port4.root.2.pcap

MD5185d59f11156e97d237d5b7321c243a5
Submission Date2019-10-09 07:57:11
Tags
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 146
Showing 1-20 of 146 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-04-18T10:12:55.024579-0700172.24.10.189172.24.1.1queryjd.sital.spaceA(not set)
2
2019-04-18T10:12:56.310169-0700172.24.10.187172.24.1.1querywww.msftncsi.comA(not set)
3
2019-04-18T10:12:56.964112-0700172.24.1.1172.24.10.187answerwww.msftncsi.comA(not set)
4
2019-04-18T10:12:57.028788-0700172.24.10.189208.91.112.52queryjd.sital.spaceA(not set)
5
2019-04-18T10:12:57.592272-0700208.91.112.52172.24.10.189answerjd.sital.spaceA(not set)
6
2019-04-18T10:12:56.966616-0700172.24.10.188172.24.1.1querylh3.googleusercontent.comA(not set)
7
2019-04-18T10:12:57.341801-0700172.24.10.188208.91.112.52querylh3.googleusercontent.comA(not set)
8
2019-04-18T10:12:57.475133-0700172.24.1.1172.24.10.188answerlh3.googleusercontent.comA(not set)
9
2019-04-18T10:12:57.810720-0700208.91.112.52172.24.10.188answerlh3.googleusercontent.comA(not set)
10
2019-04-18T10:12:59.367815-0700172.24.10.188172.24.1.1queryc.urs.microsoft.comA(not set)
11
2019-04-18T10:12:59.736268-0700172.24.1.1172.24.10.188answerc.urs.microsoft.comA(not set)
12
2019-04-18T10:12:56.677487-0700172.24.10.187208.91.112.52querywww.msftncsi.comA(not set)
13
2019-04-18T10:12:57.294140-0700208.91.112.52172.24.10.187answerwww.msftncsi.comA(not set)
14
2019-04-18T10:12:59.289688-0700172.24.1.1172.24.10.189answerjd.sital.spaceA(not set)
15
2019-04-18T10:13:00.620058-0700172.24.10.188208.91.112.52queryctldl.windowsupdate.comA(not set)
16
2019-04-18T10:13:01.301985-0700208.91.112.52172.24.10.188answerctldl.windowsupdate.comA(not set)
17
2019-04-18T10:13:05.084155-0700172.24.10.202208.91.112.53queryytimg-edge-static.l.google.comA(not set)
18
2019-04-18T10:13:05.700485-0700172.24.10.202208.91.112.53queryclients.l.google.comA(not set)
19
2019-04-18T10:13:05.872343-0700208.91.112.53172.24.10.202answerytimg-edge-static.l.google.comA(not set)
20
2019-04-18T10:13:06.416240-0700208.91.112.53172.24.10.202answerclients.l.google.comA(not set)
TLS 70
Showing 41-60 of 70 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
41
2019-04-18T10:13:14.413765-0700172.24.10.202172.24.1.1TLS 1.2(not set)
42
2019-04-18T10:13:17.370531-0700172.24.10.202172.24.1.1TLS 1.2(not set)
43
2019-04-18T10:13:17.831074-0700172.24.10.18813.68.93.109TLS 1.2sls.update.microsoft.com
44
2019-04-18T10:13:19.437684-0700172.24.10.202172.24.1.1TLS 1.2(not set)
45
2019-04-18T10:13:25.252517-0700172.24.10.18852.114.77.33TLS 1.2v10.events.data.microsoft.com
46
2019-04-18T10:13:26.358970-0700172.24.10.188172.217.6.197TLS 1.3mail.google.com
47
2019-04-18T10:13:24.478160-0700172.24.10.18852.114.77.33TLS 1.2v10.events.data.microsoft.com
48
2019-04-18T10:13:25.340496-0700172.24.10.18813.68.93.109TLS 1.2sls.update.microsoft.com
49
2019-04-18T10:13:25.523528-0700172.24.10.202172.217.7.6TLS 1.3static.doubleclick.net
50
2019-04-18T10:13:26.602998-0700172.24.10.202172.217.11.3TLS 1.3fonts.gstatic.com
51
2019-04-18T10:13:26.726198-0700172.24.10.18813.68.93.109TLS 1.2sls.update.microsoft.com
52
2019-04-18T10:13:27.419699-0700172.24.10.202172.24.1.1TLS 1.2(not set)
53
2019-04-18T10:13:28.105832-0700172.24.10.18813.68.93.109TLS 1.2sls.update.microsoft.com
54
2019-04-18T10:13:29.766694-0700172.24.10.202173.223.63.212TLS 1.2downloads.avaya.com
55
2019-04-18T10:13:27.083055-0700172.24.10.202103.233.38.147TLS 1.2r8---sn-2aqu-hoaez.googlevideo.com
56
2019-04-18T10:13:27.084756-0700172.24.10.202103.233.38.147TLS 1.2r8---sn-2aqu-hoaez.googlevideo.com
57
2019-04-18T10:13:27.982385-0700172.24.10.20274.125.102.121TLS 1.2r3---sn-i3b7kn7d.googlevideo.com
58
2019-04-18T10:13:27.992751-0700172.24.10.20274.125.102.121TLS 1.2r3---sn-i3b7kn7d.googlevideo.com
59
2019-04-18T10:13:28.613120-0700172.24.10.20254.186.163.246TLS 1.2tiles.services.mozilla.com
60
2019-04-18T10:13:28.866307-0700172.24.10.20254.186.163.246TLS 1.2tiles.services.mozilla.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 6
Showing 1-6 of 6 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-04-18T10:13:01.178504-0700172.24.10.188ocsp.digicert.com80GET/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D403
2
2019-04-18T10:13:01.405210-0700172.24.10.188crl3.digicert.com80GET/Omniroot2025.crl403
3
2019-04-18T10:13:14.888688-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8a97ea108abed56a403
4
2019-04-18T10:13:15.112128-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/pinrulesstl.cab?ca6d4fc72938aef6403
5
2019-04-18T10:13:30.002254-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?e19f463c081a8e2e403
6
2019-04-18T10:13:30.002254-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?6d2dfc8dc96beec7403
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 222
Showing 61-80 of 222 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
61
2019-04-18T10:13:30.002254-0700322537820583423flow172.24.10.2026448954.186.163.246443TCPpcapanalyzer
62
2019-04-18T10:13:30.002254-07001167890462228176flow172.24.10.20264451172.24.1.1450TCPpcapanalyzer
63
2019-04-18T10:13:30.002254-07001871715344390851flow172.24.10.20264493172.217.10.132443TCPpcapanalyzer
64
2019-04-18T10:13:30.002254-07001309143346491011flow172.24.10.20264443172.217.10.3443TCPpcapanalyzer
65
2019-04-18T10:13:30.002254-07001028982630632652flow172.24.10.20250127208.91.112.5353UDPpcapanalyzer
66
2019-04-18T10:13:30.002254-0700326673872218943flow172.24.10.1885258913.107.4.5080TCPpcapanalyzer
67
2019-04-18T10:13:30.002254-07001453617457847446flow172.24.10.20264477172.217.11.3443TCPpcapanalyzer
68
2019-04-18T10:13:30.002254-07001313597227490531flow172.217.10.110443172.24.10.18755065TCPpcapanalyzer
69
2019-04-18T10:13:30.002254-07001033174519442325flow172.24.10.20261329208.91.112.5353UDPpcapanalyzer
70
2019-04-18T10:13:30.002254-07001033737158097601flow172.24.10.18852566172.217.10.142443TCPpcapanalyzer
71
2019-04-18T10:13:30.002254-0700752756103165543flow172.24.10.20264447172.217.10.238443TCPpcapanalyzer
72
2019-04-18T10:13:30.002254-07001880399767926735flow172.24.10.18852458208.91.112.5253UDPpcapanalyzer
73
2019-04-18T10:13:30.002254-07001036073622378805flow172.24.10.20264497173.223.63.212443TCPpcapanalyzer
74
2019-04-18T10:13:30.002254-07002021407837295798flow172.217.12.142443172.24.10.20263643TCPpcapanalyzer
75
2019-04-18T10:13:30.002254-0700895787103468441flow172.24.10.18752260172.24.1.153UDPpcapanalyzer
76
2019-04-18T10:13:30.002254-0700755281544772139flow172.24.10.20249975208.91.112.5353UDPpcapanalyzer
77
2019-04-18T10:13:30.002254-07001599968467396468flow172.24.10.18960139208.91.112.5253UDPpcapanalyzer
78
2019-04-18T10:13:30.002254-0700474382094385475flow172.24.10.20251082208.91.112.5353UDPpcapanalyzer
79
2019-04-18T10:13:30.002254-07001319477038905030flow172.24.10.1885177074.125.202.1885228TCPpcapanalyzer
80
2019-04-18T10:13:30.002254-07001319846404939532flow172.24.10.20250804208.91.112.5353UDPpcapanalyzer
File 6
Showing 1-6 of 6 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-04-18T10:13:01.178504-070072.21.91.29172.24.10.188/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg+hWk=HTML document, ASCII text, with CRLF, LF line terminators3551
2
2019-04-18T10:13:01.405210-070072.21.91.29172.24.10.188/Omniroot2025.crlHTML document, ASCII text3447
3
2019-04-18T10:13:14.888688-07008.253.151.120172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515
4
2019-04-18T10:13:15.112128-07008.253.151.120172.24.10.188/msdownload/update/v3/static/trustedr/en/pinrulesstl.cabHTML document, ASCII text3509
5
2019-04-18T10:13:30.002254-070013.107.4.50172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515
6
2019-04-18T10:13:30.002254-070013.107.4.50172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515

Comments

Update Download PCAP Delete