exfil.pcap

MD59d5c4b685c9d6b9ddf7d3eb8063d0f05
Submission Date2020-09-28 05:57:33
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 154
Showing 1-20 of 154 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2020-07-28T23:22:45.461723-0700192.168.72.146192.168.72.2querytwitter.comA(not set)
2
2020-07-28T23:22:45.481786-0700192.168.72.2192.168.72.146answertwitter.comA(not set)
3
2020-07-28T23:22:47.835457-0700192.168.72.146192.168.72.2querywww.minister.defence.gov.auA(not set)
4
2020-07-28T23:22:48.140764-0700192.168.72.2192.168.72.146answerwww.minister.defence.gov.auA(not set)
5
2020-07-28T23:22:48.340018-0700192.168.72.146192.168.72.2queryfonts.googleapis.comA(not set)
6
2020-07-28T23:22:48.355751-0700192.168.72.2192.168.72.146answerfonts.googleapis.comA(not set)
7
2020-07-28T23:22:48.329730-0700192.168.72.146192.168.72.2querycdn.jsdelivr.netA(not set)
8
2020-07-28T23:22:48.347618-0700192.168.72.2192.168.72.146answercdn.jsdelivr.netA(not set)
9
2020-07-28T23:22:48.578265-0700192.168.72.146192.168.72.2querymy.gov.auA(not set)
10
2020-07-28T23:22:48.596832-0700192.168.72.2192.168.72.146answermy.gov.auA(not set)
11
2020-07-28T23:22:49.474988-0700192.168.72.146192.168.72.2queryabs-0.twimg.comA(not set)
12
2020-07-28T23:22:49.493963-0700192.168.72.2192.168.72.146answerabs-0.twimg.comA(not set)
13
2020-07-28T23:22:50.204077-0700192.168.72.146192.168.72.2querysafebrowsing.googleapis.comA(not set)
14
2020-07-28T23:22:50.221650-0700192.168.72.2192.168.72.146answersafebrowsing.googleapis.comA(not set)
15
2020-07-28T23:22:50.439322-0700192.168.72.146192.168.72.2queryvideo.twimg.comA(not set)
16
2020-07-28T23:22:50.458257-0700192.168.72.2192.168.72.146answervideo.twimg.comA(not set)
17
2020-07-28T23:22:49.855636-0700192.168.72.146192.168.72.2queryaskvamygov-ui.azurewebsites.netA(not set)
18
2020-07-28T23:22:49.878700-0700192.168.72.2192.168.72.146answeraskvamygov-ui.azurewebsites.netA(not set)
19
2020-07-28T23:23:10.398547-0700192.168.72.146192.168.72.2queryt.coA(not set)
20
2020-07-28T23:23:10.417006-0700192.168.72.2192.168.72.146answert.coA(not set)
TLS 37
Showing 1-20 of 37 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2020-07-28T23:22:48.482464-0700192.168.72.146142.250.66.170TLS 1.3fonts.googleapis.com
2
2020-07-28T23:22:48.655007-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
3
2020-07-28T23:22:48.155743-0700192.168.72.146104.116.224.110TLS 1.3www.minister.defence.gov.au
4
2020-07-28T23:22:45.518774-0700192.168.72.146104.244.42.1TLS 1.2twitter.com
5
2020-07-28T23:22:49.126343-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
6
2020-07-28T23:22:49.127071-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
7
2020-07-28T23:22:49.240147-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
8
2020-07-28T23:22:49.240968-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
9
2020-07-28T23:22:49.250365-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
10
2020-07-28T23:22:49.514457-0700192.168.72.146104.244.43.131TLS 1.2abs-0.twimg.com
11
2020-07-28T23:22:50.252812-0700192.168.72.14613.75.138.224TLS 1.2askvamygov-ui.azurewebsites.net
12
2020-07-28T23:22:50.264036-0700192.168.72.14613.75.138.224TLS 1.2askvamygov-ui.azurewebsites.net
13
2020-07-28T23:22:49.133627-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
14
2020-07-28T23:22:49.135122-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
15
2020-07-28T23:22:49.904861-0700192.168.72.146161.146.235.225TLS 1.2my.gov.au
16
2020-07-28T23:22:49.917019-0700192.168.72.14613.75.138.224TLS 1.2askvamygov-ui.azurewebsites.net
17
2020-07-28T23:22:50.258087-0700192.168.72.146142.250.66.202TLS 1.3safebrowsing.googleapis.com
18
2020-07-28T23:22:50.265797-0700192.168.72.14613.75.138.224TLS 1.2askvamygov-ui.azurewebsites.net
19
2020-07-28T23:22:51.134448-0700192.168.72.146192.229.232.217TLS 1.3video.twimg.com
20
2020-07-28T23:22:50.259840-0700192.168.72.14613.75.138.224TLS 1.2askvamygov-ui.azurewebsites.net
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 6
Showing 1-6 of 6 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-07-28T23:23:10.535967-0700192.168.72.146ocsp.digicert.com80POST/200
2
2020-07-28T23:23:11.312095-0700192.168.72.146google.com80GET/robots.txt301
3
2020-07-28T23:23:12.358980-0700192.168.72.146ocsp.pki.goog80POST/gts1o1core200
4
2020-07-28T23:23:11.475694-0700192.168.72.146google.com80GET/racialequity301
5
2020-07-28T23:25:19.948763-0700192.168.72.146connectivity-check.ubuntu.com80GET/204
6
2020-07-28T23:30:13.361331-0700192.168.72.146connectivity-check.ubuntu.com80GET/204
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 156
Showing 1-20 of 156 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-07-28T23:32:05.788926-0700845745996967986flow192.168.72.14647057192.168.72.253UDPpcapanalyzer
2
2020-07-28T23:32:05.788926-0700705989910212154flow192.168.72.14639796192.168.72.253UDPpcapanalyzer
3
2020-07-28T23:32:05.788926-0700988029673343899flow192.168.72.14636357192.168.72.253UDPpcapanalyzer
4
2020-07-28T23:32:05.788926-0700567807942776125flow192.168.72.14647653192.168.72.253UDPpcapanalyzer
5
2020-07-28T23:32:05.788926-07001274619965852044flow192.168.72.1463649835.222.85.580TCPpcapanalyzer
6
2020-07-28T23:32:05.788926-0700290181239869842flow192.168.72.14639916161.146.235.225443TCPpcapanalyzer
7
2020-07-28T23:32:05.788926-0700854084677408290flow192.168.72.14650302192.168.72.253UDPpcapanalyzer
8
2020-07-28T23:32:05.788926-07001137080071176044flow192.168.72.14644350192.168.72.253UDPpcapanalyzer
9
2020-07-28T23:32:05.788926-07001278171896796929flow192.168.72.14643318142.250.66.202443TCPpcapanalyzer
10
2020-07-28T23:32:05.788926-07001419083330254703flow192.168.72.14654986104.244.42.69443TCPpcapanalyzer
11
2020-07-28T23:32:05.788926-0700294093956540759flow192.168.72.14655416192.168.72.253UDPpcapanalyzer
12
2020-07-28T23:32:05.788926-07001560862375818769flow192.168.72.14668192.168.72.25467UDPpcapanalyzer
13
2020-07-28T23:32:05.788926-0700154148920535384flow192.168.72.14659676192.168.1.104443TCPpcapanalyzer
14
2020-07-28T23:32:05.788926-0700577364228196088flow192.168.72.1463546013.75.138.224443TCPpcapanalyzer
15
2020-07-28T23:32:05.788926-07001002958980079307flow192.168.72.14655004192.229.232.217443TCPpcapanalyzer
16
2020-07-28T23:32:05.788926-070018756489131126flow192.168.72.14658422192.168.72.253UDPpcapanalyzer
17
2020-07-28T23:32:05.788926-07001144991401069066flow192.168.72.14655002192.229.232.217443TCPpcapanalyzer
18
2020-07-28T23:32:05.788926-07001848906475969237flow192.168.72.14639918161.146.235.225443TCPpcapanalyzer
19
2020-07-28T23:32:05.788926-07001709332925239815flow192.168.72.14656700142.250.66.164443TCPpcapanalyzer
20
2020-07-28T23:32:05.788926-07001428223019336369flow192.168.72.1463545813.75.138.224443TCPpcapanalyzer
File 6
Showing 1-6 of 6 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2020-07-28T23:23:10.528134-0700192.168.72.146117.18.237.29/data83
2
2020-07-28T23:23:10.535967-0700117.18.237.29192.168.72.146/data471
3
2020-07-28T23:23:11.312095-0700142.250.66.174192.168.72.146/robots.txtHTML document, ASCII text, with CRLF, LF line terminators230
4
2020-07-28T23:23:12.248465-0700192.168.72.146142.250.66.163/gts1o1coredata84
5
2020-07-28T23:23:12.358980-0700142.250.66.163192.168.72.146/gts1o1coredata472
6
2020-07-28T23:23:11.475694-0700142.250.66.174192.168.72.146/racialequityHTML document, ASCII text, with CRLF, LF line terminators232

Comments(not set)

Update Download PCAP Delete