merged.pcap

MD51cd1ea56484846142e58015720fa6d34
Submission Date2021-11-22 18:29:01
Tags(not set)
Alert 35
Showing 1-20 of 35 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2005-01-14T09:58:08.905094-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
2
2005-01-14T09:58:14.907941-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
3
2005-01-14T09:58:20.913970-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
4
2005-05-06T02:42:14.364705-0700192.168.1.14207.46.108.59GPL CHAT MSN user search*
5
2005-05-06T02:43:13.717249-0700192.168.1.14207.46.108.59GPL CHAT MSN user search*
6
2006-08-25T12:36:08.782873-0700192.168.1.2212.72.49.131ET CHAT Skype VOIP Checking Version (Startup)*
7
2006-08-25T12:32:21.808007-0700192.168.1.2212.72.49.131ET CHAT Skype VOIP Checking Version (Startup)*
8
2006-08-25T12:34:05.096863-0700192.168.1.269.114.183.8ET P2P Kazaa over UDP*
9
2011-09-23T13:11:59.760293-0700172.16.0.266.147.240.170ET POLICY HTTP POST contains pass= in cleartext*
10
2011-09-23T13:11:59.760432-0700192.168.43.24466.147.240.170ET POLICY HTTP POST contains pass= in cleartext*
11
2017-07-02T15:20:34.110081-0700192.168.0.106255.255.255.255ET POLICY Dropbox Client Broadcasting*
12
2017-07-02T15:20:24.944089-0700192.168.0.106109.173.11.109ET P2P BitTorrent DHT ping request*
13
2018-08-13T06:34:37.241599-070010.21.1.4546.10.22.5ET P2P BitTorrent DHT ping request*
14
2018-08-13T06:34:57.053088-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
15
2018-08-13T06:55:42.881285-070010.21.1.88216.58.202.14ET POLICY Python-urllib/ Suspicious User Agent*
16
2018-08-13T06:55:43.231299-070010.21.1.88172.217.29.132ET POLICY Python-urllib/ Suspicious User Agent*
17
2018-08-13T06:55:47.291301-070010.21.1.88110.52.23.134ET P2P BitTorrent DHT ping request*
18
2018-08-13T06:34:36.788379-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
19
2018-08-13T06:56:03.244116-070010.21.1.88172.217.29.142ET POLICY Python-urllib/ Suspicious User Agent*
20
2018-08-13T06:34:37.049607-070010.21.1.45172.217.30.100ET POLICY Python-urllib/ Suspicious User Agent*
DNS 1374
Showing 101-120 of 1,374 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
101
2006-08-25T12:32:18.250772-0700192.168.1.2192.168.1.1queryhost86-136-192-70.range86-136.btcentralplus.comA(not set)
102
2006-08-25T12:32:18.254323-0700192.168.1.1192.168.1.2answerhost86-142-117-124.range86-142.btcentralplus.comA(not set)
103
2006-08-25T12:32:18.256887-0700192.168.1.1192.168.1.2answerhost86-142-178-222.range86-142.btcentralplus.comA(not set)
104
2006-08-25T12:32:18.259252-0700192.168.1.1192.168.1.2answerhost86-128-163-125.range86-128.btcentralplus.comA(not set)
105
2006-08-25T12:32:18.261765-0700192.168.1.1192.168.1.2answer81-236-228-111-no37.tbcn.telia.comA(not set)
106
2006-08-25T12:32:18.264197-0700192.168.1.1192.168.1.2answerhost86-134-79-66.range86-134.btcentralplus.comA(not set)
107
2006-08-25T12:32:18.266807-0700192.168.1.1192.168.1.2answerhost86-136-192-70.range86-136.btcentralplus.comA(not set)
108
2006-08-25T12:32:19.785658-0700192.168.1.2192.168.1.1query176.57.186.80.in-addr.arpaPTR(not set)
109
2006-08-25T12:32:19.785731-0700192.168.1.2192.168.1.1query243.150.206.68.in-addr.arpaPTR(not set)
110
2006-08-25T12:32:19.873342-0700192.168.1.1192.168.1.2answer176.57.186.80.in-addr.arpaPTR(not set)
111
2006-08-25T12:32:19.903131-0700192.168.1.1192.168.1.2answer243.150.206.68.in-addr.arpaPTR(not set)
112
2006-08-25T12:32:20.521882-0700192.168.1.2192.168.1.1query105.194.128.82.in-addr.arpaPTR(not set)
113
2006-08-25T12:32:20.521944-0700192.168.1.2192.168.1.1querya80-186-57-176.elisa-laajakaista.fiA(not set)
114
2006-08-25T12:32:20.521968-0700192.168.1.2192.168.1.1querycpe-68-206-150-243.hot.res.rr.comA(not set)
115
2006-08-25T12:32:20.521992-0700192.168.1.2192.168.1.1query237.132.50.212.in-addr.arpaPTR(not set)
116
2006-08-25T12:32:20.522018-0700192.168.1.2192.168.1.1query205.205.152.204.in-addr.arpaPTR(not set)
117
2006-08-25T12:32:20.522046-0700192.168.1.2192.168.1.1query141.73.47.217.in-addr.arpaPTR(not set)
118
2006-08-25T12:32:20.532346-0700192.168.1.1192.168.1.2answera80-186-57-176.elisa-laajakaista.fiA(not set)
119
2006-08-25T12:32:20.535096-0700192.168.1.1192.168.1.2answercpe-68-206-150-243.hot.res.rr.comA(not set)
120
2006-08-25T12:32:20.588456-0700192.168.1.1192.168.1.2answer141.73.47.217.in-addr.arpaPTR(not set)
TLS 64
Showing 1-20 of 64 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2017-07-02T15:20:34.279553-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
2
2017-07-02T15:20:33.559648-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
3
2017-07-02T15:20:36.867925-0700192.168.0.10654.187.128.85TLS 1.2oauth.accounts.firefox.com
4
2017-07-02T15:20:34.387320-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
5
2017-07-02T15:20:35.427278-0700192.168.0.106172.217.29.238TLS 1.2translate.google.com
6
2017-07-02T15:20:35.630035-0700192.168.0.10654.187.128.85TLS 1.2oauth.accounts.firefox.com
7
2017-07-02T15:20:37.615894-0700192.168.0.10654.192.226.174TLS 1.2snippets.cdn.mozilla.net
8
2017-07-02T15:20:37.624410-0700192.168.0.10654.69.106.30TLS 1.2accounts.firefox.com
9
2017-07-02T15:20:38.535015-0700192.168.0.10652.17.122.61TLS 1.2location.services.mozilla.com
10
2017-07-02T15:20:37.411042-0700192.168.0.106172.217.29.100TLS 1.2www.google.com
11
2017-07-02T15:20:37.605273-0700192.168.0.10654.192.226.174TLS 1.2snippets.cdn.mozilla.net
12
2017-07-02T15:20:40.202010-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
13
2017-07-02T15:20:41.271164-0700192.168.0.10652.39.237.157TLS 1.2self-repair.mozilla.org
14
2017-07-02T15:20:38.534966-0700192.168.0.10654.69.106.30TLS 1.2accounts.firefox.com
15
2017-07-02T15:20:41.836615-0700192.168.0.10654.192.227.96TLS 1.2normandy-cloudfront.cdn.mozilla.net
16
2017-07-02T15:21:03.457984-0700192.168.0.106216.58.222.42TLS 1.2translate.googleapis.com
17
2017-07-02T15:21:04.527394-0700192.168.0.106172.217.29.99TLS 1.2www.gstatic.com
18
2017-07-02T15:21:19.971634-0700192.168.0.106172.217.29.110TLS 1.2sb-ssl.google.com
19
2017-07-02T15:21:03.143734-0700192.168.0.106216.58.222.42TLS 1.2translate.googleapis.com
20
2017-07-02T15:21:03.376975-0700192.168.0.106216.58.222.42TLS 1.2translate.googleapis.com
TFTP 1
Showing 1-1 of 1 item.
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
12013-05-01T05:24:11.972852-0700192.168.0.253192.168.0.10readrfc1350.txtoctet
HTTP 670
Showing 201-220 of 670 items.
#
TimestampSourceHostnamePortMethodURLStatus
201
2011-09-23T13:12:10.869374-0700192.168.43.244www.epoca2011.org2095GET/horde/themes/graphics/help_index.png200
202
2011-09-23T13:12:11.435532-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/alerts/message.png200
203
2011-09-23T13:12:11.435673-0700192.168.43.244www.epoca2011.org2095GET/horde/themes/graphics/alerts/message.png200
204
2011-09-23T13:12:11.436259-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/edit.png200
205
2011-09-23T13:12:11.437486-0700172.16.0.2www.epoca2011.org2095GET/horde/imp/themes/graphics/newmail.png200
206
2011-09-23T13:12:11.470117-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/tree/join.png200
207
2011-09-23T13:12:11.470224-0700192.168.43.244www.epoca2011.org2095GET/horde/themes/graphics/tree/join.png200
208
2011-09-23T13:12:12.049489-0700172.16.0.2www.epoca2011.org2095GET/horde/imp/themes/graphics/compose.png200
209
2011-09-23T13:12:12.049636-0700192.168.43.244www.epoca2011.org2095GET/horde/imp/themes/graphics/compose.png200
210
2011-09-23T13:12:12.050244-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/search.png200
211
2011-09-23T13:12:12.164682-0700172.16.0.2www.epoca2011.org2095GET/horde/imp/themes/graphics/folders/folder.png200
212
2011-09-23T13:12:12.190404-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/tree/joinbottom.png200
213
2011-09-23T13:12:12.190517-0700192.168.43.244www.epoca2011.org2095GET/horde/themes/graphics/tree/joinbottom.png200
214
2011-09-23T13:12:12.665346-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/organizing.png200
215
2011-09-23T13:12:12.665459-0700192.168.43.244www.epoca2011.org2095GET/horde/themes/graphics/organizing.png200
216
2011-09-23T13:12:12.666048-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/tree/plus.png200
217
2011-09-23T13:12:12.666333-0700172.16.0.2www.epoca2011.org2095GET/horde/turba/themes/graphics/menu/new.png200
218
2011-09-23T13:12:12.667558-0700172.16.0.2www.epoca2011.org2095GET/horde/turba/themes/graphics/menu/browse.png200
219
2011-09-23T13:12:12.667688-0700192.168.43.244www.epoca2011.org2095GET/horde/turba/themes/graphics/menu/browse.png200
220
2011-09-23T13:12:13.278336-0700172.16.0.2www.epoca2011.org2095GET/horde/kronolith/themes/graphics/dayview.png200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 5
Showing 1-5 of 5 items.
#
TimestampSourceDestinationEmail FromEmail ToSubject
1
2013-08-22T12:17:56.649185-0700192.168.0.4212.227.15.167DI <digitalinvestigator@networksims.com>w.buchanan@napier.ac.ukTesting
2
2014-01-06T13:20:26.759146-0800192.168.47.171192.168.47.134"Bill" <w.buchanan@napier.ac.uk><test@home.com>Test
3
2015-12-29T11:13:51.630178-0800172.16.16.221172.16.16.231Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
4
2015-12-29T11:14:08.908722-0800172.16.16.225172.16.16.221Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
5
2017-07-02T15:20:34.040092-0700172.16.16.225172.16.16.221(not set)(not set)(not set)
Flow 1143
Showing 1-20 of 1,143 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2002-07-25T23:19:03.543641-070047072469784406flow10.1.3.143500010.1.6.182006UDPpcapanalyzer
2
2005-01-14T09:58:05.638272-0800161030837428135flow10.1.6.18200710.1.3.1435001UDPpcapanalyzer
3
2005-01-14T09:58:05.638272-080047072469838750flow10.1.6.18200610.1.3.1435000UDPpcapanalyzer
4
2005-01-14T09:58:05.638272-08001672288094489009flow10.1.3.1433280310.1.6.181720TCPpcapanalyzer
5
2005-01-14T09:58:05.638272-08002108609527171034flow10.1.3.1433280410.1.6.181232TCPpcapanalyzer
6
2005-07-16T07:29:32.065625-0700140879359696387flow200.57.7.2044338200.57.7.19480TCPpcapanalyzer
7
2005-07-16T07:29:32.065625-07002113396778721426flow200.57.7.20230000200.57.7.19640362UDPpcapanalyzer
8
2005-07-16T07:29:32.065625-0700990073852147903flow200.57.7.2044573200.57.7.19480TCPpcapanalyzer
9
2005-07-16T07:29:32.065625-07001694087709946134flow200.57.7.1972428200.57.7.1992424UDPpcapanalyzer
10
2005-07-16T07:29:32.065625-07001413372943574856flow200.57.7.2054314200.73.183.213110TCPpcapanalyzer
11
2005-07-16T07:29:32.065625-0700991209869738086flow200.57.7.2044558200.57.7.19480TCPpcapanalyzer
12
2005-07-16T07:29:32.065625-07001977435293762074flow200.57.7.2041047207.46.107.1651863TCPpcapanalyzer
13
2005-07-16T07:29:32.065625-0700713703442857994flow200.57.7.2044565200.57.7.19480TCPpcapanalyzer
14
2005-07-16T07:29:32.065625-070016550794046159flow200.57.7.1952427200.57.7.2029693UDPpcapanalyzer
15
2005-07-16T07:29:32.065625-070016576563584556flow200.57.7.2044559200.57.7.19480TCPpcapanalyzer
16
2005-07-16T07:29:32.065625-07002133007598353108flow200.57.7.19523200.57.7.2053432TCPpcapanalyzer
17
2005-07-16T07:29:32.065625-07001571421296763843flow200.57.7.2044563200.57.7.19480TCPpcapanalyzer
18
2005-07-16T07:29:32.065625-07001011138518113258flow200.57.7.2044218200.57.7.19480TCPpcapanalyzer
19
2005-07-16T07:29:32.065625-07001856065959173428flow200.57.7.2044556200.57.7.19480TCPpcapanalyzer
20
2005-07-16T07:29:32.065625-07001293255592435337flow200.57.7.2044372200.57.7.19480TCPpcapanalyzer
File 670
Showing 1-20 of 670 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2005-01-14T09:58:07.321966-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators160
2
2005-01-14T09:58:05.638272-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
3
2005-01-14T09:58:07.444067-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
4
2005-01-14T09:58:07.444203-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
5
2005-01-14T09:58:07.754777-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators199
6
2005-01-14T09:58:05.679991-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators292
7
2005-01-14T09:58:07.324482-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators1147
8
2005-01-14T09:58:07.756923-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators382
9
2005-01-14T09:58:07.945685-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
10
2005-01-14T09:58:07.945728-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
11
2005-01-14T09:58:07.945874-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
12
2005-01-14T09:58:07.444128-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
13
2005-01-14T09:58:05.712327-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators4748
14
2005-01-14T09:58:07.828071-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators160
15
2005-01-14T09:58:07.830220-0800200.57.7.194200.57.7.204/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators1147
16
2005-01-14T09:58:07.845352-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
17
2005-01-14T09:58:05.838948-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
18
2005-01-14T09:58:07.945802-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
19
2005-01-14T09:58:10.854970-0800200.57.7.194200.57.7.204/cems/META-INF/services/javax.xml.parsers.SAXParserFactoryHTML document, ASCII text1157
20
2005-01-14T09:58:07.490456-0800200.57.7.204200.57.7.194/cems/applets/serviceRouterXML 1.0 document, ASCII text, with CRLF, LF line terminators160

Comments(not set)

Update Download PCAP Delete