Network Analysis
| IP Address | Status | Action | VT | Location |
|---|---|---|---|---|
| No hosts contacted. | ||||
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
No traffic
No traffic
No traffic
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLS 1.2 192.168.168.106:47418 185.125.188.59:443 |
C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=GB, L=London, O=CANONICAL GROUP LIMITED, CN=api.snapcraft.io | a5:33:40:75:be:b8:64:d0:78:dd:14:5d:09:37:ab:96:a0:18:b8:1e |
Snort Alerts
| Flow | SID | Message |
|---|---|---|
| TCP 192.168.168.106:39150 -> 46.8.78.15:80 | 2034567 | ET INFO curl User-Agent to Dotted Quad |
| TCP 46.8.78.15:80 -> 192.168.168.106:39150 | 2019240 | ET POLICY Executable and linking format (ELF) file download Over HTTP |
| TCP 46.8.78.15:80 -> 192.168.168.106:39150 | 100000137 | COMMUNITY MISC BAD-SSL tcp detect |
| TCP 192.168.168.106:39152 -> 46.8.78.15:80 | 2034567 | ET INFO curl User-Agent to Dotted Quad |
| TCP 46.8.78.15:80 -> 192.168.168.106:39152 | 2019240 | ET POLICY Executable and linking format (ELF) file download Over HTTP |
