Network Analysis

Download pcap
Hosts 0 DNS 0 TCP 0 UDP 0 HTTP 0 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action VT Location
No hosts contacted.
Name Response Post-Analysis Lookup
No hosts contacted.

No traffic

No traffic

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow SID Signature Category
TCP 192.168.168.226:49225 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49232 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49236 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49241 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49245 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49249 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49253 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
UDP 192.168.168.226:60241 -> 114.114.114.114:53 2023883 ET DNS Query to a *.top domain - Likely Hostile Potentially Bad Traffic
TCP 192.168.168.226:49258 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49260 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49264 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49268 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49272 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49276 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49280 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49284 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49288 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49292 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49296 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49300 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49304 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49308 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49312 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49316 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49320 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49324 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49328 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49332 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49336 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49343 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity
TCP 192.168.168.226:49350 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI) Misc activity

Suricata TLS

Flow Issuer Subject Fingerprint
TLS 1.2
192.168.168.226:49225
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49230
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49232
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49234
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49236
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49238
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49241
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49243
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49245
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49247
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49249
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49251
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49253
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49255
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49258
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49260
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49262
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49264
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49266
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49268
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49270
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49272
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49274
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49276
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49278
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49280
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49282
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49284
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49286
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49288
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49290
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49292
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49294
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49296
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49298
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49300
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49302
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49304
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49306
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49308
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49310
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49312
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49314
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49316
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49318
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49320
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49322
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49324
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49326
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49328
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49330
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49332
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49334
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49336
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49338
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49343
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49348
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b
TLS 1.2
192.168.168.226:49350
223.5.5.5:443 		C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 C=CN, ST=浙江省, L=杭州市, O=阿里巴巴(中国)网络技术有限公司, CN=*.alidns.com f1:dc:2b:b3:ce:bc:48:67:b5:3a:0e:9e:84:54:47:90:96:33:af:3b

Snort Alerts

Flow SID Message
TCP 192.168.168.226:49225 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49232 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49236 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49241 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49245 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49249 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49253 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
UDP 192.168.168.226:60241 -> 114.114.114.114:53 2023883 ET DNS Query to a *.top domain - Likely Hostile
TCP 192.168.168.226:49258 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49260 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49264 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49268 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49272 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49276 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49280 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49284 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49288 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49292 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49296 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49300 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49304 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49308 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49312 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49316 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49320 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49324 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49328 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49332 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49336 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49343 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
TCP 192.168.168.226:49350 -> 223.5.5.5:443 2034912 ET INFO Observed DNS Over HTTPS Domain (dns .alidns .com in TLS SNI)
Cuckoo

We're processing your submission... This could take a few seconds.