Windows
Analysis Report
https://musicforyou.com.au/vn%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w7x64
- chrome.exe (PID: 2780 cmdline:
"C:\Progra m Files (x 86)\Google \Chrome\Ap plication\ chrome.exe " --start- maximized "about:bla nk" MD5: FFA2B8E17F645BCC20F0E0201FEF83ED) - chrome.exe (PID: 1468 cmdline:
"C:\Progra m Files (x 86)\Google \Chrome\Ap plication\ chrome.exe " --type=u tility --u tility-sub -type=netw ork.mojom. NetworkSer vice --lan g=en-US -- service-sa ndbox-type =none --mo jo-platfor m-channel- handle=136 8 --field- trial-hand le=1248,i, 1543774730 2177852586 ,175057448 0090820744 4,131072 - -disable-f eatures=Op timization GuideModel Downloadin g,Optimiza tionHints, Optimizati onHintsFet ching,Opti mizationTa rgetPredic tion /pref etch:8 MD5: FFA2B8E17F645BCC20F0E0201FEF83ED)
- chrome.exe (PID: 2756 cmdline:
"C:\Progra m Files (x 86)\Google \Chrome\Ap plication\ chrome.exe " "https:/ /musicfory ou.com.au/ vn%20%20%2 0%20%20%20 %20%20%20% 20%20%20%2 0%20%20%20 %20%20%20% 20%20%20%2 0%20%20%20 %20%20%20% 20%20%20%2 0%20%20%20 %20%20/" MD5: FFA2B8E17F645BCC20F0E0201FEF83ED)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 2 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
musicforyou.com.au | 27.124.114.163 | true | false | unknown | |
pe-0000ec08.gslb.pphosted.com | 148.163.158.107 | true | false | unknown | |
www.google.com | 142.250.186.164 | true | false | unknown | |
secmail.bankofamerica.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.164 | www.google.com | United States | 15169 | GOOGLEUS | false | |
27.124.114.163 | musicforyou.com.au | Australia | 38719 | DREAMSCAPE-AS-APDreamscapeNetworksLimitedAU | false | |
148.163.158.107 | pe-0000ec08.gslb.pphosted.com | United States | 22843 | PROOFPOINT-ASN-US-EASTUS | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1525245 |
Start date and time: | 2024-10-03 23:29:30 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://musicforyou.com.au/vn%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/ |
Analysis system description: | Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2) |
Number of analysed new started processes analysed: | 3 |
Number of new started drivers analysed: | 2 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@18/8@12/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): vga.dll
- Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.185.142, 172.217.218.84, 34.104.35.123, 142.250.74.195, 142.250.186.170
- Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, update.googleapis.com, clientservices.googleapis.com, safebrowsing.googleapis.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://musicforyou.com.au/vn%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23850 |
Entropy (8bit): | 5.133370646001484 |
Encrypted: | false |
SSDEEP: | 192:CF68S5qMzmxW4BAfW4aXHMzmsW4XA/IS0KBxo/8Wt2SmS5qMzmxW4BAfW4aXHMzo:CFgXmv7UmWXSZi0gPXmv7UmWXSZhhdR |
MD5: | 1A0AE1BE1CDF064AEE2B6CC02187CD5C |
SHA1: | C52163821CD560FA34BF34137874F679F2A65092 |
SHA-256: | B74F847D25C12C4F87FAF4B4B0006F006EEE0F313914B3FA453471D5A7FD4B03 |
SHA-512: | D7894CBAB32EDC7D1ECC76F99E5DDE02885491E7FC2272A686E0C966F38089B52302290CA3486F14A952C1CCD92574BAF97EEDBAAD072EC07E66055596FAFF2C |
Malicious: | false |
Reputation: | low |
URL: | https://musicforyou.com.au/vn%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/ |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1132 |
Entropy (8bit): | 7.752665608354536 |
Encrypted: | false |
SSDEEP: | 24:2krhrJ1Yn1bAX9BpXUBQAWCXZ0UP/3WPHUM2F1O/wQJCtK6a:2qrJ12MX93ZCXBoHUM2F1OLGK6a |
MD5: | 3956ED2513EA1445148F27CC549ED1D2 |
SHA1: | C89669933163307B2B1009CDF16E2FB2DE065A1A |
SHA-256: | 7FFA6DE062B305D949FB8FE0DF87F23FD09D3EDBE74497EE2625B7D0B5070B8A |
SHA-512: | 0AF33445A3FF40404DC71E4D57DA2F64DD3BF75BEB96A0FF3869D807EAEC1C12F2B1802C6F9ECE66DBB009191F74044F545DBCDF834443F8C5AFDE44D10F99D7 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1933 |
Entropy (8bit): | 6.714574381049021 |
Encrypted: | false |
SSDEEP: | 48:0H3X3BNXrhfmR2xq+KhwuWl85pJMDCf6WcVqU08w3:0H3nBN7huR2g+KhCl0kqv8w3 |
MD5: | 11D203DF4573DDEF7A39312650D60916 |
SHA1: | B34B20779C3D853DE36D9A42521CFF9075DE315B |
SHA-256: | 5992D4BCF7F1B705FA08AA8A3B0E4C5C1974C6E76B6BA5A69A7D21D0FD939247 |
SHA-512: | E3DC11AF9737A1B0A2DECE412C95D3C7AC56BC9951BC4A3F273E729ABD9411615B9FD7DF42E86DC2D4D91D0FC08AADB88C2448797D5AC56432B282B8C408E84B |
Malicious: | false |
Reputation: | low |
URL: | https://secmail.bankofamerica.com/securereader/Image?c=lock&b=1&rnd=0.00823190732671009 |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1132 |
Entropy (8bit): | 7.752665608354536 |
Encrypted: | false |
SSDEEP: | 24:2krhrJ1Yn1bAX9BpXUBQAWCXZ0UP/3WPHUM2F1O/wQJCtK6a:2qrJ12MX93ZCXBoHUM2F1OLGK6a |
MD5: | 3956ED2513EA1445148F27CC549ED1D2 |
SHA1: | C89669933163307B2B1009CDF16E2FB2DE065A1A |
SHA-256: | 7FFA6DE062B305D949FB8FE0DF87F23FD09D3EDBE74497EE2625B7D0B5070B8A |
SHA-512: | 0AF33445A3FF40404DC71E4D57DA2F64DD3BF75BEB96A0FF3869D807EAEC1C12F2B1802C6F9ECE66DBB009191F74044F545DBCDF834443F8C5AFDE44D10F99D7 |
Malicious: | false |
Reputation: | low |
URL: | https://musicforyou.com.au/wp-content/uploads/2022/02/cropped-favicon-32x32.png |
Preview: |
Process: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1933 |
Entropy (8bit): | 6.714574381049021 |
Encrypted: | false |
SSDEEP: | 48:0H3X3BNXrhfmR2xq+KhwuWl85pJMDCf6WcVqU08w3:0H3nBN7huR2g+KhCl0kqv8w3 |
MD5: | 11D203DF4573DDEF7A39312650D60916 |
SHA1: | B34B20779C3D853DE36D9A42521CFF9075DE315B |
SHA-256: | 5992D4BCF7F1B705FA08AA8A3B0E4C5C1974C6E76B6BA5A69A7D21D0FD939247 |
SHA-512: | E3DC11AF9737A1B0A2DECE412C95D3C7AC56BC9951BC4A3F273E729ABD9411615B9FD7DF42E86DC2D4D91D0FC08AADB88C2448797D5AC56432B282B8C408E84B |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2024 23:30:25.251610994 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:25.251720905 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:25.251800060 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:25.254760027 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:25.254808903 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:25.256728888 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:25.256758928 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:25.256815910 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:25.261558056 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:25.261588097 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:26.829390049 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:26.829432964 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:26.829713106 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:26.830188990 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:26.830199957 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:27.524830103 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:27.735423088 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:27.735537052 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:27.901752949 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:27.901774883 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:27.903465033 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:27.903527975 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:27.964057922 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:27.964284897 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:28.171406031 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:28.171474934 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:29.384016991 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.384433985 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.384497881 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.385977030 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.386034966 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.387197018 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.387284040 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.387501001 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.387520075 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.389817953 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.390036106 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.390048981 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.391727924 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.391792059 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.393431902 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.393524885 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.595431089 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.595505953 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.599425077 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.599490881 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.885117054 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.885183096 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:29.885308027 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:29.885358095 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.091411114 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.091475010 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:30.091552019 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.091628075 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:30.091639042 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.091768026 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.091825008 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:30.091836929 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.091850996 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:30.091969967 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:30.092021942 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:30.092361927 CEST | 49166 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:30.092381954 CEST | 443 | 49166 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:31.733097076 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:31.733156919 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:31.733217955 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:31.733797073 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:31.733814955 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.590518951 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.590991974 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.591011047 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.592463017 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.592523098 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.594070911 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.594151974 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.594482899 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.594491959 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.729168892 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.729382038 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.729403973 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.729952097 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.730011940 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.735481977 CEST | 49168 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.735501051 CEST | 443 | 49168 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.748867035 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:32.795411110 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:32.938380957 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.938429117 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:32.938473940 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.938721895 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:32.938734055 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.456140041 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.456655025 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.456679106 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.458153009 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.458214998 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.458604097 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.458679914 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.458743095 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.458753109 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.634670019 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.634718895 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.634736061 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.635067940 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.635116100 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.636322021 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.636338949 CEST | 443 | 49171 | 148.163.158.107 | 192.168.2.22 |
Oct 3, 2024 23:30:33.636373997 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.636389017 CEST | 49171 | 443 | 192.168.2.22 | 148.163.158.107 |
Oct 3, 2024 23:30:33.831449032 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:33.831624031 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:33.831690073 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.832261086 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.832261086 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.832304955 CEST | 443 | 49165 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:33.832385063 CEST | 49165 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.833849907 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.833900928 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:33.833990097 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.834273100 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:33.834291935 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.430849075 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.431268930 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.431303978 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.431787968 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.432168007 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.432250977 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.432291031 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.479454994 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.633578062 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.945080996 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.945283890 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.945447922 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.946532965 CEST | 49172 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.946576118 CEST | 443 | 49172 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.978157997 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.978204966 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:35.978390932 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.978672028 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:35.978693962 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:36.931210041 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:36.931533098 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:36.931559086 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:36.933016062 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:36.933065891 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:36.933676958 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:36.933754921 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:36.934029102 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:36.934036016 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:37.143415928 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:37.143735886 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:37.426255941 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:37.426359892 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:30:37.426472902 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:37.437664986 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:37.438342094 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:37.443793058 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:37.474179983 CEST | 49173 | 443 | 192.168.2.22 | 27.124.114.163 |
Oct 3, 2024 23:30:37.474210978 CEST | 443 | 49173 | 27.124.114.163 | 192.168.2.22 |
Oct 3, 2024 23:30:37.518194914 CEST | 49167 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:30:37.518213987 CEST | 443 | 49167 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:26.869632959 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:26.869690895 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:26.869796991 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:26.870057106 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:26.870073080 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:27.596677065 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:27.606364012 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:27.606425047 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:27.607081890 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:27.621715069 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:27.621967077 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:27.821608067 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:37.432980061 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:37.433105946 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Oct 3, 2024 23:31:37.433274984 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:38.622461081 CEST | 49175 | 443 | 192.168.2.22 | 142.250.186.164 |
Oct 3, 2024 23:31:38.622529984 CEST | 443 | 49175 | 142.250.186.164 | 192.168.2.22 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2024 23:30:22.197716951 CEST | 53 | 54821 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:22.356175900 CEST | 53 | 52781 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:25.232434988 CEST | 62672 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:25.235125065 CEST | 56475 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:25.239891052 CEST | 53 | 62672 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:25.247565031 CEST | 53 | 54842 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:25.255326033 CEST | 53 | 56475 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:26.816759109 CEST | 57390 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:26.817754984 CEST | 58095 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:26.824110031 CEST | 53 | 57390 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:26.826286077 CEST | 53 | 58095 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:30.138048887 CEST | 55939 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:30.138636112 CEST | 49608 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:31.336374044 CEST | 53 | 55939 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:31.336664915 CEST | 53 | 49608 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:31.696861029 CEST | 61486 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:31.719364882 CEST | 62453 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:31.898816109 CEST | 53 | 61486 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:32.024507046 CEST | 53 | 62453 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:32.775099993 CEST | 61467 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:32.775599957 CEST | 61618 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:32.892767906 CEST | 53 | 61618 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:32.937731028 CEST | 53 | 61467 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:35.958306074 CEST | 61826 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:35.958528996 CEST | 56329 | 53 | 192.168.2.22 | 8.8.8.8 |
Oct 3, 2024 23:30:35.965648890 CEST | 53 | 61826 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:35.977844954 CEST | 53 | 56329 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:42.509161949 CEST | 53 | 51870 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:30:51.069710970 CEST | 53 | 63373 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:31:04.468444109 CEST | 53 | 63950 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:31:22.551769018 CEST | 53 | 64215 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:31:24.288889885 CEST | 53 | 53031 | 8.8.8.8 | 192.168.2.22 |
Oct 3, 2024 23:31:44.894525051 CEST | 53 | 50380 | 8.8.8.8 | 192.168.2.22 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 3, 2024 23:30:25.255433083 CEST | 192.168.2.22 | 8.8.8.8 | d05a | (Port unreachable) | Destination Unreachable |
Oct 3, 2024 23:30:31.898899078 CEST | 192.168.2.22 | 8.8.8.8 | d047 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 3, 2024 23:30:25.232434988 CEST | 192.168.2.22 | 8.8.8.8 | 0x894f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 23:30:25.235125065 CEST | 192.168.2.22 | 8.8.8.8 | 0x8c41 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 23:30:26.816759109 CEST | 192.168.2.22 | 8.8.8.8 | 0x3d32 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 23:30:26.817754984 CEST | 192.168.2.22 | 8.8.8.8 | 0xbba9 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 23:30:30.138048887 CEST | 192.168.2.22 | 8.8.8.8 | 0x5741 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 23:30:30.138636112 CEST | 192.168.2.22 | 8.8.8.8 | 0xd462 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 23:30:31.696861029 CEST | 192.168.2.22 | 8.8.8.8 | 0xc30d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 23:30:31.719364882 CEST | 192.168.2.22 | 8.8.8.8 | 0x6786 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 23:30:32.775099993 CEST | 192.168.2.22 | 8.8.8.8 | 0xe180 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 23:30:32.775599957 CEST | 192.168.2.22 | 8.8.8.8 | 0xee5e | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 3, 2024 23:30:35.958306074 CEST | 192.168.2.22 | 8.8.8.8 | 0x37da | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 3, 2024 23:30:35.958528996 CEST | 192.168.2.22 | 8.8.8.8 | 0xec38 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 3, 2024 23:30:25.239891052 CEST | 8.8.8.8 | 192.168.2.22 | 0x894f | No error (0) | 27.124.114.163 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:26.824110031 CEST | 8.8.8.8 | 192.168.2.22 | 0x3d32 | No error (0) | 142.250.186.164 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:26.826286077 CEST | 8.8.8.8 | 192.168.2.22 | 0xbba9 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 3, 2024 23:30:31.336374044 CEST | 8.8.8.8 | 192.168.2.22 | 0x5741 | No error (0) | pe-0000ec08.gslb.pphosted.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:31.336374044 CEST | 8.8.8.8 | 192.168.2.22 | 0x5741 | No error (0) | 148.163.158.107 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:31.336664915 CEST | 8.8.8.8 | 192.168.2.22 | 0xd462 | No error (0) | pe-0000ec08.gslb.pphosted.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:31.898816109 CEST | 8.8.8.8 | 192.168.2.22 | 0xc30d | No error (0) | pe-0000ec08.gslb.pphosted.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:31.898816109 CEST | 8.8.8.8 | 192.168.2.22 | 0xc30d | No error (0) | 148.163.158.107 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:32.024507046 CEST | 8.8.8.8 | 192.168.2.22 | 0x6786 | No error (0) | pe-0000ec08.gslb.pphosted.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:32.892767906 CEST | 8.8.8.8 | 192.168.2.22 | 0xee5e | No error (0) | pe-0000ec08.gslb.pphosted.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:32.937731028 CEST | 8.8.8.8 | 192.168.2.22 | 0xe180 | No error (0) | pe-0000ec08.gslb.pphosted.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:32.937731028 CEST | 8.8.8.8 | 192.168.2.22 | 0xe180 | No error (0) | 148.163.158.107 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 23:30:35.965648890 CEST | 8.8.8.8 | 192.168.2.22 | 0x37da | No error (0) | 27.124.114.163 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.22 | 49166 | 27.124.114.163 | 443 | 1468 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 21:30:29 UTC | 779 | OUT | |
2024-10-03 21:30:29 UTC | 234 | IN | |
2024-10-03 21:30:29 UTC | 7958 | IN | |
2024-10-03 21:30:30 UTC | 8432 | IN | |
2024-10-03 21:30:30 UTC | 2 | IN | |
2024-10-03 21:30:30 UTC | 7479 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.22 | 49168 | 148.163.158.107 | 443 | 1468 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 21:30:32 UTC | 641 | OUT | |
2024-10-03 21:30:32 UTC | 525 | IN | |
2024-10-03 21:30:32 UTC | 1940 | IN | |
2024-10-03 21:30:32 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.22 | 49165 | 27.124.114.163 | 443 | 1468 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 21:30:32 UTC | 710 | OUT | |
2024-10-03 21:30:33 UTC | 393 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.22 | 49171 | 148.163.158.107 | 443 | 1468 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 21:30:33 UTC | 402 | OUT | |
2024-10-03 21:30:33 UTC | 525 | IN | |
2024-10-03 21:30:33 UTC | 1940 | IN | |
2024-10-03 21:30:33 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.22 | 49172 | 27.124.114.163 | 443 | 1468 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 21:30:35 UTC | 751 | OUT | |
2024-10-03 21:30:35 UTC | 232 | IN | |
2024-10-03 21:30:35 UTC | 1132 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.22 | 49173 | 27.124.114.163 | 443 | 1468 | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 21:30:36 UTC | 394 | OUT | |
2024-10-03 21:30:37 UTC | 232 | IN | |
2024-10-03 21:30:37 UTC | 1132 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 17:30:19 |
Start date: | 03/10/2024 |
Path: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13ff30000 |
File size: | 3'151'128 bytes |
MD5 hash: | FFA2B8E17F645BCC20F0E0201FEF83ED |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 17:30:20 |
Start date: | 03/10/2024 |
Path: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13ff30000 |
File size: | 3'151'128 bytes |
MD5 hash: | FFA2B8E17F645BCC20F0E0201FEF83ED |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 4 |
Start time: | 17:30:23 |
Start date: | 03/10/2024 |
Path: | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13ff30000 |
File size: | 3'151'128 bytes |
MD5 hash: | FFA2B8E17F645BCC20F0E0201FEF83ED |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |