port4.root.2.pcap

MD5185d59f11156e97d237d5b7321c243a5
Submission Date2019-10-09 07:57:11
Tags
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 145
Showing 1-20 of 145 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-04-18T10:12:59.367815-0700172.24.10.188172.24.1.1queryc.urs.microsoft.comA(not set)
2
2019-04-18T10:12:55.024579-0700172.24.10.189172.24.1.1queryjd.sital.spaceA(not set)
3
2019-04-18T10:12:56.310169-0700172.24.10.187172.24.1.1querywww.msftncsi.comA(not set)
4
2019-04-18T10:12:56.677487-0700172.24.10.187208.91.112.52querywww.msftncsi.comA(not set)
5
2019-04-18T10:12:57.341801-0700172.24.10.188208.91.112.52querylh3.googleusercontent.comA(not set)
6
2019-04-18T10:12:59.736268-0700172.24.1.1172.24.10.188answerc.urs.microsoft.com(not set)(not set)
7
2019-04-18T10:12:56.964112-0700172.24.1.1172.24.10.187answerwww.msftncsi.com(not set)(not set)
8
2019-04-18T10:12:56.966616-0700172.24.10.188172.24.1.1querylh3.googleusercontent.comA(not set)
9
2019-04-18T10:12:57.028788-0700172.24.10.189208.91.112.52queryjd.sital.spaceA(not set)
10
2019-04-18T10:12:57.294140-0700208.91.112.52172.24.10.187answerwww.msftncsi.com(not set)(not set)
11
2019-04-18T10:13:00.620058-0700172.24.10.188208.91.112.52queryctldl.windowsupdate.comA(not set)
12
2019-04-18T10:12:57.475133-0700172.24.1.1172.24.10.188answerlh3.googleusercontent.com(not set)(not set)
13
2019-04-18T10:12:57.592272-0700208.91.112.52172.24.10.189answerjd.sital.space(not set)(not set)
14
2019-04-18T10:13:00.244769-0700172.24.10.188172.24.1.1queryctldl.windowsupdate.comA(not set)
15
2019-04-18T10:12:57.810720-0700208.91.112.52172.24.10.188answerlh3.googleusercontent.com(not set)(not set)
16
2019-04-18T10:13:01.301985-0700208.91.112.52172.24.10.188answerctldl.windowsupdate.com(not set)(not set)
17
2019-04-18T10:13:00.878334-0700172.24.1.1172.24.10.188answerctldl.windowsupdate.com(not set)(not set)
18
2019-04-18T10:13:03.931752-0700172.24.10.202208.91.112.53queryclients1.google.comA(not set)
19
2019-04-18T10:13:04.700469-0700172.24.10.202208.91.112.53querywww.gstatic.comAAAA(not set)
20
2019-04-18T10:13:04.899676-0700172.24.10.202208.91.112.53queryclients1.google.comA(not set)
TLS 70
Showing 1-20 of 70 items.
#
TimestampSource IPDestination IPTLS VersionIssuer
1
2019-04-18T10:12:56.515235-0700172.24.10.18713.107.5.88TLS 1.2(not set)
2
2019-04-18T10:12:57.199332-0700172.24.10.202172.24.1.1TLS 1.2(not set)
3
2019-04-18T10:12:57.217448-0700172.24.10.188172.217.12.138TLS 1.3(not set)
4
2019-04-18T10:12:58.013540-0700172.24.10.188172.217.11.33TLS 1.3(not set)
5
2019-04-18T10:12:58.767206-0700172.24.10.188172.217.10.142TLS 1.3(not set)
6
2019-04-18T10:12:59.168418-0700172.24.10.188172.217.6.197TLS 1.3(not set)
7
2019-04-18T10:12:58.043105-0700172.24.10.18954.203.74.83TLS 1.2C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
8
2019-04-18T10:12:59.313219-0700172.24.10.202172.24.1.1TLS 1.2(not set)
9
2019-04-18T10:12:59.589214-0700172.24.10.188172.217.10.142TLS 1.3(not set)
10
2019-04-18T10:13:00.219933-0700172.24.10.18852.189.181.71TLS 1.2C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2
11
2019-04-18T10:13:00.225018-0700172.24.10.18852.189.181.71TLS 1.2C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2
12
2019-04-18T10:13:04.347766-0700172.24.10.202172.24.1.1TLS 1.2(not set)
13
2019-04-18T10:13:05.883193-0700172.24.10.202172.217.12.182TLS 1.3(not set)
14
2019-04-18T10:13:05.496671-0700172.24.10.202172.217.10.3TLS 1.3(not set)
15
2019-04-18T10:13:07.379997-0700172.24.10.202172.217.3.97TLS 1.3(not set)
16
2019-04-18T10:13:08.823283-0700172.24.10.188172.217.10.227TLS 1.3(not set)
17
2019-04-18T10:13:06.223844-0700172.24.10.202172.217.12.182TLS 1.3(not set)
18
2019-04-18T10:13:09.384421-0700172.24.10.202172.24.1.1TLS 1.2(not set)
19
2019-04-18T10:13:11.810022-0700172.24.10.18813.68.93.109TLS 1.2C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Update Secure Server CA 2.1
20
2019-04-18T10:13:12.082908-0700172.24.10.188172.217.10.142TLS 1.3(not set)
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 6
Showing 1-6 of 6 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-04-18T10:13:01.178504-0700172.24.10.188ocsp.digicert.com80GET/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D403
2
2019-04-18T10:13:01.336340-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?e19f463c081a8e2e403
3
2019-04-18T10:13:14.888688-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8a97ea108abed56a403
4
2019-04-18T10:13:01.405210-0700172.24.10.188crl3.digicert.com80GET/Omniroot2025.crl403
5
2019-04-18T10:13:00.317820-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?6d2dfc8dc96beec7403
6
2019-04-18T10:13:15.112128-0700172.24.10.188ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/pinrulesstl.cab?ca6d4fc72938aef6403
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 228
Showing 101-120 of 228 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
101
2019-04-18T10:13:30.250134-0700612886197726315flow74.125.192.189443172.24.10.18755220TCPpcapanalyzer
102
2019-04-18T10:13:30.250134-07001598074386500898flow172.24.10.20254879208.91.112.5353UDPpcapanalyzer
103
2019-04-18T10:13:30.250134-0700613319990922268flow172.24.10.20252044208.91.112.5353UDPpcapanalyzer
104
2019-04-18T10:13:30.250134-0700895761334681599flow172.24.10.18912317.253.24.125123UDPpcapanalyzer
105
2019-04-18T10:13:30.250134-07001318970233264835flow172.24.10.20264493172.217.10.132443TCPpcapanalyzer
106
2019-04-18T10:13:30.250134-07001882001790367909flow172.24.10.20264459172.217.9.238443TCPpcapanalyzer
107
2019-04-18T10:13:30.250134-07001178898462800703flow172.24.10.18852581172.217.11.33443TCPpcapanalyzer
108
2019-04-18T10:13:30.250134-07001178975774102266flow172.24.10.20252271208.91.112.5353UDPpcapanalyzer
109
2019-04-18T10:13:30.250134-07001601884023869914flow172.24.10.20264479103.233.38.147443TCPpcapanalyzer
110
2019-04-18T10:13:30.250134-07001742784720510173flow172.24.10.20264461172.24.1.1450TCPpcapanalyzer
111
2019-04-18T10:13:30.250134-07001743871347857533flow172.24.10.20264496173.223.63.212443TCPpcapanalyzer
112
2019-04-18T10:13:30.250134-0700195780449201118flow172.24.10.20252965208.91.112.5353UDPpcapanalyzer
113
2019-04-18T10:13:30.250134-070055622782971908flow172.24.10.20264490172.217.10.132443TCPpcapanalyzer
114
2019-04-18T10:13:30.250134-07001605908407572079flow172.24.10.20257210208.91.112.5353UDPpcapanalyzer
115
2019-04-18T10:13:30.250134-07001043104481853870flow172.24.10.2026441352.39.195.123443TCPpcapanalyzer
116
2019-04-18T10:13:30.250134-0700199139113003491flow172.24.10.18852572172.217.6.206443TCPpcapanalyzer
117
2019-04-18T10:13:30.250134-0700199706050057742flow172.24.10.1885260213.68.93.109443TCPpcapanalyzer
118
2019-04-18T10:13:30.250134-07002170052362270809flow172.24.10.20250041208.91.112.5353UDPpcapanalyzer
119
2019-04-18T10:13:30.250134-07001185529892978964flow172.24.10.18852594172.217.10.227443TCPpcapanalyzer
120
2019-04-18T10:13:30.250134-07001889230218739377flow172.24.10.18852571172.217.6.206443TCPpcapanalyzer
File 6
Showing 1-6 of 6 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-04-18T10:13:01.178504-070072.21.91.29172.24.10.188/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg+hWk=HTML document, ASCII text, with CRLF, LF line terminators3551
2
2019-04-18T10:13:14.888688-07008.253.151.120172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515
3
2019-04-18T10:13:01.405210-070072.21.91.29172.24.10.188/Omniroot2025.crlHTML document, ASCII text3447
4
2019-04-18T10:13:00.317820-070013.107.4.50172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515
5
2019-04-18T10:13:15.112128-07008.253.151.120172.24.10.188/msdownload/update/v3/static/trustedr/en/pinrulesstl.cabHTML document, ASCII text3509
6
2019-04-18T10:13:01.178504-070013.107.4.50172.24.10.188/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cabHTML document, ASCII text3515

Comments

Update Download PCAP Delete