NM_2019-08-18T11-26-21.pcap

MD52fbced63bf917c9407ef744d331eee3b
Submission Date2019-08-18 15:31:59
Tags(not set)
Alert 5
Showing 1-5 of 5 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-18T04:27:38.980114-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
2
2019-08-18T04:27:38.982114-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
3
2019-08-18T04:36:01.560094-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
4
2019-08-18T04:42:25.498780-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
5
2019-08-18T04:39:37.744938-070010.2.10.6510.2.10.1ET DNS Query for .to TLD*
DNS 500
Showing 1-20 of 500 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-08-18T04:26:29.848103-070010.2.10.6510.2.10.1querypush.services.mozilla.comA(not set)
2
2019-08-18T04:26:30.019704-070010.2.10.110.2.10.65answerpush.services.mozilla.comA(not set)
3
2019-08-18T04:26:30.019704-070010.2.10.6510.2.10.1queryautopush.prod.mozaws.netA(not set)
4
2019-08-18T04:26:30.191304-070010.2.10.110.2.10.65answerautopush.prod.mozaws.netA(not set)
5
2019-08-18T04:26:31.065906-070010.2.10.6510.2.10.1querycs9.wac.phicdn.netA(not set)
6
2019-08-18T04:26:30.909905-070010.2.10.6510.2.10.1queryocsp.digicert.comA(not set)
7
2019-08-18T04:26:31.065906-070010.2.10.110.2.10.65answerocsp.digicert.comA(not set)
8
2019-08-18T04:26:37.524317-070010.2.10.6510.2.10.1queryocsp.comodoca4.comA(not set)
9
2019-08-18T04:26:38.538319-070010.2.10.6510.2.10.1queryocsp.comodoca4.comA(not set)
10
2019-08-18T04:26:39.115520-070010.2.10.110.2.10.65answerocsp.comodoca4.comA(not set)
11
2019-08-18T04:26:39.115520-070010.2.10.6510.2.10.1queryt3j2g9x7.stackpathcdn.comA(not set)
12
2019-08-18T04:26:39.287120-070010.2.10.110.2.10.65answert3j2g9x7.stackpathcdn.comA(not set)
13
2019-08-18T04:26:36.962716-070010.2.10.6510.2.10.1querywww.myip.comA(not set)
14
2019-08-18T04:26:37.165516-070010.2.10.110.2.10.65answerwww.myip.comA(not set)
15
2019-08-18T04:26:40.940723-070010.2.10.6510.2.10.1querymaxcdn.bootstrapcdn.comA(not set)
16
2019-08-18T04:26:41.112323-070010.2.10.110.2.10.65answermaxcdn.bootstrapcdn.comA(not set)
17
2019-08-18T04:26:41.112323-070010.2.10.6510.2.10.1querycds.j3z9t3p6.hwcdn.netA(not set)
18
2019-08-18T04:26:41.283923-070010.2.10.110.2.10.65answercds.j3z9t3p6.hwcdn.netA(not set)
19
2019-08-18T04:26:52.890344-070010.2.10.6510.2.10.1querycrl.microsoft.comA(not set)
20
2019-08-18T04:26:53.249144-070010.2.10.110.2.10.65answercrl.microsoft.comA(not set)
TLS 170
Showing 1-20 of 170 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-08-18T04:26:30.894305-070010.2.10.6554.149.112.164TLS 1.2push.services.mozilla.com
2
2019-08-18T04:26:31.143906-070010.2.10.6554.149.112.164TLS 1.2push.services.mozilla.com
3
2019-08-18T04:26:37.508717-070010.2.10.65104.31.66.68TLS 1.3www.myip.com
4
2019-08-18T04:26:41.517924-070010.2.10.65209.197.3.15TLS 1.3maxcdn.bootstrapcdn.com
5
2019-08-18T04:26:56.557350-070010.2.10.65193.49.213.21TLS 1.3amiunique.org
6
2019-08-18T04:26:56.307750-070010.2.10.65193.49.213.21TLS 1.3amiunique.org
7
2019-08-18T04:26:59.349755-070010.2.10.6513.224.161.94TLS 1.2aus5.mozilla.org
8
2019-08-18T04:27:37.969056-070010.2.10.65152.199.40.9TLS 1.3ci.phncdn.com
9
2019-08-18T04:27:38.029060-070010.2.10.65104.31.64.108TLS 1.3a-cdn.cloudfrontaws.com
10
2019-08-18T04:27:37.897052-070010.2.10.65104.24.26.105TLS 1.3pic.justporno.sex
11
2019-08-18T04:27:38.379080-070010.2.10.65151.139.128.10TLS 1.3media.crazyshit.com
12
2019-08-18T04:27:38.413082-070010.2.10.65216.58.221.238TLS 1.3img.youtube.com
13
2019-08-18T04:27:38.019059-070010.2.10.65104.27.13.88TLS 1.3static1.tubepornclassic.com
14
2019-08-18T04:27:38.028060-070010.2.10.65104.27.13.88TLS 1.3static1.tubepornclassic.com
15
2019-08-18T04:27:38.050061-070010.2.10.6567.22.51.90TLS 1.2ei.rdtcdn.com
16
2019-08-18T04:27:38.414082-070010.2.10.65104.31.91.118TLS 1.3www.248avporn.com
17
2019-08-18T04:27:38.607093-070010.2.10.65213.174.135.1TLS 1.2cdn42705446.ahacdn.me
18
2019-08-18T04:27:38.621094-070010.2.10.65213.174.135.1TLS 1.2cdn42705446.ahacdn.me
19
2019-08-18T04:27:38.662096-070010.2.10.65104.27.168.193TLS 1.3ztube.org
20
2019-08-18T04:27:38.548090-070010.2.10.65202.6.244.93TLS 1.2pics.dmm.co.jp
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 389
Showing 1-20 of 389 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-18T04:26:31.721107-070010.2.10.65ocsp.digicert.com80POST/200
2
2019-08-18T04:26:31.908307-070010.2.10.65ocsp.digicert.com80POST/200
3
2019-08-18T04:26:53.108744-070010.2.10.65ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?d9b51348adc482e2304
4
2019-08-18T04:26:56.682151-070010.2.10.65ocsp.digicert.com80POST/200
5
2019-08-18T04:26:53.795145-070010.2.10.65crl.microsoft.com80GET/pki/crl/products/WinPCA.crl200
6
2019-08-18T04:26:57.103351-070010.2.10.65ocsp.digicert.com80POST/200
7
2019-08-18T04:27:37.543032-070010.2.10.65js.av4.xyz80GET/mycss/av4.css200
8
2019-08-18T04:27:38.286075-070010.2.10.65videoclipsimage.agaclip.com80GET/aga/0NLxOCPCSHf-_-.jpg301
9
2019-08-18T04:27:35.917220-070010.2.10.65en.nyuu.info80GET/200
10
2019-08-18T04:27:38.065062-070010.2.10.65img-l3.xvideos-cdn.com80GET/videos/thumbs169ll/39/03/26/390326bb9c07d8f4c438767da001cf0c/390326bb9c07d8f4c438767da001cf0c.4.jpg200
11
2019-08-18T04:27:38.473085-070010.2.10.65stickamvids.net80GET/photos/2017/07/3059105.jpg200
12
2019-08-18T04:27:38.563090-070010.2.10.65nudebabes.realnakedgirls.net80GET/wp-content/uploads/2018/05/latteen.jpg200
13
2019-08-18T04:27:38.705099-070010.2.10.65cdne-pics.youjizz.com80GET/c/e/5/ce51be21a164497fbedb88b534e7629c1507482128-768-432-466-h264.mp4-24.jpg200
14
2019-08-18T04:27:38.809105-070010.2.10.65img-egc.xvideos-cdn.com80GET/videos/thumbs169ll/27/6b/bf/276bbf03739c2a2c4f90c0d51d1d53c5/276bbf03739c2a2c4f90c0d51d1d53c5.2.jpg200
15
2019-08-18T04:27:38.950113-070010.2.10.65img-hw.xvideos-cdn.com80GET/videos/thumbs169ll/83/8b/e8/838be8adbc5f825b21e4f8b07dc4f3f2/838be8adbc5f825b21e4f8b07dc4f3f2.4.jpg200
16
2019-08-18T04:27:38.953113-070010.2.10.65img-hw.xvideos-cdn.com80GET/videos/thumbs169ll/a6/36/a4/a636a408dbf3bb596c3914600006ed33/a636a408dbf3bb596c3914600006ed33.1.jpg200
17
2019-08-18T04:27:38.901110-070010.2.10.65img.justporno.sex80GET/images/142036/43/1420364363.29816.jpg301
18
2019-08-18T04:27:38.911110-070010.2.10.65img.justporno.sex80GET/images/142032/79/1420327967.86036.jpg301
19
2019-08-18T04:27:38.911110-070010.2.10.65img.justporno.sex80GET/images/142032/98/1420329829.89764.jpg301
20
2019-08-18T04:27:38.948112-070010.2.10.65img-hw.xvideos-cdn.com80GET/videos/thumbs169ll/75/97/f0/7597f0fd51ab85652169537f4fab494b/7597f0fd51ab85652169537f4fab494b.16.jpg200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 835
Showing 1-20 of 835 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-18T04:26:41.611524-0700303539128041842flow10.2.10.655937510.2.10.153UDPpcapanalyzer
2
2019-08-18T04:26:41.611524-0700602896200456265flow10.2.10.6555929195.74.38.16443TCPpcapanalyzer
3
2019-08-18T04:26:41.611524-0700885047634500441flow13.88.181.3544310.2.10.6555928TCPpcapanalyzer
4
2019-08-18T04:26:41.611524-07001070877985075431flow10.2.10.656395010.2.10.153UDPpcapanalyzer
5
2019-08-18T04:26:41.611524-0700517256701264704flow10.2.10.654923510.2.10.153UDPpcapanalyzer
6
2019-08-18T04:26:41.611524-07001784162531344754flow10.2.10.6555938117.18.237.2980TCPpcapanalyzer
7
2019-08-18T04:26:41.611524-07001790379496488496flow10.2.10.655593754.149.112.164443TCPpcapanalyzer
8
2019-08-18T04:26:41.611524-07001675983042969629flow10.2.10.655410410.2.10.153UDPpcapanalyzer
9
2019-08-18T04:26:41.611524-0700976652845698864flow10.2.10.6555945151.139.128.1480TCPpcapanalyzer
10
2019-08-18T04:26:41.611524-07001405627736149240flow10.2.10.656045910.2.10.153UDPpcapanalyzer
11
2019-08-18T04:27:37.672039-07001848380882259006flow192.168.1.82190192.168.1.2552190UDPpcapanalyzer
12
2019-08-18T04:27:37.672039-0700303539128082370flow10.2.10.15310.2.10.6559375UDPpcapanalyzer
13
2019-08-18T04:27:37.672039-0700885047634516041flow10.2.10.655592813.88.181.35443TCPpcapanalyzer
14
2019-08-18T04:33:09.533677-0700976652846018473flow10.2.10.6555945151.139.128.1480TCPpcapanalyzer
15
2019-08-18T04:33:09.533677-07001848380886191871flow192.168.1.82190192.168.1.2552190UDPpcapanalyzer
16
2019-08-18T04:33:09.533677-0700602896206701698flow10.2.10.6555929195.74.38.16443TCPpcapanalyzer
17
2019-08-18T04:33:09.533677-07001979841245850178flow10.2.10.6556065192.200.112.7880TCPpcapanalyzer
18
2019-08-18T04:33:09.533677-07001143250336014989flow10.2.10.6556003104.27.168.193443TCPpcapanalyzer
19
2019-08-18T04:33:09.533677-0700863497641196368flow10.2.10.6556026108.177.97.119443TCPpcapanalyzer
20
2019-08-18T04:33:09.533677-07002001395539172093flow10.2.10.6555989216.58.221.238443TCPpcapanalyzer
File 402
Showing 1-20 of 402 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-18T04:26:39.755121-070010.2.10.65151.139.128.14/data84
2
2019-08-18T04:26:31.502706-070010.2.10.65117.18.237.29/data83
3
2019-08-18T04:26:31.689907-070010.2.10.65117.18.237.29/data83
4
2019-08-18T04:26:31.721107-0700117.18.237.2910.2.10.65/data471
5
2019-08-18T04:26:31.908307-0700117.18.237.2910.2.10.65/data471
6
2019-08-18T04:26:56.650951-070010.2.10.65117.18.237.29/data83
7
2019-08-18T04:26:56.682151-0700117.18.237.2910.2.10.65/data471
8
2019-08-18T04:26:56.853751-070010.2.10.65117.18.237.29/data83
9
2019-08-18T04:26:57.103351-0700117.18.237.2910.2.10.65/data471
10
2019-08-18T04:26:53.795145-0700104.84.150.16610.2.10.65/pki/crl/products/WinPCA.crldata530
11
2019-08-18T04:27:37.543032-0700104.18.39.12810.2.10.65/mycss/av4.cssUTF-8 Unicode text2303
12
2019-08-18T04:27:35.917220-0700111.90.150.17510.2.10.65/HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators69281
13
2019-08-18T04:27:38.065062-07008.247.53.12310.2.10.65/videos/thumbs169ll/39/03/26/390326bb9c07d8f4c438767da001cf0c/390326bb9c07d8f4c438767da001cf0c.4.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, frames 315636
14
2019-08-18T04:27:38.473085-0700172.64.167.210.2.10.65/photos/2017/07/3059105.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 230x172, frames 36310
15
2019-08-18T04:27:38.563090-0700104.27.150.1110.2.10.65/wp-content/uploads/2018/05/latteen.jpgJPEG image data, comment: "CS=ITU601", baseline, precision 8, 368x640, frames 326858
16
2019-08-18T04:27:38.705099-070066.254.122.10210.2.10.65/c/e/5/ce51be21a164497fbedb88b534e7629c1507482128-768-432-466-h264.mp4-24.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 11245x11264, segment length 16, comment: "Lavc52.123.0", baseline, precision 8, 308x232, frames 310031
17
2019-08-18T04:27:38.809105-0700152.195.62.810.2.10.65/videos/thumbs169ll/27/6b/bf/276bbf03739c2a2c4f90c0d51d1d53c5/276bbf03739c2a2c4f90c0d51d1d53c5.2.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, frames 39306
18
2019-08-18T04:27:38.950113-0700209.197.3.8410.2.10.65/videos/thumbs169ll/83/8b/e8/838be8adbc5f825b21e4f8b07dc4f3f2/838be8adbc5f825b21e4f8b07dc4f3f2.4.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, frames 37659
19
2019-08-18T04:27:38.953113-0700209.197.3.8410.2.10.65/videos/thumbs169ll/a6/36/a4/a636a408dbf3bb596c3914600006ed33/a636a408dbf3bb596c3914600006ed33.1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, frames 311080
20
2019-08-18T04:27:38.948112-0700209.197.3.8410.2.10.65/videos/thumbs169ll/75/97/f0/7597f0fd51ab85652169537f4fab494b/7597f0fd51ab85652169537f4fab494b.16.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 352x198, frames 38692

Comments(not set)

Update Download PCAP Delete