939192.dc908ab53016010462f371bbfd3173f5.pcap

MD5af9e64e15dc28b91cc8519e6b17690c9
Submission Date2019-08-19 13:19:24
Tags(not set)
Alert 3
Showing 1-3 of 3 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-19T13:07:14.790908-0700192.168.1.80209.53.113.47ET INFO Possible Rogue LoJack Asset Tracking Agent*
2
2019-08-19T13:07:15.403159-0700192.168.1.80209.53.113.47ET INFO Possible Rogue LoJack Asset Tracking Agent*
3
2019-08-19T13:07:15.979501-0700192.168.1.80209.53.113.23ET INFO Possible Rogue LoJack Asset Tracking Agent*
DNS 54
Showing 1-20 of 54 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-08-19T13:07:05.816694-0700192.168.1.808.8.8.8querywww.mozilla.orgA(not set)
2
2019-08-19T13:07:05.839616-07008.8.8.8192.168.1.80answerwww.mozilla.orgA(not set)
3
2019-08-19T13:07:05.928824-0700192.168.1.808.8.8.8querywww.google.comA(not set)
4
2019-08-19T13:07:05.965630-07008.8.8.8192.168.1.80answerwww.google.comA(not set)
5
2019-08-19T13:07:09.316077-0700192.168.1.808.8.8.8querywatson.microsoft.comA(not set)
6
2019-08-19T13:07:09.347414-0700192.168.1.808.8.8.8querywatson.microsoft.comA(not set)
7
2019-08-19T13:07:09.338036-07008.8.8.8192.168.1.80answerwatson.microsoft.comA(not set)
8
2019-08-19T13:07:09.369843-07008.8.8.8192.168.1.80answerwatson.microsoft.comA(not set)
9
2019-08-19T13:07:11.004747-0700192.168.1.808.8.8.8querysafebrowsing.google.comA(not set)
10
2019-08-19T13:07:14.279634-0700192.168.1.808.8.8.8querysearch.dnssearch.orgA(not set)
11
2019-08-19T13:07:11.046397-07008.8.8.8192.168.1.80answersafebrowsing.google.comA(not set)
12
2019-08-19T13:07:14.316825-07008.8.8.8192.168.1.80answersearch.dnssearch.orgA(not set)
13
2019-08-19T13:06:54.927980-0700192.168.1.808.8.8.8queryctldl.windowsupdate.comA(not set)
14
2019-08-19T13:06:54.949838-07008.8.8.8192.168.1.80answerctldl.windowsupdate.comA(not set)
15
2019-08-19T13:07:02.303814-0700192.168.1.808.8.8.8querysearch.namequery.comA(not set)
16
2019-08-19T13:07:02.351753-07008.8.8.8192.168.1.80answersearch.namequery.comA(not set)
17
2019-08-19T13:07:04.550059-0700192.168.1.808.8.8.8querydownload.mozilla.orgA(not set)
18
2019-08-19T13:07:04.617651-07008.8.8.8192.168.1.80answerdownload.mozilla.orgA(not set)
19
2019-08-19T13:07:05.051277-0700192.168.1.808.8.8.8querytiles.services.mozilla.comA(not set)
20
2019-08-19T13:07:05.092258-07008.8.8.8192.168.1.80answertiles.services.mozilla.comA(not set)
TLS 10
Showing 1-10 of 10 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-08-19T13:07:05.803420-0700192.168.1.8034.242.245.114TLS 1.2location.services.mozilla.com
2
2019-08-19T13:07:05.984809-0700192.168.1.8052.38.5.11TLS 1.2tiles.services.mozilla.com
3
2019-08-19T13:07:06.130776-0700192.168.1.80216.58.213.196TLS 1.2www.google.com
4
2019-08-19T13:07:06.490918-0700192.168.1.80143.204.8.62TLS 1.2snippets.cdn.mozilla.net
5
2019-08-19T13:07:11.218802-0700192.168.1.80172.217.16.78TLS 1.2safebrowsing.google.com
6
2019-08-19T13:07:09.817898-0700192.168.1.8052.158.209.219TLSv1watson.microsoft.com
7
2019-08-19T13:07:18.268598-0700192.168.1.8020.44.86.127TLSv1watson.microsoft.com
8
2019-08-19T13:07:18.743835-0700192.168.1.8020.44.86.127TLSv1watson.microsoft.com
9
2019-08-19T13:07:19.656224-0700192.168.1.8052.158.209.219TLSv1watson.microsoft.com
10
2019-08-19T13:07:20.139767-0700192.168.1.8051.143.111.81TLSv1watson.microsoft.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 7
Showing 1-7 of 7 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-19T13:07:02.877281-0700192.168.1.80search.namequery.com80POST/200
2
2019-08-19T13:07:14.790908-0700192.168.1.80search.dnssearch.org80POST/200
3
2019-08-19T13:07:15.548326-0700192.168.1.80search.namequery.com80POST/200
4
2019-08-19T13:07:14.145386-0700192.168.1.80search.namequery.com80POST/200
5
2019-08-19T13:07:15.403159-0700192.168.1.80search.dnssearch.org80POST/200
6
2019-08-19T13:07:15.979501-0700192.168.1.80209.53.113.2380POST/200
7
2019-08-19T13:07:16.251094-0700192.168.1.80search.namequery.com80POST/200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 41
Showing 1-20 of 41 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-19T13:07:19.062510-07001691622286140808flow192.168.1.804917820.44.86.127443TCPpcapanalyzer
2
2019-08-19T13:07:19.062510-0700847860928607948flow192.168.1.804918052.158.209.219443TCPpcapanalyzer
3
2019-08-19T13:07:19.062510-07002115488313730588flow192.168.1.80581098.8.8.853UDPpcapanalyzer
4
2019-08-19T13:07:19.062510-0700429589095453323flow192.168.1.80581158.8.8.853UDPpcapanalyzer
5
2019-08-19T13:07:19.062510-07001276084199435320flow192.168.1.80609548.8.8.853UDPpcapanalyzer
6
2019-08-19T13:07:19.062510-07001702076236516459flow192.168.1.80511808.8.8.853UDPpcapanalyzer
7
2019-08-19T13:07:19.062510-070016428273410758flow192.168.1.80543978.8.8.853UDPpcapanalyzer
8
2019-08-19T13:07:19.062510-0700440098880098998flow192.168.1.80579678.8.8.853UDPpcapanalyzer
9
2019-08-19T13:07:19.062510-070018715344250483flow192.168.1.80506868.8.8.853UDPpcapanalyzer
10
2019-08-19T13:07:19.062510-0700441550578934955flow192.168.1.80505468.8.8.853UDPpcapanalyzer
11
2019-08-19T13:07:19.062510-07001717009837304503flow192.168.1.804917052.158.209.219443TCPpcapanalyzer
12
2019-08-19T13:07:19.062510-07001019416953865252flow192.168.1.8049168216.58.213.196443TCPpcapanalyzer
13
2019-08-19T13:07:19.062510-07001583060543744236flow192.168.1.80513658.8.8.853UDPpcapanalyzer
14
2019-08-19T13:07:19.062510-0700463656776350285flow192.168.1.8049175209.53.113.2380TCPpcapanalyzer
15
2019-08-19T13:07:19.062510-0700463901589646012flow192.168.1.804917920.44.86.127443TCPpcapanalyzer
16
2019-08-19T13:07:19.062510-07001028260292084818flow192.168.1.80624548.8.8.853UDPpcapanalyzer
17
2019-08-19T13:07:19.062510-0700333716836031023flow192.168.1.80549248.8.8.853UDPpcapanalyzer
18
2019-08-19T13:07:19.062510-0700757271477517541flow192.168.1.801900239.255.255.2501900UDPpcapanalyzer
19
2019-08-19T13:07:19.062510-0700477374901241933flow192.168.1.80619808.8.8.853UDPpcapanalyzer
20
2019-08-19T13:07:19.062510-0700339439879065743flow192.168.1.8049169143.204.8.62443TCPpcapanalyzer
File 7
Showing 1-7 of 7 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-19T13:07:02.877281-0700209.53.113.223192.168.1.80/data17
2
2019-08-19T13:07:14.790908-0700209.53.113.47192.168.1.80/data17
3
2019-08-19T13:07:15.548326-0700209.53.113.223192.168.1.80/data17
4
2019-08-19T13:07:15.403159-0700209.53.113.47192.168.1.80/data17
5
2019-08-19T13:07:14.145386-0700209.53.113.223192.168.1.80/data17
6
2019-08-19T13:07:15.979501-0700209.53.113.23192.168.1.80/data17
7
2019-08-19T13:07:16.251094-0700209.53.113.223192.168.1.80/data17

Comments(not set)

Update Download PCAP Delete