592401028 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.592468023 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:49.592489958 CEST | 443 | 49724 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:30:49.592504978 CEST | 49724 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:30:54.588336945 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:54.588551044 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:54.589273930 CEST | 49728 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:54.589396000 CEST | 443 | 49728 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:30:54.589531898 CEST | 49728 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:54.593363047 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:30:54.593378067 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:30:54.595021009 CEST | 49728 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:54.595055103 CEST | 443 | 49728 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:30:55.187443018 CEST | 443 | 49728 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:30:55.187525988 CEST | 49728 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:30:55.336028099 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:55.336093903 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:30:55.336184978 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:56.627218008 CEST | 49720 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:30:56.627247095 CEST | 443 | 49720 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:01.240638971 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:01.240724087 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:01.240804911 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:01.241655111 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:01.241676092 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.056150913 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.056235075 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.066046953 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.066081047 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.066390038 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.071033955 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.071315050 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.071322918 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.071554899 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.115457058 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.249140024 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.249310017 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.249464989 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.249679089 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:02.249707937 CEST | 443 | 49730 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:02.249727964 CEST | 49730 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:14.467248917 CEST | 443 | 49728 | 173.222.162.64 | 192.168.2.6 |
Sep 27, 2024 23:31:14.467416048 CEST | 49728 | 443 | 192.168.2.6 | 173.222.162.64 |
Sep 27, 2024 23:31:21.114880085 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.114912987 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:21.114979982 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.115555048 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.115566015 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:21.921694040 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:21.921756983 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.923427105 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.923435926 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:21.923630953 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:21.925296068 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.925364017 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.925369024 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:21.925483942 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:21.967408895 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:22.096774101 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:22.096909046 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:22.096983910 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:22.097089052 CEST | 49731 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:22.097101927 CEST | 443 | 49731 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:26.653405905 CEST | 49717 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:31:26.658195019 CEST | 80 | 49717 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:31:27.481539965 CEST | 49716 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:31:27.486484051 CEST | 80 | 49716 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:31:42.007332087 CEST | 58864 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:31:42.012388945 CEST | 53 | 58864 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:42.012497902 CEST | 58864 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:31:42.012584925 CEST | 58864 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:31:42.017478943 CEST | 53 | 58864 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:42.461734056 CEST | 53 | 58864 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:42.463721037 CEST | 58864 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:31:42.469517946 CEST | 53 | 58864 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:42.469579935 CEST | 58864 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:31:43.318299055 CEST | 49717 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:31:43.323961020 CEST | 80 | 49717 | 52.22.205.24 | 192.168.2.6 |
Sep 27, 2024 23:31:43.324090004 CEST | 49717 | 80 | 192.168.2.6 | 52.22.205.24 |
Sep 27, 2024 23:31:44.946127892 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:44.946171045 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:44.946240902 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:44.947283983 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:44.947297096 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:45.586148977 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:45.586416960 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:45.586431980 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:45.586740971 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:45.587470055 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:45.587522984 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:45.638897896 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:48.055716038 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.055762053 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:48.055845022 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.056633949 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.056658983 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:48.943470955 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:48.943589926 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.969769955 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.969825983 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:48.970707893 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:48.978127003 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.978677988 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:48.978692055 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:48.979501009 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:49.023417950 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:49.154432058 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:49.154541969 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:49.154639006 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:49.155512094 CEST | 58867 | 443 | 192.168.2.6 | 40.115.3.253 |
Sep 27, 2024 23:31:49.155554056 CEST | 443 | 58867 | 40.115.3.253 | 192.168.2.6 |
Sep 27, 2024 23:31:55.503658056 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:55.503732920 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Sep 27, 2024 23:31:55.503947973 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:56.609278917 CEST | 58866 | 443 | 192.168.2.6 | 142.250.185.132 |
Sep 27, 2024 23:31:56.609306097 CEST | 443 | 58866 | 142.250.185.132 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 23:30:40.188024998 CEST | 53 | 61167 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:40.195734978 CEST | 53 | 50977 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:41.399449110 CEST | 53 | 54866 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:41.624876022 CEST | 64979 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:30:41.626957893 CEST | 64930 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:30:41.635020018 CEST | 53 | 64979 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:41.654230118 CEST | 53 | 64930 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:44.726375103 CEST | 60342 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:30:44.726375103 CEST | 49630 | 53 | 192.168.2.6 | 1.1.1.1 |
Sep 27, 2024 23:30:44.734185934 CEST | 53 | 60342 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:44.734205961 CEST | 53 | 49630 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:30:58.288216114 CEST | 53 | 54535 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:17.166618109 CEST | 53 | 62920 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:39.867345095 CEST | 53 | 64758 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:39.993061066 CEST | 53 | 56698 | 1.1.1.1 | 192.168.2.6 |
Sep 27, 2024 23:31:42.006664038 CEST | 53 | 50329 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Sep 27, 2024 23:30:41.654313087 CEST | 192.168.2.6 | 1.1.1.1 | c241 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 27, 2024 23:30:41.624876022 CEST | 192.168.2.6 | 1.1.1.1 | 0x402c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:30:41.626957893 CEST | 192.168.2.6 | 1.1.1.1 | 0x1688 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:30:44.726375103 CEST | 192.168.2.6 | 1.1.1.1 | 0x5949 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:30:44.726375103 CEST | 192.168.2.6 | 1.1.1.1 | 0xdfb | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 27, 2024 23:30:41.635020018 CEST | 1.1.1.1 | 192.168.2.6 | 0x402c | No error (0) | 52.22.205.24 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:41.635020018 CEST | 1.1.1.1 | 192.168.2.6 | 0x402c | No error (0) | 34.206.115.76 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:41.635020018 CEST | 1.1.1.1 | 192.168.2.6 | 0x402c | No error (0) | 34.193.241.47 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:41.635020018 CEST | 1.1.1.1 | 192.168.2.6 | 0x402c | No error (0) | 52.5.25.169 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:41.635020018 CEST | 1.1.1.1 | 192.168.2.6 | 0x402c | No error (0) | 3.211.76.154 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:41.635020018 CEST | 1.1.1.1 | 192.168.2.6 | 0x402c | No error (0) | 35.169.210.21 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:44.734185934 CEST | 1.1.1.1 | 192.168.2.6 | 0x5949 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:44.734205961 CEST | 1.1.1.1 | 192.168.2.6 | 0xdfb | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 23:30:52.898614883 CEST | 1.1.1.1 | 192.168.2.6 | 0x79e9 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 23:30:52.898614883 CEST | 1.1.1.1 | 192.168.2.6 | 0x79e9 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:31:13.412297010 CEST | 1.1.1.1 | 192.168.2.6 | 0x43d5 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:31:13.412297010 CEST | 1.1.1.1 | 192.168.2.6 | 0x43d5 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:31:32.256042004 CEST | 1.1.1.1 | 192.168.2.6 | 0x4690 | No error (0) | default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 23:31:32.256042004 CEST | 1.1.1.1 | 192.168.2.6 | 0x4690 | No error (0) | 217.20.57.18 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:31:32.256042004 CEST | 1.1.1.1 | 192.168.2.6 | 0x4690 | No error (0) | 217.20.57.34 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.6 | 49716 | 52.22.205.24 | 80 | 6440 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Sep 27, 2024 23:30:41.650214911 CEST | 433 | OUT | |
Sep 27, 2024 23:30:42.145795107 CEST | 401 | IN | |
Sep 27, 2024 23:30:42.272984982 CEST | 94 | IN | |
Sep 27, 2024 23:30:42.376302958 CEST | 380 | OUT | |
Sep 27, 2024 23:30:42.478157997 CEST | 312 | IN | |
Sep 27, 2024 23:31:27.481539965 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49717 | 52.22.205.24 | 80 | 6440 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Sep 27, 2024 23:31:26.653405905 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
0 | 192.168.2.6 | 49713 | 40.115.3.253 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:30:41 UTC | 71 | OUT | |
2024-09-27 21:30:41 UTC | 249 | OUT | |
2024-09-27 21:30:41 UTC | 1084 | OUT | |
2024-09-27 21:30:41 UTC | 218 | OUT | |
2024-09-27 21:30:41 UTC | 14 | IN | |
2024-09-27 21:30:41 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49722 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:30:45 UTC | 161 | OUT | |
2024-09-27 21:30:46 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.6 | 49723 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:30:46 UTC | 239 | OUT | |
2024-09-27 21:30:47 UTC | 515 | IN | |
2024-09-27 21:30:47 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
3 | 192.168.2.6 | 49724 | 40.115.3.253 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:30:49 UTC | 71 | OUT | |
2024-09-27 21:30:49 UTC | 249 | OUT | |
2024-09-27 21:30:49 UTC | 1084 | OUT | |
2024-09-27 21:30:49 UTC | 218 | OUT | |
2024-09-27 21:30:49 UTC | 14 | IN | |
2024-09-27 21:30:49 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
4 | 192.168.2.6 | 49730 | 40.115.3.253 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:31:02 UTC | 71 | OUT | |
2024-09-27 21:31:02 UTC | 249 | OUT | |
2024-09-27 21:31:02 UTC | 1084 | OUT | |
2024-09-27 21:31:02 UTC | 218 | OUT | |
2024-09-27 21:31:02 UTC | 14 | IN | |
2024-09-27 21:31:02 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
5 | 192.168.2.6 | 49731 | 40.115.3.253 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:31:21 UTC | 71 | OUT | |
2024-09-27 21:31:21 UTC | 249 | OUT | |
2024-09-27 21:31:21 UTC | 1084 | OUT | |
2024-09-27 21:31:21 UTC | 218 | OUT | |
2024-09-27 21:31:22 UTC | 14 | IN | |
2024-09-27 21:31:22 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
6 | 192.168.2.6 | 58867 | 40.115.3.253 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:31:48 UTC | 71 | OUT | |
2024-09-27 21:31:48 UTC | 249 | OUT | |
2024-09-27 21:31:48 UTC | 1084 | OUT | |
2024-09-27 21:31:48 UTC | 218 | OUT | |
2024-09-27 21:31:49 UTC | 14 | IN | |
2024-09-27 21:31:49 UTC | 58 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 17:30:34 |
Start date: | 27/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 17:30:38 |
Start date: | 27/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 17:30:40 |
Start date: | 27/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |