network_capture.pcap

MD515c9e1c66d750c394c672cd6869049ba
Submission Date2018-06-13 17:06:55
Tagsp2p
Alert 7
Showing 1-7 of 7 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-06-11T06:51:35.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
2
2017-06-11T06:51:35.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
3
2017-06-11T06:51:36.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
4
2017-06-11T06:51:37.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
5
2017-06-11T06:51:39.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
6
2017-06-11T06:51:43.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
7
2017-06-11T06:51:51.000000-0700192.168.80.13752.87.201.4ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
DNS 628
Showing 1-20 of 628 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-06-11T06:51:04.000000-0700192.168.80.137192.168.80.2querywww.alibaba.comA(not set)
2
2017-06-11T06:51:04.000000-0700192.168.80.2192.168.80.137answerwww.alibaba.comA(not set)
3
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2queryxA(not set)
4
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answerxA(not set)
5
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2queryopen-s.alibaba.comA(not set)
6
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2querymessagebeach.alibaba.comA(not set)
7
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2querynotification.alibaba.comA(not set)
8
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answeropen-s.alibaba.comA(not set)
9
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2querymessagebeach.alibaba.comA(not set)
10
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answernotification.alibaba.comA(not set)
11
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2querymarketing.alibaba.comA(not set)
12
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2queryexpand.alibaba.comA(not set)
13
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2queryclients1.google.comA(not set)
14
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answermessagebeach.alibaba.comA(not set)
15
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answerclients1.google.comA(not set)
16
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answerexpand.alibaba.comA(not set)
17
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2querygj.mmstat.comA(not set)
18
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answergj.mmstat.comA(not set)
19
2017-06-11T06:51:05.000000-0700192.168.80.2192.168.80.137answermarketing.alibaba.comA(not set)
20
2017-06-11T06:51:05.000000-0700192.168.80.137192.168.80.2querydmtracking2.alibaba.comA(not set)
TLS 230
Showing 1-20 of 230 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2017-06-11T06:51:06.000000-0700192.168.80.137205.204.101.142TLS 1.2expand.alibaba.com
2
2017-06-11T06:51:06.000000-0700192.168.80.13774.125.206.154TLS 1.2stats.g.doubleclick.net
3
2017-06-11T06:51:10.000000-0700192.168.80.137198.11.132.66TLS 1.2retcode.taobao.com
4
2017-06-11T06:51:09.000000-0700192.168.80.137198.11.132.66TLS 1.2retcode.taobao.com
5
2017-06-11T06:51:06.000000-0700192.168.80.137216.58.206.46TLS 1.2www.google-analytics.com
6
2017-06-11T06:51:09.000000-0700192.168.80.137198.11.132.66TLS 1.2retcode.taobao.com
7
2017-06-11T06:51:09.000000-0700192.168.80.137198.11.132.66TLS 1.2retcode.taobao.com
8
2017-06-11T06:51:10.000000-0700192.168.80.137198.11.132.66TLS 1.2retcode.taobao.com
9
2017-06-11T06:51:20.000000-0700192.168.80.13723.43.66.64TLS 1.2assets.alicdn.com
10
2017-06-11T06:51:41.000000-0700192.168.80.137199.16.156.232TLS 1.2analytics.twitter.com
11
2017-06-11T06:52:00.000000-0700192.168.80.13731.13.90.6TLS 1.2connect.facebook.net
12
2017-06-11T06:52:01.000000-0700192.168.80.137185.60.216.19TLS 1.2scontent.xx.fbcdn.net
13
2017-06-11T06:52:02.000000-0700192.168.80.137104.244.46.39TLS 1.2pbs.twimg.com
14
2017-06-11T06:52:02.000000-0700192.168.80.137104.244.46.39TLS 1.2pbs.twimg.com
15
2017-06-11T06:52:02.000000-0700192.168.80.13793.184.220.70TLS 1.2abs.twimg.com
16
2017-06-11T06:52:03.000000-0700192.168.80.137104.244.46.39TLS 1.2ton.twimg.com
17
2017-06-11T06:52:15.000000-0700192.168.80.13754.230.196.186TLS 1.2images-na.ssl-images-amazon.com
18
2017-06-11T06:52:19.000000-0700192.168.80.13752.94.228.167TLS 1.2s.media-imdb.com
19
2017-06-11T06:52:26.000000-0700192.168.80.13754.230.196.186TLS 1.2images-na.ssl-images-amazon.com
20
2017-06-11T06:52:26.000000-0700192.168.80.1372.21.188.62TLS 1.2cdn.doubleverify.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 691
Showing 1-20 of 691 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2017-06-11T06:51:04.000000-0700192.168.80.137www.alibaba.com80GET/200
2
2017-06-11T06:51:05.000000-0700192.168.80.137open-s.alibaba.com80GET/openservice/categoryNaviViewService?appKey=a5m1ismomeptugvfmkkjnwwqnwyrhpb1&appName=magellan&callback=jQuery18304926156388644971_1497189064884&_=1497189065084200
3
2017-06-11T06:51:05.000000-0700192.168.80.137open-s.alibaba.com80GET/openservice/homeOrderInfoViewService?appKey=a5m1ismomeptugvfmkkjnwwqnwyrhpb1&appName=magellan&callback=jQuery18304926156388644971_1497189064880&_=1497189064951200
4
2017-06-11T06:51:05.000000-0700192.168.80.137open-s.alibaba.com80GET/openservice/userBehaviorProductViewService?appKey=a5m1ismomeptugvfmkkjnwwqnwyrhpb1&appName=magellan&callback=jQuery18304926156388644971_1497189064885&_=1497189065087200
5
2017-06-11T06:51:05.000000-0700192.168.80.137notification.alibaba.com80GET/notification.do?callback=jQuery18304926156388644971_1497189064882&_=1497189065014200
6
2017-06-11T06:51:05.000000-0700192.168.80.137open-s.alibaba.com80GET/openservice/homeCategoryNavigitionViewService?appKey=a5m1ismomeptugvfmkkjnwwqnwyrhpb1&appName=magellan&callback=jQuery18304926156388644971_1497189064887&_=1497189065188200
7
2017-06-11T06:51:05.000000-0700192.168.80.137expand.alibaba.com80GET/adread/queryContentByAbtCode.jsonp?resourceCode=ICBU_HOME_MAIN_BANNER_2017_SLIDER_1,ICBU_HOME_MAIN_BANNER_2017_SLIDER_2,ICBU_HOME_MAIN_BANNER_2017_SLIDER_3,ICBU_HOME_MAIN_BANNER_2017_SLIDER_4,ICBU_HOME_MAIN_BANNER_2017_SLIDER_5,ICBU_HOME_MAIN_BANNER_2017_SLIDER_6,ICBU_HOME_MAIN_BANNER_2017_SLIDER_7&callback=jQuery18304926156388644971_1497189064888&_=1497189065189301
8
2017-06-11T06:51:06.000000-0700192.168.80.137gm.mmstat.com80GET/sc.13.1?cache=296376d&gmkey=OTHER&gokey=type%3DuserLogin%26result%3DuserNotLogin%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F59.0.3071.86%2520Safari%252F537.36%26browser%3DChrome&cna=&isbeta=5&spm-cnt=a2700.8293689.0.0.tHlJd6&logtype=2200
9
2017-06-11T06:51:05.000000-0700192.168.80.137gj.mmstat.com80GET/7.gif?logtype=1&title=&pre=&cache=6499abe&scr=1920x1080&isbeta=5&spm-cnt=a2700.8293689.0.0.tHlJd6&aplus&userid=&ali_beacon_id=151.231.124.197.1497188938600.266007.0&ali_apache_id=151.231.124.197.1497188935159.011333.6&ali_apache_track=%22%22&ali_apache_tracktmp=%22%22&dmtrack_c=%7Bali_resin_trace%3Daisn_homepage_version%3Dnew%7Caep_usuc_f%3D-%7Caeu_cid%3D-%7D&pageid=97e77cc50ab1d8ab593d4ac915c976c227f2b8fd75&hn=aisn010177216171.ot7&asid=AQAAAADJSj1Z97iKVAAAAADBZ36wNp1Jpg%3D%3D&dmtrack_b=%7Bifm%3D0%7Clogin%3D0%7D&p=1&o=win10&b=chrome59&s=1920x1080&w=webkit&mx=360ee302
10
2017-06-11T06:51:06.000000-0700192.168.80.137gm.mmstat.com80GET/sc.13.1?cache=2389656&gmkey=OTHER&gokey=type%3DisSupportACM%26result%3DnotSupportACM%26href%3Dhttp%253A%252F%252Fwww.alibaba.com%252F%26notification%3Ddefault%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F59.0.3071.86%2520Safari%252F537.36%26browser%3DChrome&cna=&isbeta=5&spm-cnt=a2700.8293689.0.0.tHlJd6&logtype=2200
11
2017-06-11T06:51:06.000000-0700192.168.80.137open-s.alibaba.com80GET/openservice/homeSupplierViewService?appKey=a5m1ismomeptugvfmkkjnwwqnwyrhpb1&appName=magellan&callback=jQuery18304926156388644971_1497189064887&dmtrack_pageid=97e77cc50ab1d8ab593d4ac915c976c227f2b8fd75&cid=43&_=1497189065665200
12
2017-06-11T06:51:06.000000-0700192.168.80.137gm.mmstat.com80GET/sc.13.1?cache=8287631&gmkey=OTHER&gokey=type%3DsubscribePopup%26result%3Dbefore%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F59.0.3071.86%2520Safari%252F537.36%26browser%3DChrome&cna=&isbeta=5&spm-cnt=a2700.8293689.0.0.tHlJd6&logtype=2200
13
2017-06-11T06:51:06.000000-0700192.168.80.137pcookie.alibaba.com80GET/app.gif?&cna=SjjEET3tWBUCAZfnfMWW4qxH200
14
2017-06-11T06:51:06.000000-0700192.168.80.137gm.mmstat.com80GET/sc.13.1?cache=c9f9f64&gmkey=OTHER&gokey=type%3DuserCookie%26result%3DuserNoneCookie%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F59.0.3071.86%2520Safari%252F537.36%26browser%3DChrome&cna=&isbeta=5&spm-cnt=a2700.8293689.0.0.tHlJd6&logtype=2200
15
2017-06-11T06:51:06.000000-0700192.168.80.137i.alicdn.com80GET/sc-aisn/node_modules/@alife/alpha-icon/src/svg/build/css/64px/svg/sprite.3750c4a3.svg200
16
2017-06-11T06:51:06.000000-0700192.168.80.137sc02.alicdn.com80GET/kf/HTB10.blKFXXXXXTapXXq6xXFXXXA.jpg_80x80.jpg_.webp200
17
2017-06-11T06:51:06.000000-0700192.168.80.137sc02.alicdn.com80GET/kf/HTB1cWhnOFXXXXaBXXXXq6xXFXXXA.jpg_80x80.jpg_.webp200
18
2017-06-11T06:51:06.000000-0700192.168.80.137sc02.alicdn.com80GET/kf/HTB1ihf9KVXXXXciXXXXq6xXFXXXZ/350W-Commercial-Electric-Fruit-Vegetable-Chopper-Slicer.jpg_120x120.jpg_.webp200
19
2017-06-11T06:51:06.000000-0700192.168.80.137gm.mmstat.com80GET/sc.migrate.realctr?cache=34d75b3&gmkey=&gokey=exp_product%3Did-firstScreen%252Cpos-1%252Cs-1497189065198%252Ce-0%253Bid-belt%252Cpos-2%252Cs-1497189065214%252Ce-0%253Bid-wholesale%252Cpos-3%252Cs-1497189065214%252Ce-0%26st_page_id%3D97e77cc50ab1d8ab593d4ac915c976c227f2b8fd75%26ali_beacon_id%3D151.231.124.197.1497188938600.266007.0%26inc%3D0%26clickid%3D975409407%26ali_apache_track%3D%2522%2522&cna=&isbeta=5&spm-cnt=a2700.8293689.0.0.tHlJd6&logtype=2200
20
2017-06-11T06:51:06.000000-0700192.168.80.137sc01.alicdn.com80GET/kf/HTB1Vk1xOVXXXXcCXXXXq6xXFXXXi/Liquid-filling-machine-Liquid-Filling-Machine-Manually.jpg_120x120.jpg_.webp200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 778
Showing 1-20 of 778 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2017-06-11T06:52:00.000000-07002180133096587264flow192.168.80.13759994224.0.0.2525355UDPpcapanalyzer
2
2017-06-11T06:52:00.000000-0700798794304782336flow10.10.10.159994224.0.0.2525355UDPpcapanalyzer
3
2017-06-11T06:52:00.000000-07001394252865667072flowfe80:0000:0000:0000:9914:0e75:3e64:715259994ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
4
2017-06-11T06:52:00.000000-07001701864866250752flow192.168.80.13763049224.0.0.2525355UDPpcapanalyzer
5
2017-06-11T06:52:00.000000-0700965215697960960flowfe80:0000:0000:0000:9914:0e75:3e64:715263049ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
6
2017-06-11T06:52:00.000000-07001961255121125376flow10.10.10.163049224.0.0.2525355UDPpcapanalyzer
7
2017-06-11T06:55:02.000000-0700985232401367040flow192.168.80.13752718216.58.206.33443TCPpcapanalyzer
8
2017-06-11T06:55:02.000000-0700703948542115840flow192.168.80.13751638195.59.70.23880TCPpcapanalyzer
9
2017-06-11T06:55:02.000000-0700704000096272384flow192.168.80.13753002216.58.206.46443TCPpcapanalyzer
10
2017-06-11T06:55:02.000000-07002111413629485056flow192.168.80.13751551216.58.206.42443TCPpcapanalyzer
11
2017-06-11T06:55:02.000000-0700563833827557376flow192.168.80.13752224185.60.216.19443TCPpcapanalyzer
12
2017-06-11T06:55:02.000000-0700986125746110464flow192.168.80.13751673198.11.132.19880TCPpcapanalyzer
13
2017-06-11T06:55:02.000000-07001267637231550464flow192.168.80.13751944198.11.132.22180TCPpcapanalyzer
14
2017-06-11T06:55:02.000000-07001689954923380736flow192.168.80.13751976198.11.132.8380TCPpcapanalyzer
15
2017-06-11T06:55:02.000000-0700282953700868096flow192.168.80.1375170423.43.66.6480TCPpcapanalyzer
16
2017-06-11T06:55:02.000000-07001127464529625088flow10.10.10.113710.10.10.255137UDPpcapanalyzer
17
2017-06-11T06:55:02.000000-0700283166308827136flow192.168.80.13752600216.58.206.45443TCPpcapanalyzer
18
2017-06-11T06:55:02.000000-0700283247906455552flow192.168.80.1375181723.43.66.6480TCPpcapanalyzer
19
2017-06-11T06:55:02.000000-0700986954676371456flow192.168.80.13751959205.204.101.15880TCPpcapanalyzer
20
2017-06-11T06:55:02.000000-0700846311683063808flow192.168.80.13752536151.249.94.8680TCPpcapanalyzer
File 628
Showing 1-20 of 628 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2017-06-11T06:51:04.000000-0700198.11.132.23192.168.80.137/HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators64787
2
2017-06-11T06:51:05.000000-0700205.204.101.142192.168.80.137/openservice/categoryNaviViewServiceASCII text, with very long lines, with no line terminators55907
3
2017-06-11T06:51:05.000000-0700205.204.101.142192.168.80.137/openservice/homeOrderInfoViewServiceASCII text, with no line terminators121
4
2017-06-11T06:51:05.000000-0700205.204.101.142192.168.80.137/openservice/userBehaviorProductViewServiceASCII text, with no line terminators102
5
2017-06-11T06:51:05.000000-0700205.204.101.142192.168.80.137/notification.doASCII text, with very long lines, with CRLF line terminators396
6
2017-06-11T06:51:05.000000-0700205.204.101.142192.168.80.137/openservice/homeCategoryNavigitionViewServiceASCII text, with very long lines, with no line terminators4708
7
2017-06-11T06:51:05.000000-0700205.204.101.142192.168.80.137/adread/queryContentByAbtCode.jsonpHTML document, ASCII text, with CRLF line terminators278
8
2017-06-11T06:51:05.000000-070047.88.68.22192.168.80.137/7.gifGIF image data, version 89a, 1 x 143
9
2017-06-11T06:51:06.000000-0700198.11.132.221192.168.80.137/sc.13.1GIF image data, version 89a, 1 x 143
10
2017-06-11T06:51:06.000000-070047.88.68.21192.168.80.137/sc.13.1GIF image data, version 89a, 1 x 143
11
2017-06-11T06:51:06.000000-0700205.204.101.142192.168.80.137/openservice/homeSupplierViewServiceASCII text, with very long lines, with no line terminators16611
12
2017-06-11T06:51:06.000000-0700205.204.101.182192.168.80.137/sc.13.1GIF image data, version 89a, 1 x 143
13
2017-06-11T06:51:06.000000-0700198.11.132.222192.168.80.137/app.gifGIF image data, version 89a, 1 x 143
14
2017-06-11T06:51:06.000000-0700198.11.132.221192.168.80.137/sc.13.1GIF image data, version 89a, 1 x 143
15
2017-06-11T06:51:06.000000-070023.43.66.64192.168.80.137/sc-aisn/node_modules/@alife/alpha-icon/src/svg/build/css/64px/svg/sprite.3750c4a3.svgSVG Scalable Vector Graphics image21058
16
2017-06-11T06:51:06.000000-070023.43.66.64192.168.80.137/kf/HTB10.blKFXXXXXTapXXq6xXFXXXA.jpg_80x80.jpg_.webpRIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp3648
17
2017-06-11T06:51:06.000000-070023.43.66.64192.168.80.137/kf/HTB1cWhnOFXXXXaBXXXXq6xXFXXXA.jpg_80x80.jpg_.webpRIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp3254
18
2017-06-11T06:51:06.000000-070023.43.66.64192.168.80.137/kf/HTB1ihf9KVXXXXciXXXXq6xXFXXXZ/350W-Commercial-Electric-Fruit-Vegetable-Chopper-Slicer.jpg_120x120.jpg_.webpRIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp3200
19
2017-06-11T06:51:06.000000-0700198.11.132.221192.168.80.137/sc.migrate.realctrGIF image data, version 89a, 1 x 143
20
2017-06-11T06:51:06.000000-070023.43.66.64192.168.80.137/kf/HTB1Vk1xOVXXXXcCXXXXq6xXFXXXi/Liquid-filling-machine-Liquid-Filling-Machine-Manually.jpg_120x120.jpg_.webpRIFF (little-endian) data, Web/P image, VP8 encoding, 93x120, Scaling: [none]x[none], YUV color, decoders should clamp2006

Comments

Update Download PCAP Delete