merged.pcap

MD51cd1ea56484846142e58015720fa6d34
Submission Date2021-11-22 18:29:01
Tags(not set)
Alert 35
Showing 21-35 of 35 items.
#
TimestampSrc IpDest IpAlert SignatureP
21
2018-08-20T11:10:00.968301-070010.21.1.98216.58.202.100ET POLICY Python-urllib/ Suspicious User Agent*
22
2018-08-20T11:10:01.427558-070010.21.1.9876.170.101.26ET P2P BitTorrent DHT ping request*
23
2018-08-13T06:34:57.370487-070010.21.1.45172.217.30.100ET POLICY Python-urllib/ Suspicious User Agent*
24
2018-08-20T11:10:10.799502-070010.21.1.98216.58.202.110ET POLICY Python-urllib/ Suspicious User Agent*
25
2018-08-20T11:10:10.924986-070010.21.1.98216.58.202.100ET POLICY Python-urllib/ Suspicious User Agent*
26
2018-08-13T06:34:47.053524-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
27
2018-08-13T06:34:47.251858-070010.21.1.45172.217.30.100ET POLICY Python-urllib/ Suspicious User Agent*
28
2018-08-13T06:55:53.408481-070010.21.1.88216.58.202.132ET POLICY Python-urllib/ Suspicious User Agent*
29
2018-08-13T06:56:13.448245-070010.21.1.88172.217.29.206ET POLICY Python-urllib/ Suspicious User Agent*
30
2018-08-20T11:10:00.790323-070010.21.1.98216.58.202.110ET POLICY Python-urllib/ Suspicious User Agent*
31
2018-08-13T06:55:53.053898-070010.21.1.88172.217.29.142ET POLICY Python-urllib/ Suspicious User Agent*
32
2018-08-13T06:56:03.600076-070010.21.1.88216.58.202.132ET POLICY Python-urllib/ Suspicious User Agent*
33
2018-08-20T11:10:20.805078-070010.21.1.98216.58.202.110ET POLICY Python-urllib/ Suspicious User Agent*
34
2018-08-13T06:56:13.834757-070010.21.1.88172.217.30.100ET POLICY Python-urllib/ Suspicious User Agent*
35
2018-08-20T11:10:20.936296-070010.21.1.98216.58.202.100ET POLICY Python-urllib/ Suspicious User Agent*
DNS 1374
Showing 1-20 of 1,374 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2005-07-16T07:29:32.596875-070081.131.67.131213.120.62.99queryftp.ipv6.uni-leipzig.deAAAA(not set)
2
2005-07-16T07:29:33.596875-070081.131.67.131213.120.62.99queryftp.ipv6.uni-leipzig.deAAAA(not set)
3
2005-07-16T07:29:34.596875-070081.131.67.131213.120.62.99queryftp.ipv6.uni-leipzig.deAAAA(not set)
4
2005-07-16T07:29:34.753125-0700213.120.62.9981.131.67.131answerftp.ipv6.uni-leipzig.deAAAA(not set)
5
2005-07-16T07:29:36.441602-0700213.120.62.9981.131.67.131answerftp.ipv6.uni-leipzig.deAAAA(not set)
6
2005-07-16T07:29:37.271680-0700213.120.62.9981.131.67.131answerftp.ipv6.uni-leipzig.deAAAA(not set)
7
2006-08-25T12:32:21.664799-0700192.168.1.2192.168.1.1queryui.skype.comA(not set)
8
2006-08-25T12:32:21.664914-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
9
2006-08-25T12:32:21.698599-0700192.168.1.1192.168.1.2answerui.skype.comA(not set)
10
2006-08-25T12:32:23.172938-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
11
2006-08-25T12:32:23.994435-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
12
2006-08-25T12:32:24.673656-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
13
2006-08-25T12:32:25.009057-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
14
2006-08-25T12:32:26.174411-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
15
2006-08-25T12:32:26.663468-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
16
2006-08-25T12:32:26.663826-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
17
2006-08-25T12:32:27.152203-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
18
2006-08-25T12:31:06.890652-0700192.168.1.2192.168.1.1query2.1.168.192.in-addr.arpaPTR(not set)
19
2006-08-25T12:31:06.890808-0700192.168.1.2192.168.1.1query114.214.204.212.in-addr.arpaPTR(not set)
20
2006-08-25T12:31:06.924944-0700192.168.1.1192.168.1.2answer2.1.168.192.in-addr.arpaPTR(not set)
TLS 64
Showing 41-60 of 64 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
41
2018-08-20T11:10:06.537778-070010.21.1.98172.217.28.78TLS 1.2safebrowsing-cache.google.com
42
2018-08-20T11:10:06.538177-070010.21.1.98172.217.28.78TLS 1.2safebrowsing-cache.google.com
43
2018-08-20T11:10:09.643778-070010.21.1.9834.210.232.75TLS 1.2self-repair.mozilla.org
44
2018-08-20T11:10:11.313463-070010.21.1.9854.191.46.28TLS 1.2shavar.services.mozilla.com
45
2018-08-20T11:10:11.555056-070010.21.1.9854.191.46.28TLS 1.2shavar.services.mozilla.com
46
2018-08-20T11:10:12.974225-070010.21.1.98144.76.96.212TLS 1.2stat.s3blog.org
47
2018-08-20T11:10:15.658155-070010.21.1.98216.58.222.78TLS 1.2sb-ssl.google.com
48
2018-08-13T06:55:40.578962-070010.21.1.88172.217.29.138TLS 1.2fonts.googleapis.com
49
2018-08-13T06:34:51.298795-070010.21.1.45172.217.30.110TLS 1.2sb-ssl.google.com
50
2018-08-13T06:55:40.575919-070010.21.1.88172.217.29.138TLS 1.2fonts.googleapis.com
51
2018-08-13T06:55:40.578736-070010.21.1.88172.217.29.138TLS 1.2fonts.googleapis.com
52
2018-08-13T06:55:42.195347-070010.21.1.88138.201.253.3TLS 1.2crvtck.com
53
2018-08-13T06:55:40.973413-070010.21.1.88144.76.96.212TLS 1.2stat.s3blog.org
54
2018-08-13T06:55:41.268542-070010.21.1.88151.101.4.134TLS 1.2amazoniareal.disqus.com
55
2018-08-13T06:55:41.779079-070010.21.1.88172.217.29.131TLS 1.2www.gstatic.com
56
2018-08-13T06:55:41.810912-070010.21.1.88172.217.29.131TLS 1.2www.gstatic.com
57
2018-08-13T06:55:42.054497-070010.21.1.88138.201.253.3TLS 1.2crvtck.com
58
2018-08-20T11:10:02.133198-070010.21.1.98192.0.73.2TLS 1.3 draft-23secure.gravatar.com
59
2018-08-20T11:10:04.469905-070010.21.1.9854.192.57.71TLS 1.2snippets.cdn.mozilla.net
60
2018-08-20T11:10:04.746898-070010.21.1.9854.244.7.9TLS 1.2tiles.services.mozilla.com
TFTP 1
Showing 1-1 of 1 item.
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
12013-05-01T05:24:11.972852-0700192.168.0.253192.168.0.10readrfc1350.txtoctet
HTTP 670
Showing 1-20 of 670 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2005-01-14T09:58:05.638272-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
2
2005-01-14T09:58:07.444067-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
3
2005-01-14T09:58:07.444203-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
4
2005-01-14T09:58:07.324482-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
5
2005-01-14T09:58:07.756923-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
6
2005-01-14T09:58:07.945685-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
7
2005-01-14T09:58:07.945728-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
8
2005-01-14T09:58:07.945874-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
9
2005-01-14T09:58:07.444128-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
10
2005-01-14T09:58:05.712327-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
11
2005-01-14T09:58:07.830220-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
12
2005-01-14T09:58:07.845352-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
13
2005-01-14T09:58:07.945802-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
14
2005-01-14T09:58:05.838948-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
15
2005-01-14T09:58:10.854970-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
16
2005-01-14T09:58:07.711059-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
17
2005-01-14T09:58:07.845409-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
18
2005-01-14T09:58:10.916214-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
19
2005-01-14T09:58:11.055661-0800200.57.7.204200.57.7.19480GET/cems/META-INF/services/javax.xml.parsers.SAXParserFactory403
20
2005-01-14T09:58:16.116227-0800200.57.7.204200.57.7.19480POST/cems/applets/serviceRouter200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 5
Showing 1-5 of 5 items.
#
TimestampSourceDestinationEmail FromEmail ToSubject
1
2013-08-22T12:17:56.649185-0700192.168.0.4212.227.15.167DI <digitalinvestigator@networksims.com>w.buchanan@napier.ac.ukTesting
2
2014-01-06T13:20:26.759146-0800192.168.47.171192.168.47.134"Bill" <w.buchanan@napier.ac.uk><test@home.com>Test
3
2015-12-29T11:13:51.630178-0800172.16.16.221172.16.16.231Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
4
2015-12-29T11:14:08.908722-0800172.16.16.225172.16.16.221Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
5
2017-07-02T15:20:34.040092-0700172.16.16.225172.16.16.221(not set)(not set)(not set)
Flow 1143
Showing 161-180 of 1,143 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
161
2006-08-25T12:31:20.388422-07001689563265098018flow81.131.67.1314173085.68.186.2386346UDPpcapanalyzer
162
2006-08-25T12:31:20.388422-0700986189356318180flow81.251.185.13107481.131.67.13141730UDPpcapanalyzer
163
2006-08-25T12:31:20.388422-07001268059462314276flow81.131.67.13141730147.10.31.2106346UDPpcapanalyzer
164
2006-08-25T12:31:20.388422-07001409705345379466flow81.131.67.1314173024.170.76.23637517UDPpcapanalyzer
165
2006-08-25T12:31:20.388422-0700144199672242335flow216.90.136.403344781.131.67.13141730UDPpcapanalyzer
166
2006-08-25T12:31:20.388422-0700848494853779314flow220.138.131.26634681.131.67.13141730UDPpcapanalyzer
167
2006-08-25T12:31:20.388422-07001693381490930412flow81.131.67.1314173062.203.15.1816346UDPpcapanalyzer
168
2006-08-25T12:31:20.388422-07001693626296747722flow81.131.67.1314173062.203.155.2126346UDPpcapanalyzer
169
2006-08-25T12:31:20.388422-07002118997718411551flow84.43.8.55634681.131.67.13141730UDPpcapanalyzer
170
2006-08-25T12:31:20.388422-07002119697790492725flow81.131.67.1314173068.21.34.1736346UDPpcapanalyzer
171
2006-08-25T12:31:20.388422-07001697532575759854flow81.56.116.170634681.131.67.13141730UDPpcapanalyzer
172
2006-08-25T12:31:20.388422-07009137976000819flow81.131.67.1314173038.115.4.20421284UDPpcapanalyzer
173
2006-08-25T12:31:20.388422-0700713373033279477flow81.131.67.1314173081.51.184.696346UDPpcapanalyzer
174
2006-08-25T12:31:20.388422-07002121512421376978flow61.87.54.192634681.131.67.13141730UDPpcapanalyzer
175
2006-08-25T12:31:20.388422-07001701445284572501flow81.131.67.1314173024.43.167.126346UDPpcapanalyzer
176
2006-08-25T12:31:20.388422-0700575736505189104flow81.131.67.131634886.130.246.2226348UDPpcapanalyzer
177
2006-08-25T12:31:20.388422-07001701681515430234flow81.131.67.1314173062.34.123.2446346UDPpcapanalyzer
178
2006-08-25T12:31:20.388422-0700998507321453473flow81.131.67.1314173068.214.31.23337459UDPpcapanalyzer
179
2006-08-25T12:31:20.388422-07001421430604532474flow81.131.67.13141730201.137.214.746346UDPpcapanalyzer
180
2006-08-25T12:31:20.388422-070014064311793437flow81.106.187.1981566081.131.67.13141730UDPpcapanalyzer
File 670
Showing 21-40 of 670 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
21
2005-01-14T09:58:07.711059-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators5560
22
2005-01-14T09:58:07.845409-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
23
2005-01-14T09:58:10.910334-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators292
24
2005-01-14T09:58:10.916214-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators4748
25
2005-01-14T09:58:11.055661-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
26
2005-01-14T09:58:16.112626-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators292
27
2005-01-14T09:58:16.116227-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators4748
28
2005-01-14T09:58:16.272325-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
29
2005-01-14T09:58:16.071665-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
30
2005-01-14T09:58:21.273434-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators292
31
2005-01-14T09:58:21.314567-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators4748
32
2005-01-14T09:58:21.327794-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
33
2005-01-14T09:58:21.288394-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
34
2005-01-14T09:58:26.500827-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators292
35
2005-01-14T09:58:26.505108-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
36
2005-01-14T09:58:26.520837-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators4748
37
2005-01-14T09:58:26.705737-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
38
2005-01-14T09:58:36.838213-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
39
2005-01-14T09:58:31.713280-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators292
40
2005-01-14T09:58:31.716990-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators4748

Comments(not set)

Update Download PCAP Delete