fwst.pcap

MD53f45096adaa683b3a9282d224ec86ddd
Submission Date2020-03-25 23:10:13
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 28
Showing 1-20 of 28 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2020-03-25T23:01:14.170917-0700192.168.100.109192.168.100.2queryclientservices.googleapis.comA(not set)
2
2020-03-25T23:01:14.201725-0700192.168.100.109192.168.100.2queryaccounts.google.comA(not set)
3
2020-03-25T23:01:23.431698-0700192.168.100.109192.168.100.2queryssl.gstatic.comA(not set)
4
2020-03-25T23:01:14.184590-0700192.168.100.2192.168.100.109answerclientservices.googleapis.comA(not set)
5
2020-03-25T23:01:14.227547-0700192.168.100.2192.168.100.109answeraccounts.google.comA(not set)
6
2020-03-25T23:01:18.396095-0700192.168.100.109192.168.100.2querywww.google.comA(not set)
7
2020-03-25T23:01:18.396333-0700192.168.100.2192.168.100.109answerwww.google.comA(not set)
8
2020-03-25T23:01:23.437701-0700192.168.100.2192.168.100.109answerssl.gstatic.comA(not set)
9
2020-03-25T23:01:23.619553-0700192.168.100.109192.168.100.2queryredirector.gvt1.comA(not set)
10
2020-03-25T23:01:23.633766-0700192.168.100.2192.168.100.109answerredirector.gvt1.comA(not set)
11
2020-03-25T23:01:23.708826-0700192.168.100.109192.168.100.2queryr5---sn-hpa7zned.gvt1.comA(not set)
12
2020-03-25T23:01:23.714226-0700192.168.100.2192.168.100.109answerr5---sn-hpa7zned.gvt1.comA(not set)
13
2020-03-25T23:01:23.924118-0700192.168.100.109192.168.100.2queryclients2.googleusercontent.comA(not set)
14
2020-03-25T23:01:23.938161-0700192.168.100.2192.168.100.109answerclients2.googleusercontent.comA(not set)
15
2020-03-25T23:01:24.139647-0700192.168.100.109192.168.100.2queryr5---sn-hpa7kn7s.gvt1.comA(not set)
16
2020-03-25T23:01:24.153249-0700192.168.100.2192.168.100.109answerr5---sn-hpa7kn7s.gvt1.comA(not set)
17
2020-03-25T23:01:23.243119-0700192.168.100.109192.168.100.2queryclients2.google.comA(not set)
18
2020-03-25T23:01:23.256806-0700192.168.100.2192.168.100.109answerclients2.google.comA(not set)
19
2020-03-25T23:01:45.828915-0700192.168.100.109192.168.100.2querydns.msftncsi.comA(not set)
20
2020-03-25T23:01:45.834177-0700192.168.100.2192.168.100.109answerdns.msftncsi.comA(not set)
TLS 9
Showing 1-9 of 9 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2020-03-25T23:01:14.303491-0700192.168.100.109172.217.16.141TLS 1.3accounts.google.com
2
2020-03-25T23:01:18.488526-0700192.168.100.109172.217.22.36TLS 1.3www.google.com
3
2020-03-25T23:01:14.285620-0700192.168.100.109172.217.18.3TLS 1.3clientservices.googleapis.com
4
2020-03-25T23:01:23.508804-0700192.168.100.109172.217.16.131TLS 1.3ssl.gstatic.com
5
2020-03-25T23:01:23.327159-0700192.168.100.109216.58.207.78TLS 1.3clients2.google.com
6
2020-03-25T23:02:14.278036-0700192.168.100.109216.58.206.3TLS 1.3www.gstatic.com
7
2020-03-25T23:01:24.019311-0700192.168.100.109172.217.23.97TLS 1.3clients2.googleusercontent.com
8
2020-03-25T23:02:43.766982-0700192.168.100.109216.58.207.78TLS 1.3clients1.google.com
9
2020-03-25T23:02:59.015848-0700192.168.100.109172.217.16.138TLS 1.3safebrowsing.googleapis.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 10
Showing 1-10 of 10 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-03-25T23:01:23.903167-0700192.168.100.109redirector.gvt1.com80GET/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOTRmQUFXVHlhaGJaUTdMLWtCSkNJUl9ZQQ/1.0.0.5_nmmhkkegccagdldgiimedpiccmgmieda.crx302
2
2020-03-25T23:01:23.919427-0700192.168.100.109r5---sn-hpa7zned.gvt1.com80GET/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOTRmQUFXVHlhaGJaUTdMLWtCSkNJUl9ZQQ/1.0.0.5_nmmhkkegccagdldgiimedpiccmgmieda.crx?cms_redirect=yes&mh=QJ&mip=185.128.27.151&mm=28&mn=sn-hpa7zned&ms=nvh&mt=1585202410&mv=m&mvi=4&pl=24&shardbypass=yes200
3
2020-03-25T23:01:24.346742-0700192.168.100.109redirector.gvt1.com80GET/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOWVmQUFXS041NV9ZVXlJVWwxbGc5TUM4dw/7519.422.0.3_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx302
4
2020-03-25T23:01:24.877800-0700192.168.100.109r5---sn-hpa7kn7s.gvt1.com80GET/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOWVmQUFXS041NV9ZVXlJVWwxbGc5TUM4dw/7519.422.0.3_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx?cms_redirect=yes&mh=bs&mip=185.128.27.151&mm=28&mn=sn-hpa7kn7s&ms=nvh&mt=1585202410&mv=m&mvi=4&pl=24&shardbypass=yes200
5
2020-03-25T23:03:10.078343-0700192.168.100.109151.101.194.217443GET/(not set)
6
2020-03-25T23:03:10.078343-0700192.168.100.109151.101.194.217443GET/(not set)
7
2020-03-25T23:03:10.078343-0700192.168.100.109151.101.194.217443GET/(not set)
8
2020-03-25T23:03:10.078343-0700192.168.100.109151.101.194.217443GET/(not set)
9
2020-03-25T23:03:10.078343-0700192.168.100.109151.101.194.217443GET/(not set)
10
2020-03-25T23:03:10.078343-0700192.168.100.109151.101.194.217443GET/(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 57
Showing 1-20 of 57 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-03-25T23:03:10.078343-07001970328145290424flow192.168.100.10951986224.0.0.2525355UDPpcapanalyzer
2
2020-03-25T23:03:10.078343-0700565036321034923flow192.168.100.10949345172.217.23.97443TCPpcapanalyzer
3
2020-03-25T23:03:10.078343-0700990470010924953flowfe80:0000:0000:0000:a179:b3ff:0199:23145353ff02:0000:0000:0000:0000:0000:0000:00fb5353UDPpcapanalyzer
4
2020-03-25T23:03:10.078343-0700569457991823842flow192.168.100.10949817151.101.194.217443TCPpcapanalyzer
5
2020-03-25T23:03:10.078343-07001836164104382768flow192.168.100.10958055224.0.0.2525355UDPpcapanalyzer
6
2020-03-25T23:03:10.078343-0700710906294729412flow192.168.100.10949177172.217.16.141443TCPpcapanalyzer
7
2020-03-25T23:03:10.078343-0700290517043884149flow192.168.100.10949333172.217.16.131443TCPpcapanalyzer
8
2020-03-25T23:03:10.078343-0700149899814614447flow192.168.100.10958872192.168.100.253UDPpcapanalyzer
9
2020-03-25T23:03:10.078343-0700300882947453231flow192.168.100.10949334172.217.16.131443TCPpcapanalyzer
10
2020-03-25T23:03:10.078343-0700868361947221973flow192.168.100.10950156151.101.194.217443TCPpcapanalyzer
11
2020-03-25T23:03:10.078343-0700868598167118207flow192.168.100.10962003192.168.100.253UDPpcapanalyzer
12
2020-03-25T23:03:10.078343-0700588946403771559flow192.168.100.10949280151.101.194.217443TCPpcapanalyzer
13
2020-03-25T23:03:10.078343-0700449733628579220flowfe80:0000:0000:0000:a179:b3ff:0199:231458906ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
14
2020-03-25T23:03:10.078343-0700592204136732769flow192.168.100.1094934974.125.99.9180TCPpcapanalyzer
15
2020-03-25T23:03:10.078343-07001296237322699653flow192.168.100.10949175151.101.194.217443TCPpcapanalyzer
16
2020-03-25T23:03:10.078343-07001161495608872502flow192.168.100.10952337224.0.0.2525355UDPpcapanalyzer
17
2020-03-25T23:03:10.078343-070035797565107265flowfe80:0000:0000:0000:a179:b3ff:0199:2314546ff02:0000:0000:0000:0000:0000:0001:0002547UDPpcapanalyzer
18
2020-03-25T23:03:10.078343-07001303216645007506flowfe80:0000:0000:0000:a179:b3ff:0199:231461078ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
19
2020-03-25T23:03:10.078343-07001022720920183313flow192.168.100.109137192.168.100.255137UDPpcapanalyzer
20
2020-03-25T23:03:10.078343-0700600673818391716flow192.168.100.10960303192.168.100.253UDPpcapanalyzer
File 4
Showing 1-4 of 4 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2020-03-25T23:01:23.903167-0700216.58.205.238192.168.100.109/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOTRmQUFXVHlhaGJaUTdMLWtCSkNJUl9ZQQ/1.0.0.5_nmmhkkegccagdldgiimedpiccmgmieda.crxHTML document, ASCII text, with very long lines, with CRLF, LF line terminators520
2
2020-03-25T23:01:23.919427-070074.125.153.27192.168.100.109/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOTRmQUFXVHlhaGJaUTdMLWtCSkNJUl9ZQQ/1.0.0.5_nmmhkkegccagdldgiimedpiccmgmieda.crxdata300953
3
2020-03-25T23:01:24.346742-0700216.58.205.238192.168.100.109/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOWVmQUFXS041NV9ZVXlJVWwxbGc5TUM4dw/7519.422.0.3_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crxHTML document, ASCII text, with very long lines, with CRLF, LF line terminators525
4
2020-03-25T23:01:24.877800-070074.125.99.91192.168.100.109/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOWVmQUFXS041NV9ZVXlJVWwxbGc5TUM4dw/7519.422.0.3_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crxdata883587

Comments(not set)

Update Download PCAP Delete