ea269609f3a717d4a67a6156d7e32640.pcap

MD5ea269609f3a717d4a67a6156d7e32640
Submission Date2020-09-28 09:54:12
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2020-07-16T10:40:05.758202-070010.0.2.7510.0.2.3ET POLICY Possible Kali Linux hostname in DHCP Request Packet*
DNS 122
Showing 1-20 of 122 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2020-07-16T10:39:23.362437-070010.0.2.76200.83.1.4querydetectportal.firefox.comA(not set)
2
2020-07-16T10:39:23.384062-0700200.83.1.410.0.2.76answerdetectportal.firefox.comA(not set)
3
2020-07-16T10:39:23.917837-070010.0.2.76200.83.1.4querya1089.dscd.akamai.netA(not set)
4
2020-07-16T10:39:23.936487-0700200.83.1.410.0.2.76answera1089.dscd.akamai.netA(not set)
5
2020-07-16T10:39:23.973991-070010.0.2.76200.83.1.4querymozilla.orgA(not set)
6
2020-07-16T10:39:23.993110-0700200.83.1.410.0.2.76answermozilla.orgA(not set)
7
2020-07-16T10:39:26.276122-070010.0.2.76200.83.1.4queryfirefox.settings.services.mozilla.comA(not set)
8
2020-07-16T10:39:26.297553-0700200.83.1.410.0.2.76answerfirefox.settings.services.mozilla.comA(not set)
9
2020-07-16T10:39:26.403819-070010.0.2.76200.83.1.4queryfirefox.settings.services.mozilla.comA(not set)
10
2020-07-16T10:39:26.429743-0700200.83.1.410.0.2.76answerfirefox.settings.services.mozilla.comA(not set)
11
2020-07-16T10:39:28.432178-070010.0.2.76200.83.1.4querywww.emol.comA(not set)
12
2020-07-16T10:39:28.449279-0700200.83.1.410.0.2.76answerwww.emol.comA(not set)
13
2020-07-16T10:39:28.595533-070010.0.2.76200.83.1.4querywww.virustotal.comA(not set)
14
2020-07-16T10:39:28.634942-0700200.83.1.410.0.2.76answerwww.virustotal.comA(not set)
15
2020-07-16T10:39:28.668937-070010.0.2.76200.83.1.4queryip11.dnsge.comAAAA(not set)
16
2020-07-16T10:39:28.692244-0700200.83.1.410.0.2.76answerip11.dnsge.comAAAA(not set)
17
2020-07-16T10:39:28.709234-070010.0.2.76200.83.1.4querydotnet.microsoft.comA(not set)
18
2020-07-16T10:39:28.732854-070010.0.2.76200.83.1.4querye13678.dspb.akamaiedge.netAAAA(not set)
19
2020-07-16T10:39:28.764293-0700200.83.1.410.0.2.76answere13678.dspb.akamaiedge.netAAAA(not set)
20
2020-07-16T10:39:28.767179-070010.0.2.76200.83.1.4queryofficial-kmspico.comA(not set)
TLS 7
Showing 1-7 of 7 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2020-07-16T10:39:24.964280-070010.0.2.7613.227.203.69TLS 1.2content-signature-2.cdn.mozilla.net
2
2020-07-16T10:39:29.787095-070010.0.2.7613.226.47.63TLS 1.2snippets.cdn.mozilla.net
3
2020-07-16T10:39:25.863643-070010.0.2.7664.233.186.103TLS 1.3www.google.com
4
2020-07-16T10:39:26.475329-070010.0.2.7613.227.203.20TLS 1.2firefox.settings.services.mozilla.com
5
2020-07-16T10:39:30.034734-070010.0.2.7652.41.2.143TLS 1.2push.services.mozilla.com
6
2020-07-16T10:39:31.812720-070010.0.2.7635.160.220.219TLS 1.2incoming.telemetry.mozilla.org
7
2020-07-16T10:39:36.251488-070010.0.2.76172.217.192.190TLS 1.3sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 10
Showing 1-10 of 10 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-07-16T10:39:24.066305-070010.0.2.76detectportal.firefox.com80GET/success.txt200
2
2020-07-16T10:39:24.269256-070010.0.2.76detectportal.firefox.com80GET/success.txt?ipv4200
3
2020-07-16T10:39:30.406451-070010.0.2.7610.0.2.7580GET/200
4
2020-07-16T10:39:26.566614-070010.0.2.76ocsp.pki.goog80POST/gts1o1core200
5
2020-07-16T10:39:30.958045-070010.0.2.76ocsp.digicert.com80POST/200
6
2020-07-16T10:39:32.160108-070010.0.2.76ocsp.digicert.com80POST/200
7
2020-07-16T10:40:23.535367-070010.0.2.76detectportal.firefox.com80GET/success.txt?ipv4200
8
2020-07-16T10:39:33.853457-070010.0.2.7610.0.2.7580GET/putty.exe200
9
2020-07-16T10:39:36.863534-070010.0.2.76ocsp.pki.goog80POST/gts1o1core200
10
2020-07-16T10:40:23.535367-070010.0.2.76detectportal.firefox.com80GET/success.txt200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 84
Showing 1-20 of 84 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-07-16T10:40:45.568293-0700426565700108645flow10.0.2.7664612200.83.1.453UDPpcapanalyzer
2
2020-07-16T10:40:45.568293-0700848868355926604flow10.0.2.7650169200.83.1.453UDPpcapanalyzer
3
2020-07-16T10:40:45.568293-07001694689155421592flow10.0.2.7649632224.0.0.2525355UDPpcapanalyzer
4
2020-07-16T10:40:45.568293-07001135050616854118flow10.0.2.7651432200.83.1.453UDPpcapanalyzer
5
2020-07-16T10:40:45.568293-07001979763310254775flow10.0.2.7650750172.217.192.190443TCPpcapanalyzer
6
2020-07-16T10:40:45.568293-07002122210195193052flow10.0.2.7652970200.83.1.453UDPpcapanalyzer
7
2020-07-16T10:40:45.568293-070013900943941171flow10.0.2.7660531200.83.1.453UDPpcapanalyzer
8
2020-07-16T10:40:45.568293-0700436517135540621flow10.0.2.765073564.233.186.103443TCPpcapanalyzer
9
2020-07-16T10:40:45.568293-0700860988758627736flowfe80:0000:0000:0000:6936:9e4d:ced5:0d3e52535ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
10
2020-07-16T10:40:45.568293-07002129034901709742flow10.0.2.7661510200.83.1.453UDPpcapanalyzer
11
2020-07-16T10:40:45.568293-07002129146567296392flow10.0.2.7656400200.83.1.453UDPpcapanalyzer
12
2020-07-16T10:40:45.568293-07001988795625951858flow10.0.2.7651132200.83.1.453UDPpcapanalyzer
13
2020-07-16T10:40:45.568293-07001848208461325747flow10.0.2.7662626200.83.1.453UDPpcapanalyzer
14
2020-07-16T10:40:45.568293-07001146337790907050flow10.0.2.765073952.41.2.143443TCPpcapanalyzer
15
2020-07-16T10:40:45.568293-07001005699086940148flow10.0.2.7659007200.83.1.453UDPpcapanalyzer
16
2020-07-16T10:40:45.568293-07001429719737904197flow10.0.2.7613810.0.2.255138UDPpcapanalyzer
17
2020-07-16T10:40:45.568293-0700307990239483970flow10.0.2.7662502200.83.1.453UDPpcapanalyzer
18
2020-07-16T10:40:45.568293-07002138599790797218flow10.0.2.7661891200.83.1.453UDPpcapanalyzer
19
2020-07-16T10:40:45.568293-0700872967417925037flow10.0.2.7665445200.83.1.453UDPpcapanalyzer
20
2020-07-16T10:40:45.568293-0700451253168516790flow10.0.2.7660745200.83.1.453UDPpcapanalyzer
File 14
Showing 1-14 of 14 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2020-07-16T10:39:24.066305-0700190.46.255.10710.0.2.76/success.txtASCII text8
2
2020-07-16T10:39:30.406451-070010.0.2.7510.0.2.76/HTML document, ASCII text256
3
2020-07-16T10:39:24.269256-0700190.46.255.10710.0.2.76/success.txtASCII text8
4
2020-07-16T10:39:26.239869-070010.0.2.76172.217.192.94/gts1o1coredata83
5
2020-07-16T10:39:26.566614-0700172.217.192.9410.0.2.76/gts1o1coredata471
6
2020-07-16T10:39:30.700673-070010.0.2.76192.16.58.8/data83
7
2020-07-16T10:39:30.958045-0700192.16.58.810.0.2.76/data471
8
2020-07-16T10:39:31.902537-070010.0.2.76192.16.58.8/data83
9
2020-07-16T10:39:32.160108-0700192.16.58.810.0.2.76/data471
10
2020-07-16T10:40:23.535367-0700190.46.255.10710.0.2.76/success.txtASCII text8
11
2020-07-16T10:39:33.853457-070010.0.2.7510.0.2.76/putty.exePE32 executable (GUI) Intel 80386, for MS Windows1085440
12
2020-07-16T10:39:36.343335-070010.0.2.76172.217.192.94/gts1o1coredata83
13
2020-07-16T10:39:36.863534-0700172.217.192.9410.0.2.76/gts1o1coredata471
14
2020-07-16T10:40:23.535367-0700190.46.255.10710.0.2.76/success.txtASCII text8

Comments(not set)

Update Download PCAP Delete