a7aae835...4d15 | Network
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Trojan, Dropper, Downloader, Spyware, Backdoor, Exploit

a7aae83573aa9a682ce9733468882e841564f41ec4aa004cb795b98fd4834d15 (SHA256)

SS BRAID PO.doc.rtf

RTF Document

Created at 2018-09-05 20:13:00

Notifications (2/2)

The maximum number of reputation URL requests (25 per analysis) was exceeded. As a result, the reputation status could not be queried for all contacted URLs. In order to get the reputation status for all contacted URLs, please increase the 'Max URL Requests' setting in the system configurations.

The overall sleep time of all monitored processes was truncated from "16 minutes, 44 seconds" to "2 minutes, 10 seconds" to reveal dormant functionality.

Remarks

The maximum number of reputation URL requests (25 per analysis) was exceeded. As a result, the reputation status could not be queried for all contacted URLs. In order to get the reputation status for all contacted URLs, please increase the 'Max URL Requests' setting in the system configurations.

The WHOIS data of contacted domains could not be determined since the WHOIS service was disabled during the submission.

Network Overview

Hosts (9)
»
Hostname IP Address Location Protocols Reputation Status WHOIS Data
rollboat.tk 89.40.14.229 Lithuania HTTP, TCP, UDP
Has Blacklisted URL
Not Queried
ykyd69q fe80:0000:0000:0000:cc69:dee7:228c:baff, 192.168.0.105 - -
Unknown
Not Queried
whatismyipaddress.com 104.16.17.96, 104.16.20.96, 104.16.18.96, 104.16.19.96, 104.16.16.96 United States HTTP, TCP, UDP
Unknown
Not Queried
smtp.gmail.com 64.233.166.108, 64.233.166.109 United States TCP
Unknown
Not Queried
ocsp2.globalsign.com, global.prd.cdn.globalsign.com, prod.globalsign.map.fastly.net, crl.globalsign.com 151.101.114.133 - HTTP, TCP, UDP
Unknown
Not Queried
ocos-office365-s2s.msedge.net, ocos-office365-s2s-msedge-net.e-0009.e-msedge.net, e-0009.e-msedge.net 13.107.5.88 - TCP, UDP
Unknown
Not Queried
client-office365-tas.msedge.net, afdo-tas-offload.trafficmanager.net, vip5.afdorigin-prod-mwh02.afdogw.com 51.141.166.104 - TCP, UDP
Unknown
Not Queried
config.edge.skype.com, s-0001.s-msedge.net 13.107.3.128 - TCP, UDP
Unknown
Not Queried
crl.verisign.com, crl-symcprod.digicert.com, cs9.wac.phicdn.net 93.184.220.29 - HTTP, TCP, UDP
Unknown
Not Queried
DNS Queries (10)
»
Hostname Categories Names Source Reputation Status
rollboat.tk - - PCAP
Blacklisted
ykyd69q - - Function Log
Unknown
whatismyipaddress.com - - Function Log
Unknown
smtp.gmail.com - - Function Log
Unknown
ocsp2.globalsign.com - - PCAP
Unknown
crl.globalsign.com - - PCAP
Unknown
ocos-office365-s2s.msedge.net - - PCAP
Unknown
client-office365-tas.msedge.net - - PCAP
Unknown
config.edge.skype.com - - PCAP
Unknown
crl.verisign.com - - PCAP
Unknown
URLs (5)
»
URL Categories Names Source HTTP Status Code Reputation Status
http://rollboat.tk/new/kc.exe Malware Mal/HTMLGen-A Function Log -
Blacklisted
http://whatismyipaddress.com/ - - Function Log FORBIDDEN (403)
Unknown
http://ocsp2.globalsign.com/gscodesignsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQpEOCqbmTiQA9OjY%2F%2Ft2aa8NSkuwQUGUq4WuRNMaUU5V7sL6Mc%2BoCMMmsCEhEhr0NghltULzlkczOf0L9mqQ%3D%3D - - PCAP OK (200)
Unknown
http://crl.globalsign.com/gs/gscodesignsha2g2.crl - - PCAP OK (200)
Unknown
http://crl.verisign.com/tss-ca.crl - - PCAP OK (200)
Unknown

Connections

URL (1)
»
Operation Additional Information Success Count Logfile
Download url = http://rollboat.tk/new/kc.exe, filename = C:\Users\aETAdzjz\AppData\Roaming\jsjhdhdhdhjfjhhf.exe True 1
Fn
DNS (21)
»
Operation Additional Information Success Count Logfile
Get Hostname name_out = YKyd69q True 1
Fn
Resolve Name host = YKyd69q, address_out = fe80:0000:0000:0000:cc69:dee7:228c:baff, 192.168.0.105 True 1
Fn
Resolve Name host = whatismyipaddress.com, address_out = 104.16.17.96, 104.16.20.96, 104.16.18.96, 104.16.19.96, 104.16.16.96 True 1
Fn
Resolve Name host = smtp.gmail.com, address_out = 64.233.166.108, 64.233.166.109 True 2
Fn
Resolve Name host = crl.globalsign.com, address_out = 151.101.114.133 True 2 -
Resolve Name host = ocos-office365-s2s.msedge.net, address_out = 13.107.5.88 True 2 -
Resolve Name host = rollboat.tk, address_out = 89.40.14.229 True 1 -
Resolve Name host = ocsp2.globalsign.com, address_out = 151.101.114.133 True 2 -
Resolve Name host = crl.verisign.com, address_out = 93.184.220.29 True 2 -
Resolve Name host = whatismyipaddress.com, address_out = 104.16.17.96 True 1 -
Resolve Name host = config.edge.skype.com, address_out = 13.107.3.128 True 2 -
Resolve Name host = client-office365-tas.msedge.net, address_out = 51.141.166.104 True 4 -
TCP Sessions (21)
»
Information Value
Total Data Sent 39.81 KB
Total Data Received 469.64 KB
Contacted Host Count 8
Contacted Hosts 151.101.114.133, 13.107.5.88, 51.141.166.104, 13.107.3.128, 89.40.14.229, 93.184.220.29, 104.16.17.96, 64.233.166.108:587
TCP Session #1
»
Information Value
Handle 0x368
Address Family AF_INET
Type SOCK_STREAM
Protocol IPPROTO_TCP
Remote Address 64.233.166.108
Remote Port 587
Local Address 0.0.0.0
Local Port 49195
Data Sent 3.70 KB
Data Received 3.77 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Connect remote_address = 64.233.166.108, remote_port = 587 True 1
Fn
Receive flags = NO_FLAG_SET, size = 256, size_out = 57 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 14, size_out = 14 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 256, size_out = 169 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 10, size_out = 10 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 256, size_out = 30 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 118, size_out = 118 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 87, size_out = 87 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 2291, size_out = 2291 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 331, size_out = 331 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 4, size_out = 4 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 134, size_out = 134 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 1, size_out = 1 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 48, size_out = 48 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 53, size_out = 53 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 256, size_out = 256 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 85, size_out = 85 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 48, size_out = 48 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 53, size_out = 53 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 48, size_out = 48 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 69, size_out = 69 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 80, size_out = 80 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 69, size_out = 69 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 80, size_out = 80 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 37, size_out = 37 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 80, size_out = 80 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 309, size_out = 309 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 2725, size_out = 2725 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 37, size_out = 37 True 2
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 80, size_out = 80 True 1
Fn
Data
Send flags = NO_FLAG_SET, size = 37, size_out = 37 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 5, size_out = 5 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 96, size_out = 96 True 1
Fn
Data
Close type = SOCK_STREAM True 1
Fn
TCP Session #2
»
Information Value
Source PCAP
Stream ID 0
Remote Address 151.101.114.133
Remote Port 80
Local Address 192.168.0.105
Local Port 49171
Data Sent 0.65 KB
Data Received 1.58 KB
Time Highest Layer Additional Information Success
2.354792 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
2.375303 s TCP Data Sent: 0.05 KB, Data Received: 1.46 KB True
2.377757 s HTTP Data Sent: 0.42 KB, Data Received: 0.05 KB True
2.450861 s TCP Data Sent: 0.06 KB, Data Received: 0.00 KB False
173.550768 s TCP Data Sent: 0.05 KB, Data Received: 0.00 KB False
TCP Session #3
»
Information Value
Source PCAP
Stream ID 1
Remote Address 13.107.5.88
Remote Port 443
Local Address 192.168.0.105
Local Port 49172
Data Sent 1.13 KB
Data Received 2.26 KB
Time Highest Layer Additional Information Success
2.489858 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
2.518987 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
2.548349 s SSL Data Sent: 0.22 KB, Data Received: 0.05 KB True
2.579050 s TCP Data Sent: 0.05 KB, Data Received: 0.14 KB True
2.607653 s SSL Data Sent: 0.21 KB, Data Received: 0.05 KB True
2.874974 s TCP Data Sent: 0.06 KB, Data Received: 0.37 KB True
3.062912 s SSL Data Sent: 0.42 KB, Data Received: 0.05 KB True
3.087152 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
TCP Session #4
»
Information Value
Source PCAP
Stream ID 2
Remote Address 51.141.166.104
Remote Port 443
Local Address 192.168.0.105
Local Port 49173
Data Sent 1.65 KB
Data Received 9.88 KB
Time Highest Layer Additional Information Success
2.531872 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
2.703837 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
2.705517 s SSL Data Sent: 0.22 KB, Data Received: 1.48 KB True
2.883986 s TCP Data Sent: 0.05 KB, Data Received: 1.02 KB True
2.892937 s SSL Data Sent: 0.21 KB, Data Received: 0.14 KB True
3.066568 s SSL Data Sent: 0.68 KB, Data Received: 1.48 KB True
3.575893 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
3.576154 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
3.743316 s TCP Data Sent: 0.06 KB, Data Received: 1.20 KB True
5.467272 s TCP Data Sent: 0.06 KB, Data Received: 0.00 KB False
5.467343 s TCP Data Sent: 0.06 KB, Data Received: 0.00 KB False
5.467363 s TCP Data Sent: 0.06 KB, Data Received: 0.05 KB True
TCP Session #5
»
Information Value
Source PCAP
Stream ID 3
Remote Address 13.107.3.128
Remote Port 443
Local Address 192.168.0.105
Local Port 49174
Data Sent 1.55 KB
Data Received 9.29 KB
Time Highest Layer Additional Information Success
2.565169 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
2.600146 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
2.608153 s SSL Data Sent: 0.21 KB, Data Received: 0.05 KB True
2.639584 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
2.666630 s TCP Data Sent: 0.05 KB, Data Received: 0.14 KB True
2.672325 s SSL Data Sent: 0.21 KB, Data Received: 0.05 KB True
2.900094 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
3.091473 s SSL Data Sent: 0.59 KB, Data Received: 0.05 KB True
3.134683 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
3.134859 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
3.134999 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
3.135153 s TCP Data Sent: 0.05 KB, Data Received: 0.00 KB False
3.157800 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
TCP Session #6
»
Information Value
Source PCAP
Stream ID 4
Remote Address 151.101.114.133
Remote Port 80
Local Address 192.168.0.105
Local Port 49175
Data Sent 0.41 KB
Data Received 1.58 KB
Time Highest Layer Additional Information Success
8.004609 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
8.023929 s TCP Data Sent: 0.05 KB, Data Received: 1.46 KB True
8.024140 s HTTP Data Sent: 0.19 KB, Data Received: 0.05 KB True
8.049161 s TCP Data Sent: 0.05 KB, Data Received: 0.00 KB False
173.550067 s TCP Data Sent: 0.05 KB, Data Received: 0.00 KB False
TCP Session #7
»
Information Value
Source PCAP
Stream ID 5
Remote Address 89.40.14.229
Remote Port 80
Local Address 192.168.0.105
Local Port 49176
Data Sent 13.88 KB
Data Received 369.80 KB
Time Highest Layer Additional Information Success
8.339358 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
8.383891 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.384454 s HTTP Data Sent: 0.37 KB, Data Received: 0.05 KB True
8.437318 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.438740 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.439121 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.439538 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.439824 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.477698 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.477906 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.478169 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.478619 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.517705 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.519012 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.555810 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.556027 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.559502 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
8.765755 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
9.346286 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.476602 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.514348 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.514574 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.514868 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.515109 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.550701 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.551041 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.551274 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.551748 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.556725 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.588522 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.588954 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.592259 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.592487 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.597966 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.626342 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.626657 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.626893 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.627096 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.630966 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.636135 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.636816 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.671568 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.672025 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.672181 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.672340 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.672431 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.672872 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.675968 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.716143 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.716366 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.716625 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.716716 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.716913 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.717493 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.720338 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.720569 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.720819 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.721106 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
9.752789 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
The remaining entries of this session are omitted for performance reasons and can be found in analysis.pcap .
The remaining 13 entries are omitted for performance reasons and can be found in glog.xml or analysis.pcap .
UDP Sessions (10)
»
Total Data Sent 0.80 KB
Total Data Received 1.72 KB
Contacted Host Count 1
Contacted Hosts 192.168.0.1
UDP Session #1
»
Information Value
Source PCAP
Stream ID 14
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 54753
Data Sent 0.08 KB
Data Received 0.24 KB
Time Highest Layer Additional Information Success
2.295221 s DNS Data Sent: 0.08 KB, Data Received: 0.24 KB True
UDP Session #2
»
Information Value
Source PCAP
Stream ID 17
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 53384
Data Sent 0.09 KB
Data Received 0.20 KB
Time Highest Layer Additional Information Success
2.485025 s DNS Data Sent: 0.09 KB, Data Received: 0.20 KB True
UDP Session #3
»
Information Value
Source PCAP
Stream ID 18
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 58181
Data Sent 0.09 KB
Data Received 0.20 KB
Time Highest Layer Additional Information Success
2.517308 s DNS Data Sent: 0.09 KB, Data Received: 0.20 KB True
UDP Session #4
»
Information Value
Source PCAP
Stream ID 19
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 50924
Data Sent 0.08 KB
Data Received 0.13 KB
Time Highest Layer Additional Information Success
2.560745 s DNS Data Sent: 0.08 KB, Data Received: 0.13 KB True
UDP Session #5
»
Information Value
Source PCAP
Stream ID 22
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 64816
Data Sent 0.08 KB
Data Received 0.23 KB
Time Highest Layer Additional Information Success
7.988851 s DNS Data Sent: 0.08 KB, Data Received: 0.23 KB True
UDP Session #6
»
Information Value
Source PCAP
Stream ID 25
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 64448
Data Sent 0.07 KB
Data Received 0.08 KB
Time Highest Layer Additional Information Success
8.310143 s DNS Data Sent: 0.07 KB, Data Received: 0.08 KB True
UDP Session #7
»
Information Value
Source PCAP
Stream ID 70
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 60957
Data Sent 0.07 KB
Data Received 0.16 KB
Time Highest Layer Additional Information Success
37.502192 s DNS Data Sent: 0.07 KB, Data Received: 0.16 KB True
UDP Session #8
»
Information Value
Source PCAP
Stream ID 93
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 49765
Data Sent 0.08 KB
Data Received 0.16 KB
Time Highest Layer Additional Information Success
56.363003 s DNS Data Sent: 0.08 KB, Data Received: 0.16 KB True
UDP Session #9
»
Information Value
Source PCAP
Stream ID 117
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 50347
Data Sent 0.09 KB
Data Received 0.20 KB
Time Highest Layer Additional Information Success
125.343303 s DNS Data Sent: 0.09 KB, Data Received: 0.20 KB True
UDP Session #10
»
Information Value
Source PCAP
Stream ID 119
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.105
Local Port 64474
Data Sent 0.08 KB
Data Received 0.13 KB
Time Highest Layer Additional Information Success
126.388516 s DNS Data Sent: 0.08 KB, Data Received: 0.13 KB True
TCP Server (1)
»
Operation Additional Information Success Count Logfile
Listen local_address = 127.0.0.1, local_port = 49189, queue_length = 2147483647 True 1
Fn
HTTP Sessions (15)
»
Information Value
Total Data Sent 4.03 KB
Total Data Received 7.55 KB
Contacted Host Count 9
Contacted Hosts ocsp2.globalsign.com, crl.globalsign.com, ocsp.verisign.com, crl.verisign.com, s2.symcb.com, sv.symcd.com, s.symcd.com, ts-ocsp.ws.symantec.com, whatismyipaddress.com
HTTP Session #1
»
Information Value
Source Function Log
Server Name whatismyipaddress.com
Server Port 80
Data Sent 0.07 KB
Data Received 0.55 KB
Operation Additional Information Success Count Logfile
Open Session access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS True 1
Fn
Open Connection protocol = http, server_name = whatismyipaddress.com, server_port = 80 True 1
Fn
Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = / True 1
Fn
Send HTTP Request headers = host: whatismyipaddress.com, connection: Keep-Alive, url = whatismyipaddress.com/ True 1
Fn
Data
Read Response size = 4096, size_out = 564 True 1
Fn
Data
Close Session - True 1
Fn
HTTP Session #2
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 0
Server Name ocsp2.globalsign.com
Server Port 80
Data Sent 0.42 KB
Data Received 0.75 KB
Time Operation Additional Information Success
2.377757 s Open Connection protocol = http, server_name = ocsp2.globalsign.com, server_port = 80 True
2.377757 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /gscodesignsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQpEOCqbmTiQA9OjY%2F%2Ft2aa8NSkuwQUGUq4WuRNMaUU5V7sL6Mc%2BoCMMmsCEhEhr0NghltULzlkczOf0L9mqQ%3D%3D True
2.377757 s Send HTTP Request headers = host: ocsp2.globalsign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp2.globalsign.com/gscodesignsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQpEOCqbmTiQA9OjY%2F%2Ft2aa8NSkuwQUGUq4WuRNMaUU5V7sL6Mc%2BoCMMmsCEhEhr0NghltULzlkczOf0L9mqQ%3D%3D True
2.401775 s Read Response HTTP Status Code = 200 True
HTTP Session #3
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 4
Server Name crl.globalsign.com
Server Port 80
Data Sent 0.19 KB
Data Received 0.95 KB
Time Operation Additional Information Success
8.024140 s Open Connection protocol = http, server_name = crl.globalsign.com, server_port = 80 True
8.024140 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /gs/gscodesignsha2g2.crl True
8.024140 s Send HTTP Request headers = host: crl.globalsign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://crl.globalsign.com/gs/gscodesignsha2g2.crl True
8.049075 s Read Response HTTP Status Code = 200 True
HTTP Session #4
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 40
Server Name ocsp.verisign.com
Server Port 80
Data Sent 0.43 KB
Data Received 0.50 KB
Time Operation Additional Information Success
150.407676 s Open Connection protocol = http, server_name = ocsp.verisign.com, server_port = 80 True
150.407676 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /ocsp/status/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8rDZ7XHVM4v9dleAl%2FfaHn9a%2FoQQUwfBYxzpw4VJn375XfmInyHRSJicCEAh6bVxvYpNPusT9Q%2BEUGJ0%3D True
150.407676 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/ocsp/status/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8rDZ7XHVM4v9dleAl%2FfaHn9a%2FoQQUwfBYxzpw4VJn375XfmInyHRSJicCEAh6bVxvYpNPusT9Q%2BEUGJ0%3D True
150.547424 s Read Response HTTP Status Code = 200 True
155.861379 s Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = /ocsp/status True
155.861379 s Send HTTP Request headers = host: ocsp.verisign.com, content_type: application/ocsp-request, content_length: 83, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/ocsp/status True
155.962362 s Read Response HTTP Status Code = 200 True
HTTP Session #5
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 40
Server Name ocsp.verisign.com
Server Port 80
Data Sent 0.43 KB
Data Received 0.50 KB
Time Operation Additional Information Success
150.407676 s Open Connection protocol = http, server_name = ocsp.verisign.com, server_port = 80 True
150.407676 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /ocsp/status/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8rDZ7XHVM4v9dleAl%2FfaHn9a%2FoQQUwfBYxzpw4VJn375XfmInyHRSJicCEAh6bVxvYpNPusT9Q%2BEUGJ0%3D True
150.407676 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/ocsp/status/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8rDZ7XHVM4v9dleAl%2FfaHn9a%2FoQQUwfBYxzpw4VJn375XfmInyHRSJicCEAh6bVxvYpNPusT9Q%2BEUGJ0%3D True
150.547424 s Read Response HTTP Status Code = 200 True
155.861379 s Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = /ocsp/status True
155.861379 s Send HTTP Request headers = host: ocsp.verisign.com, content_type: application/ocsp-request, content_length: 83, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/ocsp/status True
155.962362 s Read Response HTTP Status Code = 200 True
HTTP Session #6
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 9
Server Name ocsp.verisign.com
Server Port 80
Data Sent 0.97 KB
Data Received 0.78 KB
Time Operation Additional Information Success
21.170854 s Open Connection protocol = http, server_name = ocsp.verisign.com, server_port = 80 True
21.170854 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
21.170854 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
21.200327 s Read Response HTTP Status Code = 200 True
26.566557 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
26.566557 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
26.761393 s Read Response HTTP Status Code = 200 True
32.043697 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
32.043697 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
32.173714 s Read Response HTTP Status Code = 200 True
HTTP Session #7
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 9
Server Name ocsp.verisign.com
Server Port 80
Data Sent 0.97 KB
Data Received 0.78 KB
Time Operation Additional Information Success
21.170854 s Open Connection protocol = http, server_name = ocsp.verisign.com, server_port = 80 True
21.170854 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
21.170854 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
21.200327 s Read Response HTTP Status Code = 200 True
26.566557 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
26.566557 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
26.761393 s Read Response HTTP Status Code = 200 True
32.043697 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
32.043697 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
32.173714 s Read Response HTTP Status Code = 200 True
HTTP Session #8
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 9
Server Name ocsp.verisign.com
Server Port 80
Data Sent 0.97 KB
Data Received 0.78 KB
Time Operation Additional Information Success
21.170854 s Open Connection protocol = http, server_name = ocsp.verisign.com, server_port = 80 True
21.170854 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
21.170854 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
21.200327 s Read Response HTTP Status Code = 200 True
26.566557 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
26.566557 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
26.761393 s Read Response HTTP Status Code = 200 True
32.043697 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
32.043697 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTO3jAJoCaQZUo7%2B2qJhdK4D6wpuQQUqkwAvoiA5mAvIL8uAwdOcMH2iFUCEA3pK%2FDU2CmIGDIFCV6adog%3D True
32.173714 s Read Response HTTP Status Code = 200 True
HTTP Session #9
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 13
Server Name crl.verisign.com
Server Port 80
Data Sent 0.18 KB
Data Received 0.76 KB
Time Operation Additional Information Success
37.538986 s Open Connection protocol = http, server_name = crl.verisign.com, server_port = 80 True
37.538986 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /tss-ca.crl True
37.538986 s Send HTTP Request headers = host: crl.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://crl.verisign.com/tss-ca.crl True
37.559387 s Read Response HTTP Status Code = 200 True
HTTP Session #10
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 14
Server Name ocsp.verisign.com
Server Port 80
Data Sent 0.37 KB
Data Received 0.33 KB
Time Operation Additional Information Success
39.129123 s Open Connection protocol = http, server_name = ocsp.verisign.com, server_port = 80 True
39.129123 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
39.129123 s Send HTTP Request headers = host: ocsp.verisign.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQJ1TBLBrQ9OnPHXPVaWb87MxkNlgQUwu79F9f%2Btw%2FGciJ7fvbA4gIz7D4CEEe%2FGZXfjVJGQ%2FfbbUgNMaQ%3D True
39.150137 s Read Response HTTP Status Code = 304 True
HTTP Session #11
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 15
Server Name s2.symcb.com
Server Port 80
Data Sent 0.28 KB
Data Received 0.69 KB
Time Operation Additional Information Success
46.073684 s Open Connection protocol = http, server_name = s2.symcb.com, server_port = 80 True
46.073684 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCED141%2Fl2SWCyYX308B7Khio%3D True
46.073684 s Send HTTP Request headers = host: s2.symcb.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://s2.symcb.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCED141%2Fl2SWCyYX308B7Khio%3D True
46.098320 s Read Response HTTP Status Code = 200 True
HTTP Session #12
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 16
Server Name sv.symcd.com
Server Port 80
Data Sent 0.28 KB
Data Received 0.55 KB
Time Operation Additional Information Success
51.422803 s Open Connection protocol = http, server_name = sv.symcd.com, server_port = 80 True
51.422803 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQe6LNDJdqx%2BJOp7hVgTeaGFJ%2FCQgQUljtT8Hkzl699g%2B8uK8zKt4YecmYCEB8NGjlcjTdydMmNuTG2fIw%3D True
51.422803 s Send HTTP Request headers = host: sv.symcd.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://sv.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQe6LNDJdqx%2BJOp7hVgTeaGFJ%2FCQgQUljtT8Hkzl699g%2B8uK8zKt4YecmYCEB8NGjlcjTdydMmNuTG2fIw%3D True
51.513678 s Read Response HTTP Status Code = 200 True
HTTP Session #13
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 19
Server Name s.symcd.com
Server Port 80
Data Sent 0.27 KB
Data Received 0.65 KB
Time Operation Additional Information Success
57.681374 s Open Connection protocol = http, server_name = s.symcd.com, server_port = 80 True
57.681374 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ%2FYHKj6JjF6UBieQioTYpFsuEriQQUtnf6aUhHn1MS1cLqBzJ2B9GXBxkCEHsFsdRJaFFE98mJ0pwZnRI%3D True
57.681374 s Send HTTP Request headers = host: s.symcd.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://s.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ%2FYHKj6JjF6UBieQioTYpFsuEriQQUtnf6aUhHn1MS1cLqBzJ2B9GXBxkCEHsFsdRJaFFE98mJ0pwZnRI%3D True
57.711290 s Read Response HTTP Status Code = 200 True
HTTP Session #14
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 21
Server Name ts-ocsp.ws.symantec.com
Server Port 80
Data Sent 0.57 KB
Data Received 1.05 KB
Time Operation Additional Information Success
65.758484 s Open Connection protocol = http, server_name = ts-ocsp.ws.symantec.com, server_port = 80 True
65.758484 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFRY8qrXQdZEvISpe6CWUuY%3D True
65.758484 s Send HTTP Request headers = host: ts-ocsp.ws.symantec.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ts-ocsp.ws.symantec.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFRY8qrXQdZEvISpe6CWUuY%3D True
65.781141 s Read Response HTTP Status Code = 200 True
112.324554 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFTzfaFxZ1G8ao0K0nSyixM%3D True
112.324554 s Send HTTP Request headers = host: ts-ocsp.ws.symantec.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ts-ocsp.ws.symantec.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFTzfaFxZ1G8ao0K0nSyixM%3D True
112.343655 s Read Response HTTP Status Code = 200 True
HTTP Session #15
»
Information Value
Source PCAP
User Agent Microsoft-CryptoAPI/6.1
Stream ID 21
Server Name ts-ocsp.ws.symantec.com
Server Port 80
Data Sent 0.57 KB
Data Received 1.05 KB
Time Operation Additional Information Success
65.758484 s Open Connection protocol = http, server_name = ts-ocsp.ws.symantec.com, server_port = 80 True
65.758484 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFRY8qrXQdZEvISpe6CWUuY%3D True
65.758484 s Send HTTP Request headers = host: ts-ocsp.ws.symantec.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ts-ocsp.ws.symantec.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFRY8qrXQdZEvISpe6CWUuY%3D True
65.781141 s Read Response HTTP Status Code = 200 True
112.324554 s Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFTzfaFxZ1G8ao0K0nSyixM%3D True
112.324554 s Send HTTP Request headers = host: ts-ocsp.ws.symantec.com, accept: */*, user_agent: Microsoft-CryptoAPI/6.1, url = http://ts-ocsp.ws.symantec.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQd11mpyHEqFCSocj4SCu93CBydHAQUr2PWyqNOhXLgp7xB8ymiOH%2BAdWICEFTzfaFxZ1G8ao0K0nSyixM%3D True
112.343655 s Read Response HTTP Status Code = 200 True
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image