Network Analysis
| IP Address | Status | Action | VT | Location |
|---|---|---|---|---|
| No hosts contacted. | ||||
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
No traffic
No traffic
No traffic
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLS 1.2 192.168.168.217:49240 104.21.48.1:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=2ip.ua | 88:33:f0:8d:90:b7:9f:61:93:a7:2e:86:58:d6:ac:68:ad:2c:0b:67 |
Snort Alerts
| Flow | SID | Message |
|---|---|---|
| UDP 192.168.168.217:64546 -> 8.8.8.8:53 | 2063054 | ET INFO External IP Lookup Domain (2ip .ua) in DNS Lookup |
| UDP 192.168.168.217:64546 -> 8.8.8.8:53 | 2027026 | ET POLICY External IP Address Lookup DNS Query (2ip .ua) |
| UDP 192.168.168.217:64546 -> 8.8.8.8:53 | 2851162 | ETPRO INFO Observed DNS Query for Ukraine Domain (.ua) |
| TCP 192.168.168.217:49240 -> 104.21.48.1:443 | 2033214 | ET INFO Observed External IP Lookup Domain (api .2ip .ua in TLS SNI) |
| TCP 192.168.168.217:49240 -> 104.21.48.1:443 | 2063067 | ET INFO Observed External IP Lookup Domain (2ip .ua) in TLS SNI |
