net.pcap

MD546d005da6181f74b874284d22087c371
Submission Date2022-06-28 19:07:10
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2022-05-07T18:42:27.108338-070010.0.2.4192.168.1.1ET DNS Query to a *.top domain - Likely Hostile*
DNS 316
Showing 1-20 of 316 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2022-05-07T18:42:22.521018-070010.0.2.4192.168.1.1querymicrosoft.comAAAA(not set)
2
2022-05-07T18:42:01.414259-070010.0.2.4192.168.1.1querybrowser.events.data.microsoft.comA(not set)
3
2022-05-07T18:42:01.416640-070010.0.2.4192.168.1.1querybrowser.events.data.microsoft.comAAAA(not set)
4
2022-05-07T18:42:22.523859-070010.0.2.4192.168.1.1queryubuntu.comA(not set)
5
2022-05-07T18:42:22.523933-070010.0.2.4192.168.1.1queryubuntu.comAAAA(not set)
6
2022-05-07T18:42:01.436209-070010.0.2.4192.168.1.1queryonedscolprdaus00.australiasoutheast.cloudapp.azure.comAAAA(not set)
7
2022-05-07T18:42:22.535989-0700192.168.1.110.0.2.4answermicrosoft.comAAAA(not set)
8
2022-05-07T18:42:01.439207-0700192.168.1.110.0.2.4answeronedscolprdaus00.australiasoutheast.cloudapp.azure.comAAAA(not set)
9
2022-05-07T18:42:01.433959-0700192.168.1.110.0.2.4answerbrowser.events.data.microsoft.comA(not set)
10
2022-05-07T18:42:22.545154-070010.0.2.4192.168.1.1queryassets.ubuntu.comAAAA(not set)
11
2022-05-07T18:42:22.549673-070010.0.2.4192.168.1.1querywww.first.orgAAAA(not set)
12
2022-05-07T18:42:22.552714-0700192.168.1.110.0.2.4answerwww.first.orgAAAA(not set)
13
2022-05-07T18:42:01.436006-0700192.168.1.110.0.2.4answerbrowser.events.data.microsoft.comAAAA(not set)
14
2022-05-07T18:42:22.680593-0700192.168.1.110.0.2.4answerubuntu.comA(not set)
15
2022-05-07T18:42:22.682790-0700192.168.1.110.0.2.4answerubuntu.comAAAA(not set)
16
2022-05-07T18:42:22.704014-0700192.168.1.110.0.2.4answerassets.ubuntu.comAAAA(not set)
17
2022-05-07T18:42:23.019498-070010.0.2.4192.168.1.1querymem.gfx.msAAAA(not set)
18
2022-05-07T18:42:23.020032-070010.0.2.4192.168.1.1queryimg-prod-cms-rt-microsoft-com.akamaized.netA(not set)
19
2022-05-07T18:42:23.020106-070010.0.2.4192.168.1.1queryimg-prod-cms-rt-microsoft-com.akamaized.netAAAA(not set)
20
2022-05-07T18:42:23.034412-0700192.168.1.110.0.2.4answermem.gfx.msAAAA(not set)
TLS 24
Showing 1-20 of 24 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2022-05-07T18:42:22.581062-070010.0.2.4200.160.7.7TLS 1.3cert.br
2
2022-05-07T18:42:22.614048-070010.0.2.4104.89.249.163TLS 1.3www.microsoft.com
3
2022-05-07T18:42:02.374381-070010.0.2.4104.46.162.224TLS 1.2browser.events.data.microsoft.com
4
2022-05-07T18:42:02.102642-070010.0.2.4104.46.162.224TLS 1.2browser.events.data.microsoft.com
5
2022-05-07T18:42:23.099878-070010.0.2.4185.125.190.29TLS 1.3ubuntu.com
6
2022-05-07T18:42:23.137221-070010.0.2.4213.208.154.14UNDETERMINEDwww.first.org
7
2022-05-07T18:42:23.147077-070010.0.2.4185.125.190.21TLS 1.3assets.ubuntu.com
8
2022-05-07T18:42:23.527319-070010.0.2.4213.208.154.14TLS 1.2www.first.org
9
2022-05-07T18:42:23.092746-070010.0.2.4200.174.148.41TLS 1.2img-prod-cms-rt-microsoft-com.akamaized.net
10
2022-05-07T18:42:23.094416-070010.0.2.413.107.213.33TLS 1.2mem.gfx.ms
11
2022-05-07T18:42:23.136535-070010.0.2.4213.208.154.14UNDETERMINEDwww.first.org
12
2022-05-07T18:42:23.057102-070010.0.2.4213.208.154.14TLS 1.2www.first.org
13
2022-05-07T18:42:23.115858-070010.0.2.4213.208.154.14UNDETERMINEDwww.first.org
14
2022-05-07T18:42:23.180254-070010.0.2.413.107.213.33TLS 1.2wcpstatic.microsoft.com
15
2022-05-07T18:42:27.411803-070010.0.2.435.229.23.216TLS 1.3api.open.wisdom.alphasoc.net
16
2022-05-07T18:42:27.431997-070010.0.2.435.229.23.216TLS 1.3api.open.wisdom.alphasoc.net
17
2022-05-07T18:42:27.199860-070010.0.2.4142.250.79.202TLS 1.3safebrowsing.googleapis.com
18
2022-05-07T18:42:27.453830-070010.0.2.435.229.23.216TLS 1.3api.open.wisdom.alphasoc.net
19
2022-05-07T18:42:30.211276-070010.0.2.413.107.213.33TLS 1.2mem.gfx.ms
20
2022-05-07T18:42:31.385748-070010.0.2.440.126.45.17TLS 1.2login.live.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 191
Showing 1-20 of 191 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2022-05-07T18:42:43.127166-07001549461529015444flow10.0.2.436739192.168.1.153UDPpcapanalyzer
2
2022-05-07T18:42:43.127166-07001268087484036395flow10.0.2.437887192.168.1.153UDPpcapanalyzer
3
2022-05-07T18:42:43.127166-07001973836509489134flow10.0.2.45916020.84.181.62443TCPpcapanalyzer
4
2022-05-07T18:42:43.127166-0700848067599636916flow10.0.2.454702192.168.1.153UDPpcapanalyzer
5
2022-05-07T18:42:43.127166-0700989786487606848flow10.0.2.447670192.168.1.153UDPpcapanalyzer
6
2022-05-07T18:42:43.127166-07001552815899007384flow10.0.2.443384192.168.1.153UDPpcapanalyzer
7
2022-05-07T18:42:43.127166-0700849338910089537flow10.0.2.434749192.168.1.153UDPpcapanalyzer
8
2022-05-07T18:42:43.127166-0700286522100614841flow10.0.2.441561192.168.1.153UDPpcapanalyzer
9
2022-05-07T18:42:43.127166-07005412196229665flow10.0.2.456450192.168.1.153UDPpcapanalyzer
10
2022-05-07T18:42:43.127166-07005586142094247flow10.0.2.452805192.168.1.153UDPpcapanalyzer
11
2022-05-07T18:42:43.127166-07001553842395390531flow10.0.2.439685104.47.66.3325TCPpcapanalyzer
12
2022-05-07T18:42:43.127166-07001835699624323985flow10.0.2.448459192.168.1.153UDPpcapanalyzer
13
2022-05-07T18:42:43.127166-0700428518014168343flow10.0.2.460059192.168.1.153UDPpcapanalyzer
14
2022-05-07T18:42:43.127166-0700851050454485469flow10.0.2.440892192.168.1.153UDPpcapanalyzer
15
2022-05-07T18:42:43.127166-0700852654624791830flow10.0.2.436027192.168.1.153UDPpcapanalyzer
16
2022-05-07T18:42:43.127166-0700290222213002181flow10.0.2.437978104.46.162.224443TCPpcapanalyzer
17
2022-05-07T18:42:43.127166-0700572446663542860flow10.0.2.433565192.168.1.153UDPpcapanalyzer
18
2022-05-07T18:42:43.127166-07001276327378640516flow10.0.2.43384367.195.228.8425TCPpcapanalyzer
19
2022-05-07T18:42:43.127166-07001136809660876069flow10.0.2.450682192.168.1.153UDPpcapanalyzer
20
2022-05-07T18:42:43.127166-0700152100361588096flow10.0.2.438921192.168.1.153UDPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments(not set)

Update Download PCAP Delete