0b0e4eab-aece-4353-aba0-730b9fcb3a0e.pcap

MD5bdeafd6f458ee1fa380fc3b50ab82d46
Submission Date2019-10-09 16:11:46
Tags(not set)
Alert 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-10-08T10:54:03.816965-0700192.168.100.65192.168.100.2ET POLICY DNS Query to DynDNS Domain *.hopto .org*
2
2019-10-08T10:54:35.231346-0700192.168.100.65192.168.100.2ET POLICY DNS Query to DynDNS Domain *.ddns .net*
3
2019-10-08T10:54:35.231346-0700192.168.100.65192.168.100.2ET POLICY DNS Query to DynDNS Domain *.ddns .net*
4
2019-10-08T10:54:03.816965-0700192.168.100.65192.168.100.2ET POLICY DNS Query to DynDNS Domain *.hopto .org*
DNS 26
Showing 21-26 of 26 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
21
2019-10-08T10:54:03.756832-0700192.168.100.65192.168.100.2querywww.bing.comA(not set)
22
2019-10-08T10:54:03.757034-0700192.168.100.2192.168.100.65answerwww.bing.comA(not set)
23
2019-10-08T10:54:03.816965-0700192.168.100.65192.168.100.2queryrobertmoore.hopto.orgA(not set)
24
2019-10-08T10:54:03.824676-0700192.168.100.2192.168.100.65answerrobertmoore.hopto.orgA(not set)
25
2019-10-08T10:54:24.996524-0700192.168.100.65192.168.100.2queryvikkibret.mywire.orgA(not set)
26
2019-10-08T10:54:25.104364-0700192.168.100.2192.168.100.65answervikkibret.mywire.orgA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 4
Showing 1-4 of 4 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-10-08T10:54:04.230582-0700192.168.100.65www.bing.com80GET/favicon.ico200
2
2019-10-08T10:54:42.169085-0700192.168.100.65go.microsoft.com80GET/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=iexplore.exe&platform=0000&osver=5&isServer=0&shimver=4.0.30319.0(not set)
3
2019-10-08T10:54:04.230582-0700192.168.100.65www.bing.com80GET/favicon.ico200
4
2019-10-08T10:54:42.169085-0700192.168.100.65go.microsoft.com80GET/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=iexplore.exe&platform=0000&osver=5&isServer=0&shimver=4.0.30319.0(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 40
Showing 21-40 of 40 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
21
2019-10-08T10:54:42.169085-0700595586557037690flow192.168.100.6564082224.0.0.2525355UDPpcapanalyzer
22
2019-10-08T10:54:42.169085-07001176760056513742flow192.168.100.65137192.168.100.255137UDPpcapanalyzer
23
2019-10-08T10:54:42.169085-0700346877886045831flowfe80:0000:0000:0000:a179:b3ff:0199:231461594ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
24
2019-10-08T10:54:42.169085-07001494286989106953flow192.168.100.6550314224.0.0.2525355UDPpcapanalyzer
25
2019-10-08T10:54:42.169085-07001243143071008726flow192.168.100.6553802224.0.0.2525355UDPpcapanalyzer
26
2019-10-08T10:54:42.169085-0700545528713202596flowfe80:0000:0000:0000:a179:b3ff:0199:231461896ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
27
2019-10-08T10:54:42.169085-07001819428897947438flowfe80:0000:0000:0000:a179:b3ff:0199:231462104ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
28
2019-10-08T10:54:42.169085-07002140692455073699flow192.168.100.654993765.52.38.1422404TCPpcapanalyzer
29
2019-10-08T10:54:42.169085-07001872682198704815flow192.168.100.6555625192.168.100.253UDPpcapanalyzer
30
2019-10-08T10:54:42.169085-0700481619599704205flow192.168.100.65138192.168.100.255138UDPpcapanalyzer
31
2019-10-08T10:54:42.169085-07002033339747502002flow192.168.100.6557863192.168.100.253UDPpcapanalyzer
32
2019-10-08T10:54:42.169085-07001906066979548438flow192.168.100.654945765.52.38.1422404TCPpcapanalyzer
33
2019-10-08T10:54:42.169085-0700220330971994881flow192.168.100.654977965.52.38.1422404TCPpcapanalyzer
34
2019-10-08T10:54:42.169085-07002055523250695015flowfe80:0000:0000:0000:a179:b3ff:0199:2314546ff02:0000:0000:0000:0000:0000:0001:0002547UDPpcapanalyzer
35
2019-10-08T10:54:42.169085-0700235908816931936flow192.168.100.6561207192.168.100.253UDPpcapanalyzer
36
2019-10-08T10:54:42.169085-0700382324252058513flow192.168.100.654945113.107.21.20080TCPpcapanalyzer
37
2019-10-08T10:54:42.169085-0700242785059567429flow192.168.100.6553392192.168.100.253UDPpcapanalyzer
38
2019-10-08T10:54:42.169085-0700678659815647233flow192.168.100.65494712.19.38.5980TCPpcapanalyzer
39
2019-10-08T10:54:42.169085-07001247339256755372flow192.168.100.6562685192.168.100.253UDPpcapanalyzer
40
2019-10-08T10:54:42.169085-0700130295571131653flow192.168.100.6559337192.168.100.253UDPpcapanalyzer
File 2
Showing 1-2 of 2 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-10-08T10:54:04.230582-070013.107.21.200192.168.100.65/favicon.icoPNG image data, 16 x 16, 4-bit colormap, non-interlaced237
2
2019-10-08T10:54:04.230582-070013.107.21.200192.168.100.65/favicon.icoPNG image data, 16 x 16, 4-bit colormap, non-interlaced237

Comments(not set)

Update Download PCAP Delete