Op_17.pcap

MD578f207eafe405d2f088fa1ae28377e32
Submission Date2021-11-22 15:53:11
Tags(not set)
Alert 7
Showing 1-7 of 7 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2018-08-20T11:09:56.427399-070010.21.1.9888.225.218.119ET P2P BitTorrent DHT ping request*
2
2018-08-20T11:10:00.790323-070010.21.1.98216.58.202.110ET POLICY Python-urllib/ Suspicious User Agent*
3
2018-08-20T11:10:00.968301-070010.21.1.98216.58.202.100ET POLICY Python-urllib/ Suspicious User Agent*
4
2018-08-20T11:10:10.799502-070010.21.1.98216.58.202.110ET POLICY Python-urllib/ Suspicious User Agent*
5
2018-08-20T11:10:10.924986-070010.21.1.98216.58.202.100ET POLICY Python-urllib/ Suspicious User Agent*
6
2018-08-20T11:10:20.805078-070010.21.1.98216.58.202.110ET POLICY Python-urllib/ Suspicious User Agent*
7
2018-08-20T11:10:20.936296-070010.21.1.98216.58.202.100ET POLICY Python-urllib/ Suspicious User Agent*
DNS 174
Showing 1-20 of 174 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2018-08-20T11:10:00.681012-070010.21.1.9810.21.1.1querygoogle.comA(not set)
2
2018-08-20T11:10:00.681192-070010.21.1.110.21.1.98answergoogle.comA(not set)
3
2018-08-20T11:10:00.681286-070010.21.1.9810.21.1.1querygoogle.comAAAA(not set)
4
2018-08-20T11:10:00.681428-070010.21.1.110.21.1.98answergoogle.comAAAA(not set)
5
2018-08-20T11:10:00.791488-070010.21.1.9810.21.1.1querywww.google.comA(not set)
6
2018-08-20T11:10:00.791673-070010.21.1.110.21.1.98answerwww.google.comA(not set)
7
2018-08-20T11:10:00.791740-070010.21.1.9810.21.1.1querywww.google.comAAAA(not set)
8
2018-08-20T11:10:00.791929-070010.21.1.110.21.1.98answerwww.google.comAAAA(not set)
9
2018-08-20T11:10:03.232862-070010.21.1.9810.21.1.1querydetectportal.firefox.comA(not set)
10
2018-08-20T11:10:03.232871-070010.21.1.9810.21.1.1querydetectportal.firefox.comAAAA(not set)
11
2018-08-20T11:10:03.312202-070010.21.1.110.21.1.98answerdetectportal.firefox.comAAAA(not set)
12
2018-08-20T11:10:03.415134-070010.21.1.110.21.1.98answerdetectportal.firefox.comA(not set)
13
2018-08-20T11:10:03.970380-070010.21.1.9810.21.1.1querytiles.services.mozilla.comA(not set)
14
2018-08-20T11:10:03.970390-070010.21.1.9810.21.1.1querytiles.services.mozilla.comAAAA(not set)
15
2018-08-20T11:10:04.032080-070010.21.1.110.21.1.98answertiles.services.mozilla.comA(not set)
16
2018-08-20T11:10:04.331116-070010.21.1.110.21.1.98answertiles.services.mozilla.comAAAA(not set)
17
2018-08-20T11:10:04.756877-070010.21.1.9810.21.1.1queryocsp.digicert.comA(not set)
18
2018-08-20T11:10:04.756890-070010.21.1.9810.21.1.1queryocsp.digicert.comAAAA(not set)
19
2018-08-20T11:10:04.757231-070010.21.1.110.21.1.98answerocsp.digicert.comA(not set)
20
2018-08-20T11:10:04.921234-070010.21.1.110.21.1.98answerocsp.digicert.comAAAA(not set)
TLS 18
Showing 1-18 of 18 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2018-08-20T11:10:04.888246-070010.21.1.9854.244.7.9TLS 1.2tiles.services.mozilla.com
2
2018-08-20T11:10:04.746898-070010.21.1.9854.244.7.9TLS 1.2tiles.services.mozilla.com
3
2018-08-20T11:10:02.133198-070010.21.1.98192.0.73.2TLS 1.3 draft-23secure.gravatar.com
4
2018-08-20T11:10:04.838532-070010.21.1.98216.58.202.110TLS 1.2translate.google.com
5
2018-08-20T11:10:04.842916-070010.21.1.98216.58.202.110TLS 1.2translate.google.com
6
2018-08-20T11:10:04.469905-070010.21.1.9854.192.57.71TLS 1.2snippets.cdn.mozilla.net
7
2018-08-20T11:10:05.544852-070010.21.1.9854.230.59.226TLS 1.2tiles-cloudfront.cdn.mozilla.net
8
2018-08-20T11:10:06.537778-070010.21.1.98172.217.28.78TLS 1.2safebrowsing-cache.google.com
9
2018-08-20T11:10:06.538177-070010.21.1.98172.217.28.78TLS 1.2safebrowsing-cache.google.com
10
2018-08-20T11:10:06.310907-070010.21.1.98216.58.202.110TLS 1.2safebrowsing.google.com
11
2018-08-20T11:10:09.643778-070010.21.1.9834.210.232.75TLS 1.2self-repair.mozilla.org
12
2018-08-20T11:10:11.555056-070010.21.1.9854.191.46.28TLS 1.2shavar.services.mozilla.com
13
2018-08-20T11:10:11.313463-070010.21.1.9854.191.46.28TLS 1.2shavar.services.mozilla.com
14
2018-08-20T11:10:15.658155-070010.21.1.98216.58.222.78TLS 1.2sb-ssl.google.com
15
2018-08-20T11:10:12.974225-070010.21.1.98144.76.96.212TLS 1.2stat.s3blog.org
16
2018-08-20T11:10:13.002996-070010.21.1.98144.76.96.212TLS 1.2stat.s3blog.org
17
2018-08-20T11:10:14.518339-070010.21.1.98138.201.253.3TLS 1.2crvtck.com
18
2018-08-20T11:10:11.322510-070010.21.1.9854.191.46.28TLS 1.2shavar.services.mozilla.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 20
Showing 1-20 of 20 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2018-08-20T11:10:00.790323-070010.21.1.98google.com80GET/301
2
2018-08-20T11:10:03.467882-070010.21.1.98detectportal.firefox.com80GET/success.txt200
3
2018-08-20T11:10:05.419064-070010.21.1.98ocsp.pki.goog80POST/GTSGIAG3200
4
2018-08-20T11:10:04.974965-070010.21.1.98ocsp.digicert.com80POST/200
5
2018-08-20T11:10:05.420426-070010.21.1.98ocsp.pki.goog80POST/GTSGIAG3200
6
2018-08-20T11:10:05.042808-070010.21.1.98ocsp.digicert.com80POST/200
7
2018-08-20T11:10:10.561015-070010.21.1.98ocsp.digicert.com80POST/200
8
2018-08-20T11:10:10.630888-070010.21.1.98ocsp.digicert.com80POST/200
9
2018-08-20T11:10:10.799502-070010.21.1.98google.com80GET/301
10
2018-08-20T11:10:11.355642-070010.21.1.98ocsp.digicert.com80POST/200
11
2018-08-20T11:10:11.446767-070010.21.1.98ocsp.digicert.com80POST/200
12
2018-08-20T11:10:13.340396-070010.21.1.98ocsp.int-x3.letsencrypt.org80POST/200
13
2018-08-20T11:10:11.544897-070010.21.1.9810.21.1.2469876GET/sols/view/1200
14
2018-08-20T11:10:20.805078-070010.21.1.98google.com80GET/301
15
2018-08-20T11:10:13.337725-070010.21.1.98ocsp.int-x3.letsencrypt.org80POST/200
16
2018-08-20T11:10:14.556477-070010.21.1.98ocsp.int-x3.letsencrypt.org80POST/200
17
2018-08-20T11:10:09.453027-070010.21.1.98recursos.aldabaknocking.com80GET/libpcapHakin9LuisMartinGarcia.pdf200
18
2018-08-20T11:10:24.710352-070010.21.1.98www.google.com80GET/200
19
2018-08-20T11:10:24.710352-070010.21.1.98www.google.com80GET/200
20
2018-08-20T11:10:24.710352-070010.21.1.98www.google.com80GET/200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 175
Showing 1-20 of 175 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2018-08-20T11:10:24.710352-0700845608260232244flow10.21.1.983348310.21.1.153UDPpcapanalyzer
2
2018-08-20T11:10:24.710352-0700564371654573947flow10.21.1.985037510.21.1.153UDPpcapanalyzer
3
2018-08-20T11:10:24.710352-0700989377996315930flow10.21.1.985924045.60.37.34443TCPpcapanalyzer
4
2018-08-20T11:10:24.710352-07002116014490704482flow10.21.1.24860736224.0.0.2525355UDPpcapanalyzer
5
2018-08-20T11:10:24.710352-0700568000901678549flow10.21.1.9850018192.0.73.2443TCPpcapanalyzer
6
2018-08-20T11:10:24.710352-07002116158371942462flow10.21.1.9847420216.58.202.10080TCPpcapanalyzer
7
2018-08-20T11:10:24.710352-07001975897624107001flow10.21.1.983941410.21.1.153UDPpcapanalyzer
8
2018-08-20T11:10:24.710352-0700992247033999305flow10.21.1.9837630216.58.202.11080TCPpcapanalyzer
9
2018-08-20T11:10:24.710352-0700288591804534663flow10.21.1.9844528172.217.28.78443TCPpcapanalyzer
10
2018-08-20T11:10:24.710352-0700712449242382257flow10.21.1.983831854.191.46.28443TCPpcapanalyzer
11
2018-08-20T11:10:24.710352-07001698786333852976flow10.21.1.983932810.21.1.2469876TCPpcapanalyzer
12
2018-08-20T11:10:24.710352-0700573887155008676flow10.21.1.9834406192.16.58.880TCPpcapanalyzer
13
2018-08-20T11:10:24.710352-07001840679168551860flow10.21.1.983579854.192.57.71443TCPpcapanalyzer
14
2018-08-20T11:10:24.710352-07001419250535235166flow10.21.1.984025010.21.1.153UDPpcapanalyzer
15
2018-08-20T11:10:24.710352-07001138591602036364flow10.21.1.983285610.21.1.153UDPpcapanalyzer
16
2018-08-20T11:10:24.710352-0700716462889894099flowfe80:0000:0000:0000:bc33:4cd3:9629:e1c753910ff02:0000:0000:0000:0000:0000:0000:000c3702UDPpcapanalyzer
17
2018-08-20T11:10:24.710352-07001983441734108795flow10.21.1.988999216.58.62.1356279UDPpcapanalyzer
18
2018-08-20T11:10:24.710352-0700294954799484279flow10.21.1.985380610.21.1.153UDPpcapanalyzer
19
2018-08-20T11:10:24.710352-07001984206237865653flow10.21.1.9847338216.58.202.10080TCPpcapanalyzer
20
2018-08-20T11:10:24.710352-07001281706355202507flow10.21.1.985385510.21.1.153UDPpcapanalyzer
File 31
Showing 1-20 of 31 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2018-08-20T11:10:00.790323-0700216.58.202.11010.21.1.98/HTML document, ASCII text, with CRLF, LF line terminators219
2
2018-08-20T11:10:04.973855-070010.21.1.98192.16.58.8/data83
3
2018-08-20T11:10:05.301535-070010.21.1.98216.58.202.110/GTSGIAG3data75
4
2018-08-20T11:10:03.467882-0700200.216.8.3210.21.1.98/success.txtASCII text8
5
2018-08-20T11:10:05.419064-0700216.58.202.11010.21.1.98/GTSGIAG3data463
6
2018-08-20T11:10:04.974965-0700192.16.58.810.21.1.98/data471
7
2018-08-20T11:10:05.301222-070010.21.1.98216.58.202.110/GTSGIAG3data75
8
2018-08-20T11:10:05.420426-0700216.58.202.11010.21.1.98/GTSGIAG3data463
9
2018-08-20T11:10:05.001904-070010.21.1.98192.16.58.8/data83
10
2018-08-20T11:10:05.042808-0700192.16.58.810.21.1.98/data471
11
2018-08-20T11:10:10.560998-070010.21.1.98192.16.58.8/data83
12
2018-08-20T11:10:10.561015-0700192.16.58.810.21.1.98/data471
13
2018-08-20T11:10:10.590510-070010.21.1.98192.16.58.8/data83
14
2018-08-20T11:10:10.630888-0700192.16.58.810.21.1.98/data471
15
2018-08-20T11:10:10.799502-0700216.58.202.11010.21.1.98/HTML document, ASCII text, with CRLF, LF line terminators219
16
2018-08-20T11:10:11.355605-070010.21.1.98192.16.58.8/data83
17
2018-08-20T11:10:11.355642-0700192.16.58.810.21.1.98/data471
18
2018-08-20T11:10:11.405003-070010.21.1.98192.16.58.8/data83
19
2018-08-20T11:10:11.446767-0700192.16.58.810.21.1.98/data471
20
2018-08-20T11:10:13.338230-070010.21.1.98200.149.150.137/data85

Comments(not set)

Update Download PCAP Delete