6.pcap

MD5aa64ddf9f6f61a785a8a642d3de96314
Submission Date2018-10-01 03:23:51
Tags(not set)
Alert 34
Showing 1-20 of 34 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2018-10-01T03:10:15.757046-0700185.88.181.59192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
2
2018-10-01T03:10:22.100337-0700151.139.16.35192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
3
2018-10-01T03:10:22.151801-0700151.139.16.35192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
4
2018-10-01T03:10:22.157233-0700151.139.16.35192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
5
2018-10-01T03:10:22.145975-0700151.139.16.35192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
6
2018-10-01T03:10:22.265903-0700151.139.16.35192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
7
2018-10-01T03:10:22.157731-0700151.139.16.35192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
8
2018-10-01T03:10:22.194143-0700213.174.135.2192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
9
2018-10-01T03:10:31.329152-0700185.88.181.59192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
10
2018-10-01T03:10:32.141870-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
11
2018-10-01T03:10:32.266605-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
12
2018-10-01T03:10:32.258567-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
13
2018-10-01T03:10:32.294433-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
14
2018-10-01T03:10:32.306936-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
15
2018-10-01T03:10:32.316749-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
16
2018-10-01T03:10:32.327282-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
17
2018-10-01T03:10:32.354294-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
18
2018-10-01T03:10:32.409230-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
19
2018-10-01T03:10:32.386220-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
20
2018-10-01T03:10:32.426784-0700152.195.13.89192.168.0.6ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)*
DNS 92
Showing 1-20 of 92 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2018-10-01T03:10:06.522179-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667querygoogleads.g.doubleclick.netA(not set)
2
2018-10-01T03:10:06.522457-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667querygoogleads.g.doubleclick.netAAAA(not set)
3
2018-10-01T03:10:06.570687-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answergoogleads.g.doubleclick.netA(not set)
4
2018-10-01T03:10:06.592678-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answergoogleads.g.doubleclick.netAAAA(not set)
5
2018-10-01T03:10:05.827517-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667querycdn.onenote.netAAAA(not set)
6
2018-10-01T03:10:05.857743-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answercdn.onenote.netAAAA(not set)
7
2018-10-01T03:10:06.552949-0700192.168.0.2209.18.47.61querygoogleads.g.doubleclick.netA(not set)
8
2018-10-01T03:10:06.574302-0700209.18.47.61192.168.0.2answergoogleads.g.doubleclick.netA(not set)
9
2018-10-01T03:10:05.827301-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667querycdn.onenote.netA(not set)
10
2018-10-01T03:10:05.846996-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answercdn.onenote.netA(not set)
11
2018-10-01T03:10:06.552949-0700192.168.0.2209.18.47.61querygoogleads.g.doubleclick.netAAAA(not set)
12
2018-10-01T03:10:06.587788-0700209.18.47.61192.168.0.2answergoogleads.g.doubleclick.netAAAA(not set)
13
2018-10-01T03:10:06.785531-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667queryarc.msn.comA(not set)
14
2018-10-01T03:10:06.807021-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answerarc.msn.comA(not set)
15
2018-10-01T03:10:06.816919-0700192.168.0.2209.18.47.61queryarc.msn.comAAAA(not set)
16
2018-10-01T03:10:06.838538-0700209.18.47.61192.168.0.2answerarc.msn.comAAAA(not set)
17
2018-10-01T03:10:06.785755-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667queryarc.msn.comAAAA(not set)
18
2018-10-01T03:10:06.818156-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answerarc.msn.comAAAA(not set)
19
2018-10-01T03:10:14.890740-07002605:e000:8851:c400:57f7:3511:3cb9:26a22605:e000:8851:c400:5665:deff:fed2:e667queryarc.msn.comAAAA(not set)
20
2018-10-01T03:10:14.917484-07002605:e000:8851:c400:5665:deff:fed2:e6672605:e000:8851:c400:57f7:3511:3cb9:26a2answerarc.msn.comAAAA(not set)
TLS 162
Showing 1-20 of 162 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2018-10-01T03:10:05.909491-07002605:e000:8851:c400:57f7:3511:3cb9:26a22600:1406:003f:039a:0000:0000:0000:0611TLS 1.2cdn.onenote.net
2
2018-10-01T03:10:12.069192-0700192.168.0.24.26.253.95TLS 1.2(not set)
3
2018-10-01T03:10:12.110257-0700192.168.0.24.26.253.89TLS 1.2(not set)
4
2018-10-01T03:10:06.932206-0700192.168.0.252.158.238.42TLS 1.2arc.msn.com
5
2018-10-01T03:10:12.196850-0700192.168.0.28.253.245.251TLS 1.2(not set)
6
2018-10-01T03:10:15.025966-0700192.168.0.252.158.238.42TLS 1.2arc.msn.com
7
2018-10-01T03:10:15.754273-0700192.168.0.6185.88.181.59TLS 1.2www.xnxx.com
8
2018-10-01T03:10:15.756075-0700192.168.0.8192.168.0.2TLS 1.2www.xnxx.com
9
2018-10-01T03:10:15.517604-0700192.168.0.2185.88.181.59TLS 1.2(not set)
10
2018-10-01T03:10:12.252462-0700192.168.0.28.253.251.123TLS 1.2(not set)
11
2018-10-01T03:10:15.319726-0700192.168.0.213.65.244.143TLS 1.2ris.api.iris.microsoft.com
12
2018-10-01T03:10:22.028400-0700192.168.0.28.253.245.251TLS 1.2(not set)
13
2018-10-01T03:10:22.094488-0700192.168.0.6151.139.16.35TLS 1.2img-hw.xnxx-cdn.com
14
2018-10-01T03:10:22.078964-0700192.168.0.2151.139.16.35TLS 1.2(not set)
15
2018-10-01T03:10:22.154020-0700192.168.0.8192.168.0.2TLS 1.2img-hw.xnxx-cdn.com
16
2018-10-01T03:10:22.154063-0700192.168.0.8192.168.0.2TLS 1.2img-hw.xnxx-cdn.com
17
2018-10-01T03:10:22.254327-0700192.168.0.28.253.245.251TLS 1.2(not set)
18
2018-10-01T03:10:22.104988-0700192.168.0.6151.139.16.35TLS 1.2img-hw.xnxx-cdn.com
19
2018-10-01T03:10:22.145984-0700192.168.0.8192.168.0.2TLS 1.2img-hw.xnxx-cdn.com
20
2018-10-01T03:10:22.153271-0700192.168.0.6151.139.16.35TLS 1.2img-hw.xnxx-cdn.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 2
Showing 1-2 of 2 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2018-10-01T03:12:44.922273-0700192.168.0.2tile-service.weather.microsoft.com80GET/en-US/livetile/preinstall?region=US&appid=C98EA5B0842DBB9405BBF071E1DA76512D21FE36&FORM=Threshold200
2
2018-10-01T03:12:07.668587-0700192.168.0.2ocsp.digicert.com80GET/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 283
Showing 1-20 of 283 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2018-10-01T03:12:57.239231-0700990170125346412flow192.168.0.2554574.26.253.95443TCPpcapanalyzer
2
2018-10-01T03:12:57.239231-07001142229146626933flow4.26.253.90443192.168.0.643625TCPpcapanalyzer
3
2018-10-01T03:12:57.239231-07001565996390152332flow192.168.0.6478788.253.245.251443TCPpcapanalyzer
4
2018-10-01T03:12:57.239231-0700721936532241976flow192.168.0.2554418.253.245.251443TCPpcapanalyzer
5
2018-10-01T03:12:57.239231-07001006168877956220flow192.168.0.835328192.168.0.2443TCPpcapanalyzer
6
2018-10-01T03:12:57.239231-07001714396099127559flow172.217.14.6880192.168.0.835587TCPpcapanalyzer
7
2018-10-01T03:12:57.239231-07001999264099869441flow192.168.0.85353224.0.0.2515353UDPpcapanalyzer
8
2018-10-01T03:12:57.239231-07001297414904970864flow4.26.253.90443192.168.0.643631TCPpcapanalyzer
9
2018-10-01T03:12:57.239231-0700599534259251942flow192.168.0.6478748.253.245.251443TCPpcapanalyzer
10
2018-10-01T03:12:57.239231-0700320052152926696flow192.168.0.735436192.168.0.251780UDPpcapanalyzer
11
2018-10-01T03:12:57.239231-0700602364641589496flow192.168.0.75353224.0.0.2515353UDPpcapanalyzer
12
2018-10-01T03:12:57.239231-07001450603509213135flow192.168.0.753179192.168.0.251780UDPpcapanalyzer
13
2018-10-01T03:12:57.239231-07001030040305887974flow4.26.253.90443192.168.0.643633TCPpcapanalyzer
14
2018-10-01T03:12:57.239231-07001877896915760568flow192.168.0.2554554.26.253.91443TCPpcapanalyzer
15
2018-10-01T03:12:57.239231-0700331566954690879flow192.168.0.847879192.168.0.2443TCPpcapanalyzer
16
2018-10-01T03:12:57.239231-0700332000746463813flow192.168.0.2554488.253.245.251443TCPpcapanalyzer
17
2018-10-01T03:12:57.239231-0700191589675526087flow192.168.0.847873192.168.0.2443TCPpcapanalyzer
18
2018-10-01T03:12:57.239231-0700895869822149846flow192.168.0.55353224.0.0.2515353UDPpcapanalyzer
19
2018-10-01T03:12:57.239231-07001884867648634958flow192.168.0.25541723.34.141.53443TCPpcapanalyzer
20
2018-10-01T03:12:57.239231-07001050617493797672flow192.168.0.6478808.253.245.251443TCPpcapanalyzer
File 2
Showing 1-2 of 2 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2018-10-01T03:12:44.922273-070023.213.6.19192.168.0.2/en-US/livetile/preinstallXML 1.0 document, UTF-8 Unicode text, with very long lines, with no line terminators4265
2
2018-10-01T03:12:07.668587-070072.21.91.29192.168.0.2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI=data471

Comments(not set)

Update Download PCAP Delete