Windows
Analysis Report
https://ardam.pages.dev/
Overview
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 3640 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3500 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2112 --fi eld-trial- handle=197 6,i,157820 2219735689 3187,14670 1165474547 10557,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 3372 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://ardam .pages.dev /" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security | ||
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.210.172 | true | false | unknown | |
a.nel.cloudflare.com | 35.190.80.1 | true | false | unknown | |
www.google.com | 216.58.206.68 | true | false | unknown | |
ardam.pages.dev | 188.114.96.3 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown | |||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
188.114.96.3 | ardam.pages.dev | European Union | 13335 | CLOUDFLARENETUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1521584 |
Start date and time: | 2024-09-29 00:49:34 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 23s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://ardam.pages.dev/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@16/15@8/7 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.185.238, 142.251.168.84, 34.104.35.123, 4.245.163.56, 199.232.210.172, 192.229.221.95, 20.242.39.171, 13.95.31.18, 142.250.186.131
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: https://ardam.pages.dev/
Input | Output |
---|---|
URL: https://ardam.pages.dev/ Model: jbxai | { "brand":["Cloudflare"], "contains_trigger_text":false, "trigger_text":"unknown", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false} |
URL: https://ardam.pages.dev/ Model: jbxai | { "brand":["Cloudflare"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Learn More", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false} |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.985299260538325 |
Encrypted: | false |
SSDEEP: | 48:88dwcTQAzjwHXidAKZdA19ehwiZUklqehJy+3:8Tc8Kj0Cy |
MD5: | 3602F30F6A1844121BB49E39B55DA8C5 |
SHA1: | 089859EB5A4F43C2F0E5C0E4D6D56388A7E1727F |
SHA-256: | B8066FF98589EE2C2020692325D272E87F83764F5619085DA9AA9A9B5FB75082 |
SHA-512: | B27E2313DAD894D93D9077F1BC07F8E4EF278955CF3996E60437C452A4E0B442FA04878FE0C17A504A763B6428AB296359C773453D2CED949170F831691C6563 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.0004189439135525 |
Encrypted: | false |
SSDEEP: | 48:8ZdwcTQAzjwHXidAKZdA1weh/iZUkAQkqehyy+2:8kc8KjG9Qjy |
MD5: | DA1B64B58C552D398DF78D8318A5FE96 |
SHA1: | 903D152215C7BDADD329FEAA3D7653A005937D11 |
SHA-256: | F7679B6A41091E0DA97E71E797651477C1D864D7CC97C3A303BD6F1E763DE0B4 |
SHA-512: | 9E3DC18BA516B0E7284EDB5CC6AE0782C6AAC79D4C2AA538843B89614510E0B14BDBAF6CC013780AD4ADD9FFB5066ED6870051729C8A617E5375257C4C8494B0 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.011639819217302 |
Encrypted: | false |
SSDEEP: | 48:8xgdwcTQAzjsHXidAKZdA14tseh7sFiZUkmgqeh7sky+BX:8xPc8KjKnmy |
MD5: | B1457D3737108D4C53A24CEFB29573A5 |
SHA1: | 091C5704772BCF542E5C2B07DD6E111EDBFAE105 |
SHA-256: | 26A263FFCB2AAFF3AADADB22E6222B536E6BD6368DCD452B62155F9D624B7812 |
SHA-512: | 830EDFD76AC5701FF57693EA412D0D68637BD2F44AD6E14E9E493C34747B22EBAFB2052389E57571C16D3D42C3A61E65CDF3DA30E1D0224AAF8ED55C5E4CAB0B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9984616128563886 |
Encrypted: | false |
SSDEEP: | 48:8BdwcTQAzjwHXidAKZdA1vehDiZUkwqeh+y+R:8Mc8KjN8y |
MD5: | C73B3615BC80EF2D73234D2290FF55DB |
SHA1: | 7D2DC7780B6FDAAF944D513418C862C2309E8AAE |
SHA-256: | 138D151E345D5BDDCA1E94143B17F17A9A76133F3DE7F9FCD8670AC23BDA704B |
SHA-512: | 3A3A052B982A39EDA0019D788E4EADC6DBEB6C3668B6336F55B50DDF1D6D48D7ED03BE91801696E074CDB4231128E4B323B2E8B8F046A7C87E9CABE7DD909720 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9878207417145237 |
Encrypted: | false |
SSDEEP: | 48:8ldwcTQAzjwHXidAKZdA1hehBiZUk1W1qeh4y+C:8Ic8KjN9Yy |
MD5: | CA85CEBA5CCD1D20168BD4E8CBE69ADD |
SHA1: | 07955F924926EDE9D68F853202C172048A33F7AC |
SHA-256: | CA4BFCBD2F61CDE7C215D5538BF93C2546522BD7E6FEA62E6D57760C50D2C215 |
SHA-512: | 8828673A9EEE44555720D9F977028A98941614E4A0FAE03433065206B0320865F8406166C06EADE916D5C9C6612867A7DB0B0752BB2810C19FF81C9BF32E8B14 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.996816434786507 |
Encrypted: | false |
SSDEEP: | 48:8lPdwcTQAzjwHXidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbmy+yT+:8Yc8KjRT/TbxWOvTbmy7T |
MD5: | 241A0BBDB2769488A9559702715D1439 |
SHA1: | B10ED796B9049C5582F005FDED030E9001085399 |
SHA-256: | B7B1B5B3633B033FA680DCAAA19713EDACAF8F796CE6322B8A86E1F331FEC087 |
SHA-512: | A05259AE161356ED99C2DA5486486D01D4C801138E339DA7AB30E40E6BA173A2FF8A83EDDB8EADABEE5F1324EC108297CD00A0AC80E8AA1B373C71D30CCF99DA |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
URL: | https://ardam.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24051 |
Entropy (8bit): | 4.941039417164537 |
Encrypted: | false |
SSDEEP: | 192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk |
MD5: | 5E8C69A459A691B5D1B9BE442332C87D |
SHA1: | F24DD1AD7C9080575D92A9A9A2C42620725EF836 |
SHA-256: | 84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091 |
SHA-512: | 6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42 |
Malicious: | false |
Reputation: | low |
URL: | https://ardam.pages.dev/cdn-cgi/styles/cf.errors.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4394 |
Entropy (8bit): | 5.081921615667461 |
Encrypted: | false |
SSDEEP: | 96:1j9jwIjYjUDK/D5DMF+BOisUxA2ZLim1rR49PaQxJbGD:1j9jhjYjIK/Vo+tsUbZOm1rO9ieJGD |
MD5: | 8FC1EB7E4B31480CC00FB4E82956C68B |
SHA1: | 89C2FC908B06647B2FAC02EAE32A80F7DCCA350D |
SHA-256: | 3459A3602DAD144E6E3273347691B8153876235B29DB82831468E8CDF1123BF6 |
SHA-512: | E997553381F58C918897A2346FDAE040F0DC198A9A289B970FDC9E7A6F8E0CC59EA33389365C5CD354A0B2C01E288E8524B5B0468635AE1B7C2972BE2A4A551A |
Malicious: | false |
Reputation: | low |
URL: | https://ardam.pages.dev/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 555 |
Entropy (8bit): | 4.73524642638354 |
Encrypted: | false |
SSDEEP: | 12:TjeRHVIdtklI5rtINGlTF5TF5TF5TF5TF5TFK:neRH68mTPTPTPTPTPTc |
MD5: | 26017130ABCA7D511D22EEA19CE6D7A1 |
SHA1: | D909A258B0E0F5856F85181A619AF75868C808D1 |
SHA-256: | 6D83B77C3D8C5C0CCC7078540A1FB0BD9FA43EEB82B89F83264D469AA100C088 |
SHA-512: | A79737F6C24A1B5BFC8454AEA1769D9E0A8BC330696EDFA277ACF8DC4E1355090FF8B3A395059A810425CE4F93043206E48DA0A23603627C5935123930032402 |
Malicious: | false |
Reputation: | low |
URL: | https://ardam.pages.dev/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 29, 2024 00:50:18.868046045 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:18.868050098 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:18.977456093 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:28.196696043 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.196743965 CEST | 443 | 49709 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.196827888 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.196928978 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.196937084 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.196996927 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.197341919 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.197357893 CEST | 443 | 49709 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.197741032 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.197751045 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.469944954 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:28.564970016 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:28.658790112 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.659219027 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.659251928 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.660257101 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.660336971 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.661403894 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.661443949 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.661473989 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.661560059 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.661566973 CEST | 443 | 49709 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.661571026 CEST | 443 | 49710 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.661581993 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.661619902 CEST | 49710 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.661957026 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.662036896 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.662106037 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.662185907 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.662194014 CEST | 443 | 49709 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.662369967 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.662400007 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.663261890 CEST | 443 | 49709 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.663326025 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664247990 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664266109 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664311886 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664313078 CEST | 443 | 49709 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.664419889 CEST | 49709 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664663076 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664699078 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.664763927 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664958000 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:28.664968967 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:28.752568007 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:29.127479076 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.127876043 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.127899885 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.128475904 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.128664970 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.128679037 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.129427910 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.129508018 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.129757881 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.129815102 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.130574942 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.130702019 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.130844116 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.130948067 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.130959988 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.130975008 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.173710108 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.173721075 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.220447063 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.243540049 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.243590117 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.243628979 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.243758917 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.243989944 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.243989944 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.243990898 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.245995045 CEST | 49711 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.246037960 CEST | 443 | 49711 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.266779900 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.311403990 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.366813898 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.366863012 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.366884947 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.366904974 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.366914034 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.366930962 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.366955996 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.366959095 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.367003918 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.367012024 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.367448092 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.367477894 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.367495060 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.367502928 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.367544889 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.367551088 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.374627113 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.374676943 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.374686003 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.423774004 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.453121901 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453212976 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453258038 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.453269958 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453484058 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453519106 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453526974 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.453535080 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453571081 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.453577995 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453624964 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.453674078 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.496620893 CEST | 49712 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.496642113 CEST | 443 | 49712 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.561137915 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.561184883 CEST | 443 | 49714 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:29.561393976 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.561569929 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:29.561584949 CEST | 443 | 49714 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.026748896 CEST | 443 | 49714 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.027194977 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.027246952 CEST | 443 | 49714 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.028799057 CEST | 443 | 49714 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.028968096 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.029315948 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.029336929 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.029401064 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.029525042 CEST | 443 | 49714 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.029587030 CEST | 49714 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.029721022 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.029767990 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.029839039 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.030040979 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.030054092 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.265567064 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Sep 29, 2024 00:50:30.265659094 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 29, 2024 00:50:30.489103079 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.490106106 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.490123987 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.490473032 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.491516113 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.491601944 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.491687059 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.539411068 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.620135069 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.620217085 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.620270014 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.660871983 CEST | 49716 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.660890102 CEST | 443 | 49716 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.684478998 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.684526920 CEST | 443 | 49717 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.684581041 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.685375929 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.685403109 CEST | 443 | 49717 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.736076117 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.736118078 CEST | 443 | 49718 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.736177921 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.737210035 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:30.737226963 CEST | 443 | 49718 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:30.787642956 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:30.787687063 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:30.787755013 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:30.788146019 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:30.788160086 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:31.154983044 CEST | 443 | 49717 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.162084103 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.162108898 CEST | 443 | 49717 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.163219929 CEST | 443 | 49717 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.163283110 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.171014071 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.171041012 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.171104908 CEST | 443 | 49717 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.171132088 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.171173096 CEST | 49717 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.197292089 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.197339058 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.197405100 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.199142933 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.199157000 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.217737913 CEST | 443 | 49718 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.219155073 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.219180107 CEST | 443 | 49718 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.220326900 CEST | 443 | 49718 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.220382929 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222054005 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222074986 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222120047 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222129107 CEST | 443 | 49718 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.222174883 CEST | 49718 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222510099 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222605944 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.222686052 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222908020 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.222944975 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.450381994 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:31.450650930 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:31.450671911 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:31.451685905 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:31.451757908 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:31.571494102 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:31.571655035 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:31.614859104 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:31.614885092 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:31.661583900 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:31.699862003 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.703687906 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.709518909 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.709531069 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.711080074 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.711182117 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.713216066 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.713241100 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.714217901 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.714217901 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.714334965 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.714348078 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.714534998 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.715626001 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.715626001 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.715639114 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.715702057 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.765824080 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.765821934 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.765836000 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.765850067 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.812695026 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.812694073 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:31.843616009 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.843719959 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:31.851066113 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:32.444644928 CEST | 49721 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:32.444698095 CEST | 443 | 49721 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:32.704392910 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:32.704507113 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:32.704560041 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:32.730654955 CEST | 49720 | 443 | 192.168.2.5 | 188.114.96.3 |
Sep 29, 2024 00:50:32.730669022 CEST | 443 | 49720 | 188.114.96.3 | 192.168.2.5 |
Sep 29, 2024 00:50:32.734854937 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:32.734886885 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:32.734950066 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:32.735215902 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:32.735229969 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:32.791681051 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:32.791716099 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:32.791789055 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:32.793457031 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:32.793476105 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.204884052 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.207947969 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.207972050 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.209086895 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.209148884 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.229438066 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.229617119 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.229954958 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.229969978 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.280539036 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.354856968 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.354934931 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.354993105 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.355552912 CEST | 49722 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.355571985 CEST | 443 | 49722 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.356949091 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.356986046 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.357048988 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.357597113 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.357611895 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.434108973 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.434190989 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.443552971 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.443582058 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.443820000 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.484184980 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.673520088 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.715404987 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.818212032 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.818689108 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.818716049 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.819077015 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.819757938 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.819820881 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.824518919 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.859479904 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.859591961 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.859955072 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.860203028 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.860203028 CEST | 49723 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.860227108 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.860236883 CEST | 443 | 49723 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.867414951 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.900844097 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.900886059 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.901212931 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.904810905 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:33.904825926 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:33.954214096 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.954298019 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:33.954421043 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.956804037 CEST | 49725 | 443 | 192.168.2.5 | 35.190.80.1 |
Sep 29, 2024 00:50:33.956825018 CEST | 443 | 49725 | 35.190.80.1 | 192.168.2.5 |
Sep 29, 2024 00:50:34.563208103 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.563402891 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:34.565140009 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:34.565148115 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.565386057 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.566648960 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:34.607399940 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.843369961 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.843445063 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.843503952 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:34.845961094 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:34.845972061 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:34.845983028 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 29, 2024 00:50:34.845988035 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Sep 29, 2024 00:50:41.404153109 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:41.404237032 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:50:41.404287100 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:42.926829100 CEST | 49719 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:50:42.926872015 CEST | 443 | 49719 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:30.917143106 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:30.917193890 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:30.917365074 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:30.919502020 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:30.919513941 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:31.575264931 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:31.576334000 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:31.576379061 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:31.576713085 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:31.580269098 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:31.580374956 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:31.625478029 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:41.513315916 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:41.513398886 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Sep 29, 2024 00:51:41.513554096 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:42.909502983 CEST | 49736 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 29, 2024 00:51:42.909568071 CEST | 443 | 49736 | 216.58.206.68 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 29, 2024 00:50:27.094523907 CEST | 53 | 53996 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:27.115698099 CEST | 53 | 55674 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:28.159034967 CEST | 53 | 50564 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:28.181848049 CEST | 49543 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:28.182471037 CEST | 49401 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:28.195123911 CEST | 53 | 49543 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:28.195138931 CEST | 53 | 49401 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:30.721720934 CEST | 51833 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:30.722487926 CEST | 61256 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:30.733961105 CEST | 53 | 61256 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:30.735357046 CEST | 53 | 51833 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:30.773916960 CEST | 49261 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:30.774491072 CEST | 50912 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:30.785305023 CEST | 53 | 49261 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:30.785329103 CEST | 53 | 50912 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:32.726890087 CEST | 50990 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:32.727369070 CEST | 50132 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 29, 2024 00:50:32.733316898 CEST | 53 | 50990 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:32.733994961 CEST | 53 | 50132 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:50:45.257371902 CEST | 53 | 55923 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:51:04.210930109 CEST | 53 | 57660 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:51:26.339951992 CEST | 53 | 61027 | 1.1.1.1 | 192.168.2.5 |
Sep 29, 2024 00:51:27.040340900 CEST | 53 | 64946 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 29, 2024 00:50:28.181848049 CEST | 192.168.2.5 | 1.1.1.1 | 0xbcc1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 29, 2024 00:50:28.182471037 CEST | 192.168.2.5 | 1.1.1.1 | 0xb01d | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 29, 2024 00:50:30.721720934 CEST | 192.168.2.5 | 1.1.1.1 | 0xf923 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 29, 2024 00:50:30.722487926 CEST | 192.168.2.5 | 1.1.1.1 | 0xc9cc | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 29, 2024 00:50:30.773916960 CEST | 192.168.2.5 | 1.1.1.1 | 0x61ea | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 29, 2024 00:50:30.774491072 CEST | 192.168.2.5 | 1.1.1.1 | 0x552e | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 29, 2024 00:50:32.726890087 CEST | 192.168.2.5 | 1.1.1.1 | 0x5521 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 29, 2024 00:50:32.727369070 CEST | 192.168.2.5 | 1.1.1.1 | 0x8acc | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 29, 2024 00:50:28.195123911 CEST | 1.1.1.1 | 192.168.2.5 | 0xbcc1 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:28.195123911 CEST | 1.1.1.1 | 192.168.2.5 | 0xbcc1 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:28.195138931 CEST | 1.1.1.1 | 192.168.2.5 | 0xb01d | No error (0) | 65 | IN (0x0001) | false | |||
Sep 29, 2024 00:50:30.733961105 CEST | 1.1.1.1 | 192.168.2.5 | 0xc9cc | No error (0) | 65 | IN (0x0001) | false | |||
Sep 29, 2024 00:50:30.735357046 CEST | 1.1.1.1 | 192.168.2.5 | 0xf923 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:30.735357046 CEST | 1.1.1.1 | 192.168.2.5 | 0xf923 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:30.785305023 CEST | 1.1.1.1 | 192.168.2.5 | 0x61ea | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:30.785329103 CEST | 1.1.1.1 | 192.168.2.5 | 0x552e | No error (0) | 65 | IN (0x0001) | false | |||
Sep 29, 2024 00:50:32.733316898 CEST | 1.1.1.1 | 192.168.2.5 | 0x5521 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:39.588058949 CEST | 1.1.1.1 | 192.168.2.5 | 0x8efd | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:39.588058949 CEST | 1.1.1.1 | 192.168.2.5 | 0x8efd | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:40.090995073 CEST | 1.1.1.1 | 192.168.2.5 | 0x2523 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:40.090995073 CEST | 1.1.1.1 | 192.168.2.5 | 0x2523 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:53.616388083 CEST | 1.1.1.1 | 192.168.2.5 | 0xebcd | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 29, 2024 00:50:53.616388083 CEST | 1.1.1.1 | 192.168.2.5 | 0xebcd | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:51:19.275146961 CEST | 1.1.1.1 | 192.168.2.5 | 0xe20b | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 29, 2024 00:51:19.275146961 CEST | 1.1.1.1 | 192.168.2.5 | 0xe20b | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Sep 29, 2024 00:51:39.508454084 CEST | 1.1.1.1 | 192.168.2.5 | 0xa7df | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 29, 2024 00:51:39.508454084 CEST | 1.1.1.1 | 192.168.2.5 | 0xa7df | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49711 | 188.114.96.3 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:29 UTC | 658 | OUT | |
2024-09-28 22:50:29 UTC | 594 | IN | |
2024-09-28 22:50:29 UTC | 775 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 889 | IN | |
2024-09-28 22:50:29 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49712 | 188.114.96.3 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:29 UTC | 557 | OUT | |
2024-09-28 22:50:29 UTC | 411 | IN | |
2024-09-28 22:50:29 UTC | 958 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN | |
2024-09-28 22:50:29 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49716 | 188.114.96.3 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:30 UTC | 649 | OUT | |
2024-09-28 22:50:30 UTC | 409 | IN | |
2024-09-28 22:50:30 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49721 | 188.114.96.3 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:31 UTC | 385 | OUT | |
2024-09-28 22:50:31 UTC | 409 | IN | |
2024-09-28 22:50:31 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49720 | 188.114.96.3 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:31 UTC | 586 | OUT | |
2024-09-28 22:50:32 UTC | 602 | IN | |
2024-09-28 22:50:32 UTC | 562 | IN | |
2024-09-28 22:50:32 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49722 | 35.190.80.1 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:33 UTC | 536 | OUT | |
2024-09-28 22:50:33 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49723 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:33 UTC | 161 | OUT | |
2024-09-28 22:50:33 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49725 | 35.190.80.1 | 443 | 3500 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:33 UTC | 478 | OUT | |
2024-09-28 22:50:33 UTC | 420 | OUT | |
2024-09-28 22:50:33 UTC | 168 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49726 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-28 22:50:34 UTC | 239 | OUT | |
2024-09-28 22:50:34 UTC | 515 | IN | |
2024-09-28 22:50:34 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:50:21 |
Start date: | 28/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:50:25 |
Start date: | 28/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:50:27 |
Start date: | 28/09/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |