Network Analysis

Download pcap
Hosts 0 DNS 0 TCP 0 UDP 0 HTTP 0 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action VT Location
No hosts contacted.
Name Response Post-Analysis Lookup
No hosts contacted.

No traffic

No traffic

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow SID Signature Category
TCP 91.199.38.164:443 -> 192.168.168.207:49244 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49241 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49246 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49245 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49243 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49242 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49255 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49258 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49257 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49256 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49259 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49254 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49262 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49261 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49268 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49269 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49270 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49271 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49272 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49273 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49280 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49281 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49282 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49283 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49284 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49285 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49294 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49292 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49295 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49296 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49298 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49299 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49302 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49300 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49309 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49308 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49310 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49311 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49312 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49313 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49318 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49319 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49320 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49323 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49324 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49325 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49332 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49333 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49335 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49334 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49336 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49337 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49342 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49343 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49344 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49346 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49348 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49350 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49355 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49357 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49358 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49359 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49360 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49363 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49366 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49367 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49369 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49374 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49375 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 91.199.38.164:443 -> 192.168.168.207:49376 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic

Suricata TLS

Flow Issuer Subject Fingerprint
TLS 1.2
192.168.168.207:49240
104.18.11.207:443 		C=US, O=Google Trust Services, CN=WE1 CN=bootstrapcdn.com 73:3e:54:5a:e7:0a:b5:3c:11:79:4a:9f:fe:64:7b:38:b7:15:03:c0
TLS 1.2
192.168.168.207:49237
104.18.11.207:443 		C=US, O=Google Trust Services, CN=WE1 CN=bootstrapcdn.com 73:3e:54:5a:e7:0a:b5:3c:11:79:4a:9f:fe:64:7b:38:b7:15:03:c0
TLS 1.2
192.168.168.207:49238
216.58.211.232:443 		C=US, O=Google Trust Services, CN=WR2 CN=*.google-analytics.com 06:cd:2a:9c:6e:f9:40:51:aa:e0:81:4a:bb:69:6c:ba:fa:ad:ab:4d
TLS 1.2
192.168.168.207:49239
216.58.211.232:443 		C=US, O=Google Trust Services, CN=WR2 CN=*.google-analytics.com 06:cd:2a:9c:6e:f9:40:51:aa:e0:81:4a:bb:69:6c:ba:fa:ad:ab:4d
TLS 1.2
192.168.168.207:49392
172.66.171.172:443 		C=US, O=Google Trust Services, CN=WE1 CN=static.addtoany.com b0:87:6f:68:70:86:79:cd:36:9d:6a:45:5d:7a:47:75:2a:24:8b:f2
TLS 1.2
192.168.168.207:49393
172.66.171.172:443 		C=US, O=Google Trust Services, CN=WE1 CN=static.addtoany.com b0:87:6f:68:70:86:79:cd:36:9d:6a:45:5d:7a:47:75:2a:24:8b:f2
TLS 1.2
192.168.168.207:49394
172.66.171.172:443 		None None None

Snort Alerts

No Snort Alerts

Cuckoo

We're processing your submission... This could take a few seconds.