popup
NetWork | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Network Analysis

Download pcap
Hosts 1 DNS 1 TCP 0 UDP 32 HTTP 0 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action
164.124.101.2 Active Moloch
Name Response Post-Analysis Lookup
xp18.ddns.net

No traffic

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow SID Signature Category
UDP 192.168.56.101:53004 -> 164.124.101.2:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:55146 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:58887 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:59002 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:54883 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:53850 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:54148 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:61500 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:58166 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:61775 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:58120 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:54915 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:60079 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:52815 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:57081 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:61950 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:51901 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:53381 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:52797 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:56334 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:53767 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:49278 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:58297 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:58269 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:52753 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:63891 -> 8.8.8.8:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:57986 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:60501 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic
UDP 192.168.56.101:49209 -> 8.8.4.4:53 2028675 ET POLICY DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts