NM_2019-08-18T11-26-21.pcap

MD52fbced63bf917c9407ef744d331eee3b
Submission Date2019-08-18 15:31:59
Tags(not set)
Alert 5
Showing 1-5 of 5 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-18T04:27:38.982114-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
2
2019-08-18T04:27:38.980114-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
3
2019-08-18T04:42:25.498780-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
4
2019-08-18T04:36:01.560094-070010.2.10.65104.18.59.49ET INFO HTTP Request to a *.pw domain*
5
2019-08-18T04:39:37.744938-070010.2.10.6510.2.10.1ET DNS Query for .to TLD*
DNS 501
Showing 1-20 of 501 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-08-18T04:26:29.848103-070010.2.10.6510.2.10.1querypush.services.mozilla.comA(not set)
2
2019-08-18T04:26:30.909905-070010.2.10.6510.2.10.1queryocsp.digicert.comA(not set)
3
2019-08-18T04:26:31.065906-070010.2.10.110.2.10.65answerocsp.digicert.com(not set)(not set)
4
2019-08-18T04:26:31.065906-070010.2.10.6510.2.10.1querycs9.wac.phicdn.netA(not set)
5
2019-08-18T04:26:31.237506-070010.2.10.110.2.10.65answercs9.wac.phicdn.net(not set)(not set)
6
2019-08-18T04:26:36.962716-070010.2.10.6510.2.10.1querywww.myip.comA(not set)
7
2019-08-18T04:26:37.165516-070010.2.10.110.2.10.65answerwww.myip.com(not set)(not set)
8
2019-08-18T04:26:39.115520-070010.2.10.6510.2.10.1queryt3j2g9x7.stackpathcdn.comA(not set)
9
2019-08-18T04:26:39.287120-070010.2.10.110.2.10.65answert3j2g9x7.stackpathcdn.com(not set)(not set)
10
2019-08-18T04:26:30.019704-070010.2.10.110.2.10.65answerpush.services.mozilla.com(not set)(not set)
11
2019-08-18T04:26:30.019704-070010.2.10.6510.2.10.1queryautopush.prod.mozaws.netA(not set)
12
2019-08-18T04:26:30.191304-070010.2.10.110.2.10.65answerautopush.prod.mozaws.net(not set)(not set)
13
2019-08-18T04:26:54.872547-070010.2.10.6510.2.10.1queryamiunique.orgA(not set)
14
2019-08-18T04:26:55.480948-070010.2.10.110.2.10.65answeramiunique.org(not set)(not set)
15
2019-08-18T04:26:40.940723-070010.2.10.6510.2.10.1querymaxcdn.bootstrapcdn.comA(not set)
16
2019-08-18T04:26:41.112323-070010.2.10.110.2.10.65answermaxcdn.bootstrapcdn.com(not set)(not set)
17
2019-08-18T04:26:41.112323-070010.2.10.6510.2.10.1querycds.j3z9t3p6.hwcdn.netA(not set)
18
2019-08-18T04:26:41.283923-070010.2.10.110.2.10.65answercds.j3z9t3p6.hwcdn.net(not set)(not set)
19
2019-08-18T04:26:52.890344-070010.2.10.6510.2.10.1querycrl.microsoft.comA(not set)
20
2019-08-18T04:26:53.249144-070010.2.10.110.2.10.65answercrl.microsoft.com(not set)(not set)
TLS 170
Showing 1-20 of 170 items.
#
TimestampSource IPDestination IPTLS VersionIssuer
1
2019-08-18T04:26:30.894305-070010.2.10.6554.149.112.164TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
2
2019-08-18T04:26:31.143906-070010.2.10.6554.149.112.164TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
3
2019-08-18T04:26:37.508717-070010.2.10.65104.31.66.68TLS 1.3(not set)
4
2019-08-18T04:26:41.517924-070010.2.10.65209.197.3.15TLS 1.3(not set)
5
2019-08-18T04:26:56.307750-070010.2.10.65193.49.213.21TLS 1.3(not set)
6
2019-08-18T04:26:56.557350-070010.2.10.65193.49.213.21TLS 1.3(not set)
7
2019-08-18T04:26:59.349755-070010.2.10.6513.224.161.94TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
8
2019-08-18T04:27:38.412082-070010.2.10.65216.58.221.238TLS 1.3(not set)
9
2019-08-18T04:27:38.446084-070010.2.10.65199.48.209.179TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust RSA CA 2018
10
2019-08-18T04:27:38.548090-070010.2.10.65202.6.244.93TLS 1.2C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
11
2019-08-18T04:27:38.607093-070010.2.10.65213.174.135.1TLS 1.2C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
12
2019-08-18T04:27:38.621094-070010.2.10.65213.174.135.1TLS 1.2C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
13
2019-08-18T04:27:38.631094-070010.2.10.65151.139.128.10TLS 1.3(not set)
14
2019-08-18T04:27:38.653096-070010.2.10.65104.27.168.193TLS 1.3(not set)
15
2019-08-18T04:27:38.707099-070010.2.10.65199.48.209.179TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust RSA CA 2018
16
2019-08-18T04:27:38.797104-070010.2.10.65185.162.171.14TLS 1.2C=US, ST=TX, L=Houston, O=cPanel, Inc., CN=cPanel, Inc. Certification Authority
17
2019-08-18T04:27:38.824105-070010.2.10.65185.162.171.14TLS 1.2C=US, ST=TX, L=Houston, O=cPanel, Inc., CN=cPanel, Inc. Certification Authority
18
2019-08-18T04:27:38.902110-070010.2.10.65108.177.97.119TLS 1.3(not set)
19
2019-08-18T04:27:39.048118-070010.2.10.65185.162.171.14TLS 1.2C=US, ST=TX, L=Houston, O=cPanel, Inc., CN=cPanel, Inc. Certification Authority
20
2019-08-18T04:27:39.059119-070010.2.10.65104.24.25.105TLS 1.3(not set)
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 389
Showing 1-20 of 389 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-18T04:26:53.795145-070010.2.10.65crl.microsoft.com80GET/pki/crl/products/WinPCA.crl200
2
2019-08-18T04:26:31.721107-070010.2.10.65ocsp.digicert.com80POST/200
3
2019-08-18T04:26:56.682151-070010.2.10.65ocsp.digicert.com80POST/200
4
2019-08-18T04:26:31.908307-070010.2.10.65ocsp.digicert.com80POST/200
5
2019-08-18T04:26:53.108744-070010.2.10.65ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?d9b51348adc482e2304
6
2019-08-18T04:26:57.103351-070010.2.10.65ocsp.digicert.com80POST/200
7
2019-08-18T04:27:38.809105-070010.2.10.65img-egc.xvideos-cdn.com80GET/videos/thumbs169ll/27/6b/bf/276bbf03739c2a2c4f90c0d51d1d53c5/276bbf03739c2a2c4f90c0d51d1d53c5.2.jpg200
8
2019-08-18T04:27:38.812105-070010.2.10.65img-egc.xvideos-cdn.com80GET/videos/thumbs169ll/de/46/f1/de46f12da8c079d9cc3219a2c750d1ad/de46f12da8c079d9cc3219a2c750d1ad.2.jpg200
9
2019-08-18T04:27:38.901110-070010.2.10.65img.justporno.sex80GET/images/142036/43/1420364363.29816.jpg301
10
2019-08-18T04:27:38.911110-070010.2.10.65img.justporno.sex80GET/images/142032/98/1420329829.89764.jpg301
11
2019-08-18T04:27:37.543032-070010.2.10.65js.av4.xyz80GET/mycss/av4.css200
12
2019-08-18T04:27:35.917220-070010.2.10.65en.nyuu.info80GET/200
13
2019-08-18T04:27:39.254130-070010.2.10.65i1.ytimg.com80GET/vi/E0T_FgZEKyM/maxresdefault.jpg200
14
2019-08-18T04:27:39.281132-070010.2.10.65img-egc.xvideos-cdn.com80GET/videos/thumbs169ll/7c/5d/b5/7c5db505a1f7cc098021a265996bab58/7c5db505a1f7cc098021a265996bab58.25.jpg200
15
2019-08-18T04:27:39.281132-070010.2.10.65img-egc.xvideos-cdn.com80GET/videos/thumbs169ll/6c/2f/45/6c2f45a000a7248addd6f8e1a0098183/6c2f45a000a7248addd6f8e1a0098183.7.jpg200
16
2019-08-18T04:27:39.400138-070010.2.10.65hotubi.com80GET/themes/ico/video.png200
17
2019-08-18T04:27:38.463085-070010.2.10.65stickamvids.net80GET/photos/2017/12/3865673.jpg200
18
2019-08-18T04:27:38.473085-070010.2.10.65stickamvids.net80GET/photos/2017/07/3059105.jpg200
19
2019-08-18T04:27:38.911110-070010.2.10.65img.justporno.sex80GET/images/142032/79/1420327967.86036.jpg301
20
2019-08-18T04:27:38.950113-070010.2.10.65img-hw.xvideos-cdn.com80GET/videos/thumbs169ll/83/8b/e8/838be8adbc5f825b21e4f8b07dc4f3f2/838be8adbc5f825b21e4f8b07dc4f3f2.4.jpg200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 823
Showing 1-20 of 823 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-18T04:30:41.139473-07002123832166799433flow10.2.10.6555929195.74.38.16443TCPpcapanalyzer
2
2019-08-18T04:30:41.139473-07001535058722495321flow13.88.181.3544310.2.10.6555928TCPpcapanalyzer
3
2019-08-18T04:30:41.139473-0700754740474854960flow10.2.10.655593754.149.112.164443TCPpcapanalyzer
4
2019-08-18T04:30:41.139473-07002123832173044866flow10.2.10.6555929195.74.38.16443TCPpcapanalyzer
5
2019-08-18T04:30:41.139473-0700858496151716447flow10.2.10.6556058108.177.97.119443TCPpcapanalyzer
6
2019-08-18T04:30:41.144473-07001621518566633202flow10.2.10.6555985185.115.1.358080TCPpcapanalyzer
7
2019-08-18T04:30:41.144473-0700217167340174499flow10.2.10.6556053192.200.112.7880TCPpcapanalyzer
8
2019-08-18T04:30:41.144473-07002051126965500752flow10.2.10.6556026108.177.97.119443TCPpcapanalyzer
9
2019-08-18T04:30:41.144473-07001919344483882394flow10.2.10.6555970111.90.150.17580TCPpcapanalyzer
10
2019-08-18T04:30:41.144473-07001093542531739729flow10.2.10.6555958111.90.150.17580TCPpcapanalyzer
11
2019-08-18T04:30:41.144473-0700953945357474557flow10.2.10.6555989216.58.221.238443TCPpcapanalyzer
12
2019-08-18T04:30:41.154474-07001660832549888653flow10.2.10.6556003104.27.168.193443TCPpcapanalyzer
13
2019-08-18T04:30:41.154474-07002115961644260985flow10.2.10.6556030209.197.3.8480TCPpcapanalyzer
14
2019-08-18T04:30:41.156474-07001429743982154798flow10.2.10.6556115182.50.136.23980TCPpcapanalyzer
15
2019-08-18T04:30:41.156474-07001436465605911445flow10.2.10.6556101178.237.38.163443TCPpcapanalyzer
16
2019-08-18T04:30:41.156474-07001158465257818185flow10.2.10.6556118182.50.136.23980TCPpcapanalyzer
17
2019-08-18T04:30:41.156474-07001727228446289591flow10.2.10.6555949152.195.11.680TCPpcapanalyzer
18
2019-08-18T04:30:41.156474-07002010213107082842flow10.2.10.6556063192.200.112.7880TCPpcapanalyzer
19
2019-08-18T04:30:41.156474-07002153630654939489flow10.2.10.65560415.63.144.8580TCPpcapanalyzer
20
2019-08-18T04:30:41.156474-07001172771793881161flow10.2.10.6556119182.50.136.23980TCPpcapanalyzer
File 402
Showing 1-20 of 402 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-18T04:26:39.755121-070010.2.10.65151.139.128.14/data84
2
2019-08-18T04:26:31.502706-070010.2.10.65117.18.237.29/data83
3
2019-08-18T04:26:53.795145-0700104.84.150.16610.2.10.65/pki/crl/products/WinPCA.crldata530
4
2019-08-18T04:26:31.689907-070010.2.10.65117.18.237.29/data83
5
2019-08-18T04:26:56.650951-070010.2.10.65117.18.237.29/data83
6
2019-08-18T04:26:31.721107-0700117.18.237.2910.2.10.65/data471
7
2019-08-18T04:26:56.682151-0700117.18.237.2910.2.10.65/data471
8
2019-08-18T04:26:31.908307-0700117.18.237.2910.2.10.65/data471
9
2019-08-18T04:26:56.853751-070010.2.10.65117.18.237.29/data83
10
2019-08-18T04:26:57.103351-0700117.18.237.2910.2.10.65/data471
11
2019-08-18T04:27:38.809105-0700152.195.62.810.2.10.65/videos/thumbs169ll/27/6b/bf/276bbf03739c2a2c4f90c0d51d1d53c5/276bbf03739c2a2c4f90c0d51d1d53c5.2.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, frames 39306
12
2019-08-18T04:27:38.812105-0700152.195.62.810.2.10.65/videos/thumbs169ll/de/46/f1/de46f12da8c079d9cc3219a2c750d1ad/de46f12da8c079d9cc3219a2c750d1ad.2.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 352x198, frames 310435
13
2019-08-18T04:27:39.127123-070010.2.10.65151.139.128.14/data84
14
2019-08-18T04:27:35.917220-0700111.90.150.17510.2.10.65/HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators69281
15
2019-08-18T04:27:37.543032-0700104.18.39.12810.2.10.65/mycss/av4.cssUTF-8 Unicode text2303
16
2019-08-18T04:27:39.254130-0700172.217.24.20610.2.10.65/vi/E0T_FgZEKyM/maxresdefault.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, frames 349007
17
2019-08-18T04:27:39.281132-0700152.195.62.810.2.10.65/videos/thumbs169ll/7c/5d/b5/7c5db505a1f7cc098021a265996bab58/7c5db505a1f7cc098021a265996bab58.25.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 352x198, frames 38634
18
2019-08-18T04:27:39.281132-0700152.195.62.810.2.10.65/videos/thumbs169ll/6c/2f/45/6c2f45a000a7248addd6f8e1a0098183/6c2f45a000a7248addd6f8e1a0098183.7.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, frames 37010
19
2019-08-18T04:27:39.282132-070010.2.10.65151.139.128.14/data83
20
2019-08-18T04:27:39.400138-0700185.197.75.13410.2.10.65/themes/ico/video.pngPNG image data, 199 x 120, 8-bit colormap, non-interlaced2740

Comments(not set)

Update Download PCAP Delete