Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| cacerts.digicert.com |
CNAME
fp2e7a.wpc.phicdn.net
|
152.195.38.76 |
| api.onedrive.com |
CNAME
common-afdrk.fe.1drv.com
CNAME
l-0003.l-msedge.net
|
13.107.43.12 |
- TCP Requests
-
-
192.168.56.102:49212 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49216 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49219 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49220 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49221 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49222 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49223 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49224 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49227 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49230 13.107.42.12:443api.onedrive.com
-
192.168.56.102:49213 152.195.38.76:80cacerts.digicert.com
-
- UDP Requests
-
-
192.168.56.102:62846 164.124.101.2:53
-
192.168.56.102:63709 164.124.101.2:53
-
192.168.56.102:64513 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:138 192.168.56.255:138
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:62849 239.255.255.250:1900
-
52.231.114.183:123 192.168.56.102:123
-
GET
200
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
REQUEST
RESPONSE
BODY
GET /DigiCertGlobalRootG2.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: cacerts.digicert.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 96363
cache-control: max-age=172800, public
Content-Type: application/pkix-cert
Date: Wed, 10 May 2023 00:13:42 GMT
Etag: "5a286417-392"
expires: Fri, 12 May 2023 00:13:42 GMT
last-modified: Wed, 06 Dec 2017 21:41:43 GMT
Server: ECAcc (tkc/BECE)
X-Cache: HIT
Content-Length: 914
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLSv1 192.168.56.102:49219 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49221 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49212 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49220 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49222 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49227 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49223 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49224 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49216 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
|
TLSv1 192.168.56.102:49230 13.107.42.12:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=storage.live.com | 99:18:79:4d:bc:a1:b2:3d:19:ab:b7:fb:69:fa:cd:ce:88:36:e5:bf |
Snort Alerts
No Snort Alerts