939192.dc908ab53016010462f371bbfd3173f5.pcap

MD5af9e64e15dc28b91cc8519e6b17690c9
Submission Date2019-08-19 13:19:24
Tags(not set)
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-19T13:07:15.979501-0700192.168.1.80209.53.113.23ET INFO Possible Rogue LoJack Asset Tracking Agent*
2
2019-08-19T13:07:14.790908-0700192.168.1.80209.53.113.47ET INFO Possible Rogue LoJack Asset Tracking Agent*
DNS 54
Showing 1-20 of 54 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-08-19T13:07:05.051277-0700192.168.1.808.8.8.8querytiles.services.mozilla.comA(not set)
2
2019-08-19T13:07:05.092258-07008.8.8.8192.168.1.80answertiles.services.mozilla.com(not set)(not set)
3
2019-08-19T13:07:05.816694-0700192.168.1.808.8.8.8querywww.mozilla.orgA(not set)
4
2019-08-19T13:07:05.839616-07008.8.8.8192.168.1.80answerwww.mozilla.org(not set)(not set)
5
2019-08-19T13:07:06.332470-0700192.168.1.808.8.8.8querysnippets.cdn.mozilla.netA(not set)
6
2019-08-19T13:07:06.387735-07008.8.8.8192.168.1.80answersnippets.cdn.mozilla.net(not set)(not set)
7
2019-08-19T13:07:05.341227-0700192.168.1.808.8.8.8querylocation.services.mozilla.comA(not set)
8
2019-08-19T13:07:14.992883-0700192.168.1.808.8.8.8querysearch.namequery.comA(not set)
9
2019-08-19T13:07:05.392319-07008.8.8.8192.168.1.80answerlocation.services.mozilla.com(not set)(not set)
10
2019-08-19T13:07:15.036884-07008.8.8.8192.168.1.80answersearch.namequery.com(not set)(not set)
11
2019-08-19T13:07:09.316077-0700192.168.1.808.8.8.8querywatson.microsoft.comA(not set)
12
2019-08-19T13:07:09.338036-07008.8.8.8192.168.1.80answerwatson.microsoft.com(not set)(not set)
13
2019-08-19T13:06:54.927980-0700192.168.1.808.8.8.8queryctldl.windowsupdate.comA(not set)
14
2019-08-19T13:06:54.949838-07008.8.8.8192.168.1.80answerctldl.windowsupdate.com(not set)(not set)
15
2019-08-19T13:07:02.303814-0700192.168.1.808.8.8.8querysearch.namequery.comA(not set)
16
2019-08-19T13:07:02.351753-07008.8.8.8192.168.1.80answersearch.namequery.com(not set)(not set)
17
2019-08-19T13:07:04.550059-0700192.168.1.808.8.8.8querydownload.mozilla.orgA(not set)
18
2019-08-19T13:07:04.617651-07008.8.8.8192.168.1.80answerdownload.mozilla.org(not set)(not set)
19
2019-08-19T13:07:05.537038-0700192.168.1.808.8.8.8querydownload.mozilla.orgA(not set)
20
2019-08-19T13:07:05.603473-07008.8.8.8192.168.1.80answerdownload.mozilla.org(not set)(not set)
TLS 10
Showing 1-10 of 10 items.
#
TimestampSource IPDestination IPTLS VersionIssuer
1
2019-08-19T13:07:05.984809-0700192.168.1.8052.38.5.11TLS 1.2C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
2
2019-08-19T13:07:09.817898-0700192.168.1.8052.158.209.219TLSv1C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2
3
2019-08-19T13:07:05.803420-0700192.168.1.8034.242.245.114TLS 1.2C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
4
2019-08-19T13:07:06.130776-0700192.168.1.80216.58.213.196TLS 1.2C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
5
2019-08-19T13:07:06.490918-0700192.168.1.80143.204.8.62TLS 1.2C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
6
2019-08-19T13:07:11.218802-0700192.168.1.80172.217.16.78TLS 1.2C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
7
2019-08-19T13:07:19.656224-0700192.168.1.8052.158.209.219TLSv1C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
8
2019-08-19T13:07:18.268598-0700192.168.1.8020.44.86.127TLSv1C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
9
2019-08-19T13:07:18.743835-0700192.168.1.8020.44.86.127TLSv1C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
10
2019-08-19T13:07:20.139767-0700192.168.1.8051.143.111.81TLSv1C=US, ST=California, L=San Francisco, O=The Universe Security Company Ltd, CN=The Universe Security Company Ltd
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 7
Showing 1-7 of 7 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-19T13:07:02.877281-0700192.168.1.80search.namequery.com80POST/200
2
2019-08-19T13:07:16.251094-0700192.168.1.80search.namequery.com80POST/200
3
2019-08-19T13:07:14.145386-0700192.168.1.80search.namequery.com80POST/200
4
2019-08-19T13:07:15.548326-0700192.168.1.80search.namequery.com80POST/200
5
2019-08-19T13:07:15.979501-0700192.168.1.80209.53.113.2380POST/200
6
2019-08-19T13:07:14.790908-0700192.168.1.80search.dnssearch.org80POST/200
7
2019-08-19T13:07:15.403159-0700192.168.1.80search.dnssearch.org80POST/200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 41
Showing 1-20 of 41 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-19T13:07:20.713116-07001690295141223611flow192.168.1.8049177207.6.98.18080TCPpcapanalyzer
2
2019-08-19T13:07:20.713116-0700848623285235267flow192.168.1.80583018.8.8.853UDPpcapanalyzer
3
2019-08-19T13:07:20.713116-0700288140789668657flow192.168.1.804916652.38.5.11443TCPpcapanalyzer
4
2019-08-19T13:07:20.713116-0700437060191487556flow192.168.1.80579598.8.8.853UDPpcapanalyzer
5
2019-08-19T13:07:20.713116-0700720427100335122flow192.168.1.8049163209.53.113.22380TCPpcapanalyzer
6
2019-08-19T13:07:20.713116-0700439821854707855flow192.168.1.8049169143.204.8.62443TCPpcapanalyzer
7
2019-08-19T13:07:20.713116-07001852741541914140flow192.168.1.80581098.8.8.853UDPpcapanalyzer
8
2019-08-19T13:07:20.713116-07001153873053099635flow192.168.1.80506868.8.8.853UDPpcapanalyzer
9
2019-08-19T13:07:20.713116-070034134276203691flow192.168.1.80505468.8.8.853UDPpcapanalyzer
10
2019-08-19T13:07:20.713116-07001160601119575147flow192.168.1.80511808.8.8.853UDPpcapanalyzer
11
2019-08-19T13:07:20.713116-07001451537909123773flow192.168.1.80491758.8.8.853UDPpcapanalyzer
12
2019-08-19T13:07:20.713116-07002014986078647229flow192.168.1.80630368.8.8.853UDPpcapanalyzer
13
2019-08-19T13:07:20.713116-07001171813131431151flow192.168.1.8049172209.53.113.22380TCPpcapanalyzer
14
2019-08-19T13:07:20.713116-07001600721450919747flow192.168.1.80572218.8.8.853UDPpcapanalyzer
15
2019-08-19T13:07:20.713116-07001884623083816018flow192.168.1.80624548.8.8.853UDPpcapanalyzer
16
2019-08-19T13:07:20.713116-07001463664749034919flow192.168.1.8049171172.217.16.78443TCPpcapanalyzer
17
2019-08-19T13:07:20.713116-07002175834751061270flow192.168.1.80561678.8.8.853UDPpcapanalyzer
18
2019-08-19T13:07:20.713116-07001473193134402236flow192.168.1.804917920.44.86.127443TCPpcapanalyzer
19
2019-08-19T13:07:20.713116-070066524772166007flow192.168.1.804916734.242.245.114443TCPpcapanalyzer
20
2019-08-19T13:07:20.713116-07001200076163833143flow192.168.1.8049173209.53.113.4780TCPpcapanalyzer
File 7
Showing 1-7 of 7 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-19T13:07:02.877281-0700209.53.113.223192.168.1.80/data17
2
2019-08-19T13:07:16.251094-0700209.53.113.223192.168.1.80/data17
3
2019-08-19T13:07:14.145386-0700209.53.113.223192.168.1.80/data17
4
2019-08-19T13:07:15.548326-0700209.53.113.223192.168.1.80/data17
5
2019-08-19T13:07:15.979501-0700209.53.113.23192.168.1.80/data17
6
2019-08-19T13:07:14.790908-0700209.53.113.47192.168.1.80/data17
7
2019-08-19T13:07:15.403159-0700209.53.113.47192.168.1.80/data17

Comments(not set)

Update Download PCAP Delete