P4S21.pcap

MD51d0198603b7e9f444324b3b527d8aeac
Submission Date2021-04-29 16:22:10
Tags(not set)
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2014-07-14T13:24:22.880521-0700172.29.1.2378.170.63.115ET P2P BitTorrent DHT ping request*
2
2014-07-14T13:26:40.814349-0700172.29.1.2331.172.63.225ET P2P Vuze BT UDP Connection (5)*
DNS 88
Showing 1-20 of 88 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2014-07-14T13:24:21.960519-0700172.29.1.234.2.2.1querywww.huffingtonpost.comA(not set)
2
2014-07-14T13:24:22.007708-07004.2.2.1172.29.1.23answerwww.huffingtonpost.comA(not set)
3
2014-07-14T13:24:31.994038-0700172.29.1.234.2.2.1querymom.meA(not set)
4
2014-07-14T13:24:32.079718-07004.2.2.1172.29.1.23answermom.meA(not set)
5
2014-07-14T13:24:38.174385-0700172.29.1.234.2.2.1queryb.aol.comA(not set)
6
2014-07-14T13:24:38.210106-07004.2.2.1172.29.1.23answerb.aol.comA(not set)
7
2014-07-14T13:24:45.419637-0700172.29.1.234.2.2.1queryclients1.google.comA(not set)
8
2014-07-14T13:24:45.453359-07004.2.2.1172.29.1.23answerclients1.google.comA(not set)
9
2014-07-14T13:24:45.585006-0700172.29.1.234.2.2.1querygtglobal-ocsp.geotrust.comA(not set)
10
2014-07-14T13:24:45.618728-07004.2.2.1172.29.1.23answergtglobal-ocsp.geotrust.comA(not set)
11
2014-07-14T13:24:44.845342-0700172.29.1.234.2.2.1querywww.google.comA(not set)
12
2014-07-14T13:24:44.882562-07004.2.2.1172.29.1.23answerwww.google.comA(not set)
13
2014-07-14T13:24:49.505896-0700172.29.1.234.2.2.1queryapis.google.comA(not set)
14
2014-07-14T13:24:49.539868-07004.2.2.1172.29.1.23answerapis.google.comA(not set)
15
2014-07-14T13:24:57.454590-0700172.29.1.234.2.2.1querygtssl2-ocsp.geotrust.comA(not set)
16
2014-07-14T13:24:57.492309-07004.2.2.1172.29.1.23answergtssl2-ocsp.geotrust.comA(not set)
17
2014-07-14T13:24:58.287928-0700172.29.1.234.2.2.1querytwimgs.comA(not set)
18
2014-07-14T13:24:58.324149-07004.2.2.1172.29.1.23answertwimgs.comA(not set)
19
2014-07-14T13:24:59.709801-0700172.29.1.234.2.2.1querygtssldv-ocsp.geotrust.comA(not set)
20
2014-07-14T13:24:59.744772-07004.2.2.1172.29.1.23answergtssldv-ocsp.geotrust.comA(not set)
TLS 35
Showing 1-20 of 35 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2014-07-14T13:24:45.342452-0700172.29.1.2374.125.239.52TLSv1www.google.com
2
2014-07-14T13:24:47.991846-0700172.29.1.2374.125.239.55TLSv1www.gstatic.com
3
2014-07-14T13:24:49.898834-0700172.29.1.2374.125.239.0TLSv1apis.google.com
4
2014-07-14T13:24:58.565709-0700172.29.1.23141.101.123.223TLSv1www.blackhat.com
5
2014-07-14T13:24:59.178971-0700172.29.1.23141.101.123.223TLSv1www.blackhat.com
6
2014-07-14T13:24:59.370819-0700172.29.1.23141.101.123.223TLSv1www.blackhat.com
7
2014-07-14T13:24:59.387806-0700172.29.1.2374.125.20.95TLSv1fonts.googleapis.com
8
2014-07-14T13:24:46.893217-0700172.29.1.2374.125.224.56TLSv1ssl.gstatic.com
9
2014-07-14T13:24:47.759530-0700172.29.1.2374.125.239.55TLSv1www.gstatic.com
10
2014-07-14T13:24:57.440101-0700172.29.1.23141.101.123.223TLSv1www.blackhat.com
11
2014-07-14T13:25:03.241998-0700172.29.1.2366.235.138.226TLSv1cmp.112.2o7.net
12
2014-07-14T13:24:46.896963-0700172.29.1.2374.125.239.52TLSv1www.google.com
13
2014-07-14T13:24:48.889883-0700172.29.1.2374.125.239.52TLSv1www.google.com
14
2014-07-14T13:24:59.338595-0700172.29.1.23141.101.123.223TLSv1www.blackhat.com
15
2014-07-14T13:24:55.792664-0700172.29.1.2374.125.239.52TLSv1www.google.com
16
2014-07-14T13:24:58.868225-0700172.29.1.23141.101.123.223TLSv1www.blackhat.com
17
2014-07-14T13:25:04.570944-0700172.29.1.2374.125.224.172TLSv1themes.googleusercontent.com
18
2014-07-14T13:24:59.638865-0700172.29.1.23192.155.48.125TLSv1twimgs.com
19
2014-07-14T13:28:28.085502-0700172.29.1.2374.125.239.52TLSv1www.google.com
20
2014-07-14T13:28:29.717972-0700172.29.1.2374.125.28.147TLSv1www.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 45
Showing 1-20 of 45 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2014-07-14T13:24:45.289240-0700172.29.1.23www.google.com80GET/302
2
2014-07-14T13:24:45.789093-0700172.29.1.23clients1.google.com80POST/ocsp200
3
2014-07-14T13:24:45.696926-0700172.29.1.23gtglobal-ocsp.geotrust.com80POST/200
4
2014-07-14T13:24:59.827956-0700172.29.1.23gtssldv-ocsp.geotrust.com80POST/200
5
2014-07-14T13:24:47.288903-0700172.29.1.23clients1.google.com80POST/ocsp200
6
2014-07-14T13:24:59.786489-0700172.29.1.23clients1.google.com80POST/ocsp200
7
2014-07-14T13:25:04.333384-0700172.29.1.23ocsp.digicert.com80POST/200
8
2014-07-14T13:25:04.683854-0700172.29.1.23ocsp.digicert.com80POST/200
9
2014-07-14T13:25:04.879199-0700172.29.1.23clients1.google.com80POST/ocsp200
10
2014-07-14T13:24:57.576493-0700172.29.1.23gtssl2-ocsp.geotrust.com80POST/200
11
2014-07-14T13:25:24.750436-0700172.29.1.23www.google.com80GET/302
12
2014-07-14T13:25:39.044347-0700172.29.1.23www.google.com80GET/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CB0QFjAA&url=http%3A%2F%2Flmgsecurity.com%2Fblog%2F&ei=zDnEU8rNJ5TaoASB4IGoCA&usg=AFQjCNGr4fmWTK1g_uIaxchq3YKMY-PlOw&bvm=bv.70810081,d.cGU200
13
2014-07-14T13:25:39.110553-0700172.29.1.23www.google.com80GET/favicon.ico200
14
2014-07-14T13:25:44.701866-0700172.29.1.23download.cdn.mozilla.net80GET/pub/firefox/releases/30.0/update/win32/en-US/firefox-30.0.complete.mar206
15
2014-07-14T13:28:43.665895-0700172.29.1.23www.wireshark.org80GET/assets/images/xtroubleshooting_with_wireshark_book.png.pagespeed.ic.jy0hutO0nu.png200
16
2014-07-14T13:28:43.750336-0700172.29.1.23fonts.googleapis.com80GET/css?family=Open+Sans+Condensed:300,700200
17
2014-07-14T13:28:44.148511-0700172.29.1.23netdna.bootstrapcdn.com80GET/font-awesome/3.2.1/css/font-awesome.min.css200
18
2014-07-14T13:28:44.390317-0700172.29.1.23www.wireshark.org80GET/assets/images/ws_well_hero_gradient.png200
19
2014-07-14T13:28:45.417264-0700172.29.1.23www.google-analytics.com80GET/ga.js200
20
2014-07-14T13:28:45.827687-0700172.29.1.23www.google-analytics.com80GET/__utm.gif?utmwv=5.5.3&utms=1&utmn=11804323&utmhn=www.wireshark.org&utmcs=UTF-8&utmsr=1152x864&utmvp=1118x697&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Wireshark%20%C2%B7%20Go%20Deep.&utmhid=967062604&utmr=http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3D%26esrc%3Ds%26source%3Dweb%26cd%3D1%26ved%3D0CB0QFjAA%26url%3Dhttp%253A%252F%252Fwww.wireshark.org%252F%26ei%3DhjrEU8nyJtfboATZrICACA%26usg%3DAFQjCNHE63N0oC3FKruR4eA0xdxI87juZg%26bvm%3Dbv.70810081%2Cd.cGU&utmp=%2F&utmht=1405368973228&utmac=UA-605389-2&utmcc=__utma%3D87653150.2122355399.1404232238.1404234218.1405368973.3%3B%2B__utmz%3D87653150.1405368973.3.3.utmcsr%3Dgoogle%7Cutmccn%3D(organic)%7Cutmcmd%3Dorganic%7Cutmctr%3D(not%2520provided)%3B&utmu=q~200
SMB 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
1
2014-07-14T13:26:00.815578-0700172.29.1.23172.29.1.20NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
2
2014-07-14T13:26:00.895516-0700172.29.1.23172.29.1.20NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX204865535
3
2014-07-14T13:26:00.966457-0700172.29.1.23172.29.1.20NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX204865535
4
2014-07-14T13:26:01.009673-0700172.29.1.23172.29.1.20NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX20482048
5
2014-07-14T13:26:15.599852-0700172.29.1.23172.29.1.20NT LM 0.12SMB1_COMMAND_TREE_DISCONNECT20482048
6
2014-07-14T13:26:15.677294-0700172.29.1.23172.29.1.20NT LM 0.12SMB1_COMMAND_LOGOFF_ANDX20480
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 231
Showing 1-20 of 231 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2014-07-14T13:24:59.367072-07001716718770095200flow172.29.1.235918710.0.1.3161UDPpcapanalyzer
2
2014-07-14T13:26:00.895516-070094823155740630flow172.29.1.2364537172.29.1.2551947UDPpcapanalyzer
3
2014-07-14T13:26:00.897763-07001021372156524262flow172.29.1.233609546.201.140.741027UDPpcapanalyzer
4
2014-07-14T13:26:00.966457-0700886147257244109flow172.29.1.234938464.12.132.5580TCPpcapanalyzer
5
2014-07-14T13:26:00.966457-07001507493734446861flow172.29.1.2356486239.255.255.2501900UDPpcapanalyzer
6
2014-07-14T13:29:10.786880-0700423787586577642flow172.29.1.234956874.125.239.52443TCPpcapanalyzer
7
2014-07-14T13:29:10.786880-07001690667663066775flow172.29.1.23557724.2.2.153UDPpcapanalyzer
8
2014-07-14T13:29:10.786880-07001950930119414flow172.29.1.23625224.2.2.153UDPpcapanalyzer
9
2014-07-14T13:29:10.786880-07002113215120424622flow70.145.192.2611478172.29.1.2336095UDPpcapanalyzer
10
2014-07-14T13:29:10.786880-0700706228942191216flow172.29.1.233609599.228.114.9718413UDPpcapanalyzer
11
2014-07-14T13:29:10.786880-07001691694144558915flow172.29.1.234956974.125.224.56443TCPpcapanalyzer
12
2014-07-14T13:29:10.786880-07001973478374468437flow172.29.1.2349611162.159.242.16580TCPpcapanalyzer
13
2014-07-14T13:29:10.786880-0700849335098709173flow172.29.1.2349592172.29.1.214444TCPpcapanalyzer
14
2014-07-14T13:29:10.786880-07005427717867348flow94.59.9.1066881172.29.1.2336095UDPpcapanalyzer
15
2014-07-14T13:29:10.786880-07001553643157304427flow172.29.1.2364537255.255.255.2551947UDPpcapanalyzer
16
2014-07-14T13:29:10.786880-0700990826349027826flow172.29.1.234957374.125.239.0443TCPpcapanalyzer
17
2014-07-14T13:29:10.786880-07001835687232782657flow172.29.1.234960074.125.28.147443TCPpcapanalyzer
18
2014-07-14T13:29:10.786880-07002117235210331252flow172.29.1.23559964.2.2.153UDPpcapanalyzer
19
2014-07-14T13:29:10.786880-07002117591708510785flow172.29.1.234962974.125.28.147443TCPpcapanalyzer
20
2014-07-14T13:29:10.786880-07001414947931642595flow172.29.1.2352466239.255.255.2503702UDPpcapanalyzer
File 53
Showing 1-20 of 53 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2014-07-14T13:24:45.695169-0700172.29.1.2323.5.251.27/data102
2
2014-07-14T13:24:45.289240-070074.125.239.52172.29.1.23/HTML document, ASCII text, with CRLF, LF line terminators231
3
2014-07-14T13:24:59.826457-0700172.29.1.2323.5.251.27/data102
4
2014-07-14T13:24:45.557780-0700172.29.1.2374.125.239.97/ocspdata107
5
2014-07-14T13:24:45.789093-070074.125.239.97172.29.1.23/ocspdata463
6
2014-07-14T13:24:45.696926-070023.5.251.27172.29.1.23/data1459
7
2014-07-14T13:24:59.827956-070023.5.251.27172.29.1.23/data1403
8
2014-07-14T13:24:47.072825-0700172.29.1.2374.125.239.97/ocspdata107
9
2014-07-14T13:24:47.288903-070074.125.239.97172.29.1.23/ocspdata463
10
2014-07-14T13:24:59.527945-0700172.29.1.2374.125.239.97/ocspdata107
11
2014-07-14T13:24:59.786489-070074.125.239.97172.29.1.23/ocspdata463
12
2014-07-14T13:25:04.117554-0700172.29.1.2372.21.91.29/data115
13
2014-07-14T13:25:04.333384-070072.21.91.29172.29.1.23/data471
14
2014-07-14T13:25:04.427059-0700172.29.1.2372.21.91.29/data115
15
2014-07-14T13:25:04.645386-0700172.29.1.2374.125.239.97/ocspdata107
16
2014-07-14T13:25:04.683854-070072.21.91.29172.29.1.23/data471
17
2014-07-14T13:25:04.879199-070074.125.239.97172.29.1.23/ocspdata463
18
2014-07-14T13:24:57.574746-0700172.29.1.2323.5.251.27/data115
19
2014-07-14T13:24:57.576493-070023.5.251.27172.29.1.23/data1523
20
2014-07-14T13:25:24.750436-070074.125.239.52172.29.1.23/HTML document, ASCII text, with CRLF, LF line terminators231

Comments(not set)

Update Download PCAP Delete