port4.root.2.pcap

MD5185d59f11156e97d237d5b7321c243a5
Submission Date2019-10-09 07:57:11
Tags
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 145
Showing 121-140 of 145 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
121
2019-04-18T10:13:17.638878-0700172.24.10.202208.91.112.53queryyoutube-ui.l.google.comA(not set)
122
2019-04-18T10:13:18.476465-0700208.91.112.53172.24.10.202answeryoutube-ui.l.google.com(not set)(not set)
123
2019-04-18T10:13:25.245855-0700172.24.10.188172.24.1.1querymail.google.comA(not set)
124
2019-04-18T10:13:25.245890-0700172.24.1.1172.24.10.188answermail.google.com(not set)(not set)
125
2019-04-18T10:13:26.112187-0700172.24.10.202208.91.112.53queryr8---sn-2aqu-hoaez.googlevideo.comA(not set)
126
2019-04-18T10:13:26.568828-0700172.24.10.202208.91.112.53querytiles.services.mozilla.comA(not set)
127
2019-04-18T10:13:26.902627-0700172.24.10.202208.91.112.53querygstaticadssl.l.google.comA(not set)
128
2019-04-18T10:13:26.969729-0700208.91.112.53172.24.10.202answerr8---sn-2aqu-hoaez.googlevideo.com(not set)(not set)
129
2019-04-18T10:13:27.536519-0700172.24.10.202208.91.112.53querytiles.services.mozilla.comA(not set)
130
2019-04-18T10:13:27.558675-0700208.91.112.53172.24.10.202answergstaticadssl.l.google.com(not set)(not set)
131
2019-04-18T10:13:27.636621-0700172.24.10.202208.91.112.53querydrcwo519tnci7.cloudfront.netA(not set)
132
2019-04-18T10:13:27.840693-0700172.24.10.202208.91.112.53queryr3.sn-i3b7kn7d.googlevideo.comA(not set)
133
2019-04-18T10:13:28.068543-0700208.91.112.53172.24.10.202answertiles.services.mozilla.com(not set)(not set)
134
2019-04-18T10:13:28.080701-0700172.24.10.202208.91.112.53queryr4---sn-ogul7n7s.googlevideo.comA(not set)
135
2019-04-18T10:13:28.398229-0700208.91.112.53172.24.10.202answerr3.sn-i3b7kn7d.googlevideo.com(not set)(not set)
136
2019-04-18T10:13:28.605133-0700172.24.10.202208.91.112.53querydrcwo519tnci7.cloudfront.netA(not set)
137
2019-04-18T10:13:28.715669-0700172.24.10.202208.91.112.53querytiles.r53-2.services.mozilla.comAAAA(not set)
138
2019-04-18T10:13:29.048724-0700172.24.10.202208.91.112.53queryr4---sn-ogul7n7s.googlevideo.comA(not set)
139
2019-04-18T10:13:29.182110-0700208.91.112.53172.24.10.202answerdrcwo519tnci7.cloudfront.net(not set)(not set)
140
2019-04-18T10:13:29.301691-0700208.91.112.53172.24.10.202answertiles.r53-2.services.mozilla.com(not set)(not set)
TLS 70
Showing 1-20 of 70 items.
#
TimestampSource IPDestination IPTLS VersionIssuer
1
2019-04-18T10:12:56.515235-0700172.24.10.18713.107.5.88TLS 1.2(not set)
2
2019-04-18T10:12:57.199332-0700172.24.10.202172.24.1.1TLS 1.2(not set)
3
2019-04-18T10:12:57.217448-0700172.24.10.188172.217.12.138TLS 1.3(not set)
4
2019-04-18T10:12:58.013540-0700172.24.10.188172.217.11.33TLS 1.3(not set)
5
2019-04-18T10:12:58.767206-0700172.24.10.188172.217.10.142TLS 1.3(not set)
6
2019-04-18T10:12:59.168418-0700172.24.10.188172.217.6.197TLS 1.3(not set)
7
2019-04-18T10:12:58.043105-0700172.24.10.18954.203.74.83TLS 1.2C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
8
2019-04-18T10:12:59.313219-0700172.24.10.202172.24.1.1TLS 1.2(not set)
9
2019-04-18T10:12:59.589214-0700172.24.10.188172.217.10.142TLS 1.3(not set)
10
2019-04-18T10:13:00.219933-0700172.24.10.18852.189.181.71TLS 1.2C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2
11
2019-04-18T10:13:00.225018-0700172.24.10.18852.189.181.71TLS 1.2C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2
12
2019-04-18T10:13:04.347766-0700172.24.10.202172.24.1.1TLS 1.2(not set)
13
2019-04-18T10:13:05.883193-0700172.24.10.202172.217.12.182TLS 1.3(not set)
14
2019-04-18T10:13:05.496671-0700172.24.10.202172.217.10.3TLS 1.3(not set)
15
2019-04-18T10:13:07.379997-0700172.24.10.202172.217.3.97TLS 1.3(not set)
16
2019-04-18T10:13:08.823283-0700172.24.10.188172.217.10.227TLS 1.3(not set)
17
2019-04-18T10:13:06.223844-0700172.24.10.202172.217.12.182TLS 1.3(not set)
18
2019-04-18T10:13:09.384421-0700172.24.10.202172.24.1.1TLS 1.2(not set)
19
2019-04-18T10:13:11.810022-0700172.24.10.18813.68.93.109TLS 1.2C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Update Secure Server CA 2.1
20
2019-04-18T10:13:12.082908-0700172.24.10.188172.217.10.142TLS 1.3(not set)
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 6
Showing 1-6 of 6 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-04-18T10:13:01.178504-0700172.24.10.188ocsp.digicert.com80GET/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D403
2
2019-04-18T10:13:01.336340-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?e19f463c081a8e2e403
3
2019-04-18T10:13:14.888688-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8a97ea108abed56a403
4
2019-04-18T10:13:01.405210-0700172.24.10.188crl3.digicert.com80GET/Omniroot2025.crl403
5
2019-04-18T10:13:00.317820-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?6d2dfc8dc96beec7403
6
2019-04-18T10:13:15.112128-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/pinrulesstl.cab?ca6d4fc72938aef6403
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 228
Showing 1-20 of 228 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-04-18T10:13:30.250134-07001907535369428995flow172.24.10.18959191172.24.1.153UDPpcapanalyzer
2
2019-04-18T10:13:30.250134-07001628628783253418flow172.24.10.187(not set)23.61.194.27(not set)ICMPpcapanalyzer
3
2019-04-18T10:13:30.250134-0700925383723140219flow172.24.10.18852578172.217.10.142443TCPpcapanalyzer
4
2019-04-18T10:13:30.250134-0700504721741092022flow172.217.12.142443172.24.10.20263643TCPpcapanalyzer
5
2019-04-18T10:13:30.250134-07001361735220541225flow172.24.10.18863004208.91.112.5253UDPpcapanalyzer
6
2019-04-18T10:13:30.250134-07002067540081106419flow172.217.10.238443172.24.10.18755396TCPpcapanalyzer
7
2019-04-18T10:13:30.250134-0700943431175602487flow172.24.10.18852560172.217.6.197443TCPpcapanalyzer
8
2019-04-18T10:13:30.250134-07001507562244955804flow172.24.10.18852575172.217.12.138443TCPpcapanalyzer
9
2019-04-18T10:13:30.250134-0700663283344055495flow172.24.10.18849472172.24.1.153UDPpcapanalyzer
10
2019-04-18T10:13:30.250134-07002218452346934095flow172.24.10.18852567172.217.10.238443TCPpcapanalyzer
11
2019-04-18T10:13:30.250134-07001374598647609182flow172.24.10.18852565172.217.10.238443TCPpcapanalyzer
12
2019-04-18T10:13:30.250134-07001241725244324761flow172.24.10.18752260172.24.1.153UDPpcapanalyzer
13
2019-04-18T10:13:30.250134-07001526769338756074flow172.24.10.18852574172.217.12.138443TCPpcapanalyzer
14
2019-04-18T10:13:30.250134-0700542186741004753flow172.24.10.18852569172.217.10.142443TCPpcapanalyzer
15
2019-04-18T10:13:30.250134-0700121327190413904flow172.24.10.20264437172.24.1.1450TCPpcapanalyzer
16
2019-04-18T10:13:30.250134-0700689035967804751flow173.194.68.189443172.24.10.18852239TCPpcapanalyzer
17
2019-04-18T10:13:30.250134-07002241357408027776flow172.24.10.2026437923.74.62.160443TCPpcapanalyzer
18
2019-04-18T10:13:30.250134-0700412783671490267flow172.24.10.18852585172.217.10.142443TCPpcapanalyzer
19
2019-04-18T10:13:30.250134-0700273313198340722flow172.24.10.18852573172.217.12.138443TCPpcapanalyzer
20
2019-04-18T10:13:30.250134-07001544121006971784flow172.24.10.20264382172.217.6.197443TCPpcapanalyzer
File 6
Showing 1-6 of 6 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-04-18T10:13:01.178504-070072.21.91.29172.24.10.188/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg+hWk=HTML document, ASCII text, with CRLF, LF line terminators3551
2
2019-04-18T10:13:14.888688-07008.253.151.120172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515
3
2019-04-18T10:13:01.405210-070072.21.91.29172.24.10.188/Omniroot2025.crlHTML document, ASCII text3447
4
2019-04-18T10:13:00.317820-070013.107.4.50172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515
5
2019-04-18T10:13:15.112128-07008.253.151.120172.24.10.188/msdownload/update/v3/static/trustedr/en/pinrulesstl.cabHTML document, ASCII text3509
6
2019-04-18T10:13:01.178504-070013.107.4.50172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515

Comments

Update Download PCAP Delete