Windows
Analysis Report
http://circle.innovativecsportal.com/cL2QAwuf82oUn6oxR4S8IQKfqiEV2v1uB8rjaBTT+WEfz+dkUsA=
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2360 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 1216 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2240 --fi eld-trial- handle=209 6,i,917186 5538798630 320,117676 6409875661 7316,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5676 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://circle .innovativ ecsportal. com/cL2QAw uf82oUn6ox R4S8IQKfqi EV2v1uB8rj aBTT+WEfz+ dkUsA=" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 142.250.186.164 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
circle.innovativecsportal.com | 217.144.191.125 | true | false | unknown | |
windowsupdatebg.s.llnwi.net | 87.248.204.0 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
217.144.191.125 | circle.innovativecsportal.com | Russian Federation | 16230 | SKYNET-ASSkynetLTDEkaterinburgRussiaRU | false | |
142.250.186.164 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.22 |
192.168.2.6 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524315 |
Start date and time: | 2024-10-02 17:18:04 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 22s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://circle.innovativecsportal.com/cL2QAwuf82oUn6oxR4S8IQKfqiEV2v1uB8rjaBTT+WEfz+dkUsA= |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/8@6/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.250.186.46, 64.233.166.84, 34.104.35.123, 4.175.87.197, 87.248.204.0, 192.229.221.95, 52.165.164.15, 20.3.187.198, 13.85.23.206, 142.250.185.131
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, 7.4.8.4.4.3.1.4.0.0.0.0.0.0.0.0.0.0.0.a.0.0.1.f.1.1.1.0.1.0.a.2.ip6.arpa, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://circle.innovativecsportal.com/cL2QAwuf82oUn6oxR4S8IQKfqiEV2v1uB8rjaBTT+WEfz+dkUsA=
Input | Output |
---|---|
URL: https://circle.innovativecsportal.com/cL2QAwuf82oUn6oxR4S8IQKfqiEV2v1uB8rjaBTT+WEfz+dkUsA= Model: jbxai | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9801673413043095 |
Encrypted: | false |
SSDEEP: | 48:8Y0dadT6l6sHYidAKZdA19ehwiZUklqeh0y+3:8YXTry |
MD5: | 27B938D4107D95E5AA66FF049838FD50 |
SHA1: | E0ACBAD734F57F9DD37C43810C7072FF0C1DFDC5 |
SHA-256: | 4BF4D7C4AF50C71AD3451C9EF2726DF177B9921851F4D51BA3547C2F15C659A5 |
SHA-512: | D17F3E9D88B511D38763C88B8637E3086D7E5FF1E1E3B6A2DA9B197339CD153457903F185B0F45B8040470811C6353188BAD977559D2A1DBA028460C6CB935B9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9942821355881133 |
Encrypted: | false |
SSDEEP: | 48:8Y0dadT6l6sHYidAKZdA1weh/iZUkAQkqehby+2:8YXh9QKy |
MD5: | 65CECB21C5F54A0C65D669FF3A3626F9 |
SHA1: | 3EF87EE7AB42F370318715872C1E45B199601078 |
SHA-256: | D017A5530CD2655ADCE38454142882BF5EE36DBCAFD61520E3D0A746B376A4BA |
SHA-512: | 3C47513AD263CFD0DDF9D98CD650A0067A80BEBD1D4AF7B07BC1CA5ECF107598583E6375ECC224AC8E0D277CF973C97DEBDCDC4839C9CADF6A333F17F2AE9B1A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.006896241959777 |
Encrypted: | false |
SSDEEP: | 48:8xA0dadT6l6sHYidAKZdA14tseh7sFiZUkmgqeh7sBy+BX:8xAXRn/y |
MD5: | 01467CED2C9BEBBCABE24C26CFAE154B |
SHA1: | 927929189036EE3C4B63A04FD4419C2DE0B05C8F |
SHA-256: | 96240B07A644A2F154A1B70D0869FEFAE41BA1C3570CB6CBE2286880E095D8AE |
SHA-512: | 02B046F6FE25DC30A4B0401585635CD38ADE6DC201B1D077B3150887E91BE860F814CFA811F1FA6BFE90BCCAAEC5A960D7CA4AA19AE01C806A6AA4C67AD7FBB8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9920618543888495 |
Encrypted: | false |
SSDEEP: | 48:850dadT6l6sHYidAKZdA1vehDiZUkwqehny+R:8zXCpy |
MD5: | A97EA8788FEED8850B4271086A45CC81 |
SHA1: | C676A46357B66F4D58363D575650937DDB75E903 |
SHA-256: | 0E2A99CF16CCA9A0A8D748EB557FB1D5E08425B460CE8CBBE7A059835106F8D2 |
SHA-512: | 75784ED3454A9014F899446A9312336AAACC13DE6E9AB71002EC0C5FCD8A35B0860C4E2230B8207EDA62AFE64FC15223F2A345A8F0C7F1542EA47544B4CCF4D8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9829722179203664 |
Encrypted: | false |
SSDEEP: | 48:8w0dadT6l6sHYidAKZdA1hehBiZUk1W1qehVy+C:8wXy91y |
MD5: | AAF035E29DEC1C52A0835FB6AF721864 |
SHA1: | 260FCC201388013BA92644DA7C75191BAC513EF3 |
SHA-256: | BD5DEA02DE2AF8938CE180CA86F1FE953615FBECA0F23BC8EA4CBAA2634BF8A5 |
SHA-512: | 2FCE120ECE27582E59A4FCC2FFE8909B6B12C9323871C0FC51F0BE2DC669510D7517AA91127123EE571D44B6BF0696326E1AD4640367798B3931573E5B842A3E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.99065472658308 |
Encrypted: | false |
SSDEEP: | 48:8E0dadT6l6sHYidAKZdA1duT+ehOuTbbiZUk5OjqehOuTb/y+yT+:80XsT/TbxWOvTb/y7T |
MD5: | 3C0528DBEA2C3111632D402F749838F3 |
SHA1: | EB31358C3BA0D1E4179258E99AF78756B11D4205 |
SHA-256: | E8313F18454656E9E806D800F3E369AE0535B4AEC95E4E74FA1F83851C3C8B7F |
SHA-512: | 75A2B268E6DB89D50C7F22A4928FA06EF1A97EF5976A458BEA2333D7F3CEFB807C64C815F1276DEE6177A733D600BA4DF15AF23DB1B5388C24699B5D2D1ECCD1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 203 |
Entropy (8bit): | 5.139523437629011 |
Encrypted: | false |
SSDEEP: | 6:pn0+t9xqObRKr6TQzetSzRx3G0CezowoG:J0+t9xqeRKWTQzetSzRxGezn |
MD5: | A368EBDB8002FBB3142E16BC34B326D8 |
SHA1: | E727C702FB6BE3CBEFA0B0847717B2334CE9B8FD |
SHA-256: | 7BB4BE9184710E7D3067CE155A3F8E37C248BDF649906EA40AF66A324ACE61A4 |
SHA-512: | 2550B4B0040F566D106E24E8180DE41225FEDA5B82C68A31BC7DBCF422B6751CC1701CD3F1CC51A7FFDBD57FDCDCCABF1F3B6444AFDA681221F8E6F734C40DAD |
Malicious: | false |
Reputation: | low |
URL: | https://circle.innovativecsportal.com/cL2QAwuf82oUn6oxR4S8IQKfqiEV2v1uB8rjaBTT+WEfz+dkUsA= |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 17:18:56.643986940 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:18:56.644002914 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:18:56.753177881 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:06.268183947 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:06.377477884 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:06.377770901 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:07.261380911 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.261765957 CEST | 49710 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.266415119 CEST | 80 | 49709 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:07.266503096 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.266599894 CEST | 80 | 49710 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:07.266653061 CEST | 49710 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.266695023 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.271516085 CEST | 80 | 49709 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:07.835974932 CEST | 80 | 49709 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:07.881702900 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.900043011 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.900125027 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:07.900257111 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.900887966 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:07.900914907 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.626709938 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.639785051 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:08.639820099 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.640930891 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.641024113 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:08.672166109 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:08.672269106 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.672344923 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:08.719399929 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.720700979 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:08.720726013 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:08.770309925 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:08.903285980 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:08.903338909 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:08.903409004 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:08.903662920 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:08.903677940 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:09.383172989 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:09.383294106 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:09.574954987 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:09.575319052 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:09.575349092 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:09.576473951 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:09.576535940 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:09.577879906 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:09.577941895 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:09.627629042 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:09.627645016 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:09.677463055 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:09.859697104 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:09.860444069 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:09.860512972 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:09.861773014 CEST | 49711 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:09.861819029 CEST | 443 | 49711 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.353456974 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:10.353502989 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.353574038 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:10.354213953 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:10.354224920 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.942471981 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.943093061 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:10.943113089 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.944255114 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.944807053 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:10.944968939 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:10.944977045 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.987423897 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:10.989809990 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:11.170478106 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:11.170531034 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:11.170720100 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:11.172816992 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:11.172838926 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:11.194624901 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:11.194833040 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:11.194942951 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:11.195616007 CEST | 49715 | 443 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:11.195631027 CEST | 443 | 49715 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:12.012543917 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.012618065 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.041390896 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.041409969 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.041665077 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.096136093 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.195087910 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.235440969 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.734438896 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.734504938 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.734560966 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.735929966 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.735955000 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.735970020 CEST | 49716 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.735977888 CEST | 443 | 49716 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.835182905 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.835236073 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:12.835316896 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.835628986 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:12.835648060 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.506387949 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.506490946 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:13.509848118 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:13.509859085 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.510113001 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.511924028 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:13.559412003 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.793795109 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.793884039 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:13.793958902 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:13.824120045 CEST | 49718 | 443 | 192.168.2.5 | 184.28.90.27 |
Oct 2, 2024 17:19:13.824148893 CEST | 443 | 49718 | 184.28.90.27 | 192.168.2.5 |
Oct 2, 2024 17:19:17.279161930 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:17.279239893 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:17.283416033 CEST | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:17.283469915 CEST | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:17.283587933 CEST | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:17.284404993 CEST | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:17.284425020 CEST | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:17.689094067 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:17.689111948 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:18.276367903 CEST | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:18.276456118 CEST | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:19.622495890 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:19.622555017 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:19.622657061 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:20.358130932 CEST | 49714 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:19:20.358185053 CEST | 443 | 49714 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:19:37.672796011 CEST | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Oct 2, 2024 17:19:37.672861099 CEST | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Oct 2, 2024 17:19:45.167015076 CEST | 55150 | 53 | 192.168.2.5 | 162.159.36.2 |
Oct 2, 2024 17:19:45.172036886 CEST | 53 | 55150 | 162.159.36.2 | 192.168.2.5 |
Oct 2, 2024 17:19:45.172151089 CEST | 55150 | 53 | 192.168.2.5 | 162.159.36.2 |
Oct 2, 2024 17:19:45.172461987 CEST | 55150 | 53 | 192.168.2.5 | 162.159.36.2 |
Oct 2, 2024 17:19:45.177675009 CEST | 53 | 55150 | 162.159.36.2 | 192.168.2.5 |
Oct 2, 2024 17:19:45.614195108 CEST | 53 | 55150 | 162.159.36.2 | 192.168.2.5 |
Oct 2, 2024 17:19:45.632946014 CEST | 55150 | 53 | 192.168.2.5 | 162.159.36.2 |
Oct 2, 2024 17:19:45.638573885 CEST | 53 | 55150 | 162.159.36.2 | 192.168.2.5 |
Oct 2, 2024 17:19:45.638662100 CEST | 55150 | 53 | 192.168.2.5 | 162.159.36.2 |
Oct 2, 2024 17:19:52.268465042 CEST | 49710 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:52.273564100 CEST | 80 | 49710 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:19:52.846600056 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:19:52.891565084 CEST | 80 | 49709 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:20:07.761848927 CEST | 80 | 49710 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:20:07.761924028 CEST | 49710 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:20:08.156198025 CEST | 49710 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:20:08.161175013 CEST | 80 | 49710 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:20:09.245307922 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:09.245371103 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:09.245452881 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:09.245722055 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:09.245733023 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:09.883101940 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:09.885114908 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:09.885145903 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:09.886245012 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:09.886830091 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:09.886914968 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:09.928683043 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:12.850578070 CEST | 80 | 49709 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:20:12.850687027 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:20:14.145474911 CEST | 49709 | 80 | 192.168.2.5 | 217.144.191.125 |
Oct 2, 2024 17:20:14.150796890 CEST | 80 | 49709 | 217.144.191.125 | 192.168.2.5 |
Oct 2, 2024 17:20:19.796704054 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:19.796772957 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Oct 2, 2024 17:20:19.797084093 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:20.145452976 CEST | 55154 | 443 | 192.168.2.5 | 142.250.186.164 |
Oct 2, 2024 17:20:20.145517111 CEST | 443 | 55154 | 142.250.186.164 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 17:19:05.883547068 CEST | 53 | 59559 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:05.906352043 CEST | 53 | 62761 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:06.985779047 CEST | 53 | 57784 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:07.238090038 CEST | 63418 | 53 | 192.168.2.5 | 1.1.1.1 |
Oct 2, 2024 17:19:07.238578081 CEST | 57739 | 53 | 192.168.2.5 | 1.1.1.1 |
Oct 2, 2024 17:19:07.246778965 CEST | 53 | 63418 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:07.350107908 CEST | 53 | 57739 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:07.841298103 CEST | 53563 | 53 | 192.168.2.5 | 1.1.1.1 |
Oct 2, 2024 17:19:07.841768980 CEST | 58947 | 53 | 192.168.2.5 | 1.1.1.1 |
Oct 2, 2024 17:19:07.848917961 CEST | 53 | 53563 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:07.953927040 CEST | 53 | 58947 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:08.895029068 CEST | 62535 | 53 | 192.168.2.5 | 1.1.1.1 |
Oct 2, 2024 17:19:08.895416975 CEST | 50594 | 53 | 192.168.2.5 | 1.1.1.1 |
Oct 2, 2024 17:19:08.901846886 CEST | 53 | 62535 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:08.901987076 CEST | 53 | 50594 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:24.666390896 CEST | 53 | 61248 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:44.255357027 CEST | 53 | 56314 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:19:45.166434050 CEST | 53 | 52561 | 162.159.36.2 | 192.168.2.5 |
Oct 2, 2024 17:19:46.299923897 CEST | 53 | 50474 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:20:04.747024059 CEST | 53 | 49989 | 1.1.1.1 | 192.168.2.5 |
Oct 2, 2024 17:20:06.323311090 CEST | 53 | 56980 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 2, 2024 17:19:07.350183010 CEST | 192.168.2.5 | 1.1.1.1 | c24e | (Port unreachable) | Destination Unreachable |
Oct 2, 2024 17:19:07.954034090 CEST | 192.168.2.5 | 1.1.1.1 | c24e | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 17:19:07.238090038 CEST | 192.168.2.5 | 1.1.1.1 | 0xd72c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:19:07.238578081 CEST | 192.168.2.5 | 1.1.1.1 | 0x88f7 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 17:19:07.841298103 CEST | 192.168.2.5 | 1.1.1.1 | 0x3987 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:19:07.841768980 CEST | 192.168.2.5 | 1.1.1.1 | 0xe991 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 17:19:08.895029068 CEST | 192.168.2.5 | 1.1.1.1 | 0x3fdd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:19:08.895416975 CEST | 192.168.2.5 | 1.1.1.1 | 0xd64 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 17:19:07.246778965 CEST | 1.1.1.1 | 192.168.2.5 | 0xd72c | No error (0) | 217.144.191.125 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:07.848917961 CEST | 1.1.1.1 | 192.168.2.5 | 0x3987 | No error (0) | 217.144.191.125 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:08.901846886 CEST | 1.1.1.1 | 192.168.2.5 | 0x3fdd | No error (0) | 142.250.186.164 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:08.901987076 CEST | 1.1.1.1 | 192.168.2.5 | 0xd64 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 17:19:18.224225998 CEST | 1.1.1.1 | 192.168.2.5 | 0x6826 | No error (0) | 87.248.204.0 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:18.914220095 CEST | 1.1.1.1 | 192.168.2.5 | 0x811d | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:18.914220095 CEST | 1.1.1.1 | 192.168.2.5 | 0x811d | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:32.119786978 CEST | 1.1.1.1 | 192.168.2.5 | 0x16ce | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:32.119786978 CEST | 1.1.1.1 | 192.168.2.5 | 0x16ce | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:58.543529034 CEST | 1.1.1.1 | 192.168.2.5 | 0x48aa | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 17:19:58.543529034 CEST | 1.1.1.1 | 192.168.2.5 | 0x48aa | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:20:17.817117929 CEST | 1.1.1.1 | 192.168.2.5 | 0x2cbf | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 17:20:17.817117929 CEST | 1.1.1.1 | 192.168.2.5 | 0x2cbf | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49709 | 217.144.191.125 | 80 | 1216 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Oct 2, 2024 17:19:07.266695023 CEST | 496 | OUT | |
Oct 2, 2024 17:19:07.835974932 CEST | 420 | IN | |
Oct 2, 2024 17:19:52.846600056 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49710 | 217.144.191.125 | 80 | 1216 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Oct 2, 2024 17:19:52.268465042 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49711 | 217.144.191.125 | 443 | 1216 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:19:08 UTC | 724 | OUT | |
2024-10-02 15:19:09 UTC | 165 | IN | |
2024-10-02 15:19:09 UTC | 209 | IN | |
2024-10-02 15:19:09 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49715 | 217.144.191.125 | 443 | 1216 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:19:10 UTC | 666 | OUT | |
2024-10-02 15:19:11 UTC | 98 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49716 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:19:12 UTC | 161 | OUT | |
2024-10-02 15:19:12 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49718 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:19:13 UTC | 239 | OUT | |
2024-10-02 15:19:13 UTC | 514 | IN | |
2024-10-02 15:19:13 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 11:18:59 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 11:19:03 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 11:19:06 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |