popup
NetWork | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Network Analysis

Download pcap
Hosts 4 DNS 3 TCP 7 UDP 7 HTTP(S) 1 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action
164.124.101.2 Active Moloch
185.199.109.133 Active Moloch
20.200.245.247 Active Moloch
92.205.208.182 Active Moloch
GET 200 http://www.heyderw.de/gpg/mpc-us.php
REQUEST
RESPONSE
BODY 

            

        


    



        
	




                            
ICMP traffic



No ICMP traffic performed.



                            
IRC traffic



No IRC requests performed.



                            
Suricata Alerts


    

        

            Flow
            SID
            Signature
            Category
        

        
        

            
                TCP
                192.168.56.103:49195 ->
                92.205.208.182:80
            
            2013031
            ET POLICY Python-urllib/ Suspicious User Agent
            Attempted Information Leak
        

        
    




Suricata TLS


    

        

            Flow
            Issuer
            Subject
            Fingerprint
        

        
        

            
                TLS 1.2 

                192.168.56.103:49164 

                20.200.245.247:443
            		
            C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Domain Validation Secure Server CA
            CN=github.com
            e7:03:5b:cc:1c:18:77:1f:79:2f:90:86:6b:6c:1d:f8:df:aa:bd:c0
        

        
        

            
                TLS 1.2 

                192.168.56.103:49165 

                185.199.109.133:443
            		
            C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
            C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=*.github.io
            97:d8:c5:70:0f:12:24:6c:88:bc:fa:06:7e:8c:a7:4d:a8:62:67:28
        

        
        

            
                TLS 1.2 

                192.168.56.103:49166 

                20.200.245.247:443
            		
            C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Domain Validation Secure Server CA
            CN=github.com
            e7:03:5b:cc:1c:18:77:1f:79:2f:90:86:6b:6c:1d:f8:df:aa:bd:c0
        

        
        

            
                TLS 1.2 

                192.168.56.103:49167 

                185.199.109.133:443
            		
            C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
            C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=*.github.io
            97:d8:c5:70:0f:12:24:6c:88:bc:fa:06:7e:8c:a7:4d:a8:62:67:28
        

        
        

            
                TLS 1.2 

                192.168.56.103:49169 

                185.199.109.133:443
            		
            C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
            C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=*.github.io
            97:d8:c5:70:0f:12:24:6c:88:bc:fa:06:7e:8c:a7:4d:a8:62:67:28
        

        
        

            
                TLS 1.2 

                192.168.56.103:49168 

                20.200.245.247:443
            		
            C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Domain Validation Secure Server CA
            CN=github.com
            e7:03:5b:cc:1c:18:77:1f:79:2f:90:86:6b:6c:1d:f8:df:aa:bd:c0
        

        
    





                            
Snort Alerts


    
No Snort Alerts