merged.pcap

MD51cd1ea56484846142e58015720fa6d34
Submission Date2021-11-22 18:29:01
Tags(not set)
Alert 35
Showing 1-20 of 35 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2005-01-14T09:58:08.905094-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
2
2005-01-14T09:58:14.907941-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
3
2005-01-14T09:58:20.913970-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
4
2005-05-06T02:42:14.364705-0700192.168.1.14207.46.108.59GPL CHAT MSN user search*
5
2005-05-06T02:43:13.717249-0700192.168.1.14207.46.108.59GPL CHAT MSN user search*
6
2006-08-25T12:36:08.782873-0700192.168.1.2212.72.49.131ET CHAT Skype VOIP Checking Version (Startup)*
7
2006-08-25T12:32:21.808007-0700192.168.1.2212.72.49.131ET CHAT Skype VOIP Checking Version (Startup)*
8
2006-08-25T12:34:05.096863-0700192.168.1.269.114.183.8ET P2P Kazaa over UDP*
9
2011-09-23T13:11:59.760293-0700172.16.0.266.147.240.170ET POLICY HTTP POST contains pass= in cleartext*
10
2011-09-23T13:11:59.760432-0700192.168.43.24466.147.240.170ET POLICY HTTP POST contains pass= in cleartext*
11
2017-07-02T15:20:34.110081-0700192.168.0.106255.255.255.255ET POLICY Dropbox Client Broadcasting*
12
2017-07-02T15:20:24.944089-0700192.168.0.106109.173.11.109ET P2P BitTorrent DHT ping request*
13
2018-08-13T06:34:37.241599-070010.21.1.4546.10.22.5ET P2P BitTorrent DHT ping request*
14
2018-08-13T06:34:57.053088-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
15
2018-08-13T06:55:42.881285-070010.21.1.88216.58.202.14ET POLICY Python-urllib/ Suspicious User Agent*
16
2018-08-13T06:55:43.231299-070010.21.1.88172.217.29.132ET POLICY Python-urllib/ Suspicious User Agent*
17
2018-08-13T06:55:47.291301-070010.21.1.88110.52.23.134ET P2P BitTorrent DHT ping request*
18
2018-08-13T06:34:36.788379-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
19
2018-08-13T06:56:03.244116-070010.21.1.88172.217.29.142ET POLICY Python-urllib/ Suspicious User Agent*
20
2018-08-13T06:34:37.049607-070010.21.1.45172.217.30.100ET POLICY Python-urllib/ Suspicious User Agent*
DNS 1374
Showing 181-200 of 1,374 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
181
2006-08-25T12:32:23.142566-0700192.168.1.2192.168.1.1queryb-248-49.dsl.kpy.customers.dnainternet.fiA(not set)
182
2006-08-25T12:32:23.142598-0700192.168.1.2192.168.1.1querycpe-66-67-61-44.rochester.res.rr.comA(not set)
183
2006-08-25T12:32:23.142633-0700192.168.1.2192.168.1.1querystudent-halls-boddington-pc125-169.leeds.ac.ukA(not set)
184
2006-08-25T12:32:23.142666-0700192.168.1.2192.168.1.1queryCPE0016ec35ac27-CM00159a41912e.cpe.net.cable.rogers.comA(not set)
185
2006-08-25T12:32:23.142698-0700192.168.1.2192.168.1.1queryc-24-61-5-13.hsd1.ma.comcast.netA(not set)
186
2006-08-25T12:32:23.142730-0700192.168.1.2192.168.1.1queryadsl-145-3-159.mia.bellsouth.netA(not set)
187
2006-08-25T12:32:23.148362-0700192.168.1.1192.168.1.2answerip-83-147-171-206.lmk.metro.digiweb.ieA(not set)
188
2006-08-25T12:32:23.151537-0700192.168.1.1192.168.1.2answerlns-bzn-30-82-253-163-244.adsl.proxad.netA(not set)
189
2006-08-25T12:32:23.154559-0700192.168.1.1192.168.1.2answerACCFBED9.ipt.aol.comA(not set)
190
2006-08-25T12:32:23.157689-0700192.168.1.1192.168.1.2answeraapm219.neoplus.adsl.tpnet.plA(not set)
191
2006-08-25T12:32:23.160889-0700192.168.1.1192.168.1.2answerIGLD-83-130-238-168.inter.net.ilA(not set)
192
2006-08-25T12:32:23.163933-0700192.168.1.1192.168.1.2answercpe-24-242-109-92.sport.res.rr.comA(not set)
193
2006-08-25T12:32:23.167232-0700192.168.1.1192.168.1.2answerc-67-190-60-125.hsd1.co.comcast.netA(not set)
194
2006-08-25T12:32:23.170486-0700192.168.1.1192.168.1.2answerb-248-49.dsl.kpy.customers.dnainternet.fiA(not set)
195
2006-08-25T12:32:23.174175-0700192.168.1.1192.168.1.2answercpe-66-67-61-44.rochester.res.rr.comA(not set)
196
2006-08-25T12:32:23.177409-0700192.168.1.1192.168.1.2answerstudent-halls-boddington-pc125-169.leeds.ac.ukA(not set)
197
2006-08-25T12:32:23.180891-0700192.168.1.1192.168.1.2answerCPE0016ec35ac27-CM00159a41912e.cpe.net.cable.rogers.comA(not set)
198
2006-08-25T12:32:23.184059-0700192.168.1.1192.168.1.2answerc-24-61-5-13.hsd1.ma.comcast.netA(not set)
199
2006-08-25T12:32:23.187432-0700192.168.1.1192.168.1.2answeradsl-145-3-159.mia.bellsouth.netA(not set)
200
2006-08-25T12:32:23.190774-0700192.168.1.1192.168.1.2answer82.221.107.24.in-addr.arpaPTR(not set)
TLS 64
Showing 21-40 of 64 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
21
2017-07-02T15:21:04.032076-0700192.168.0.106172.217.29.100TLS 1.2www.google.com
22
2017-07-02T15:21:04.229842-0700192.168.0.106172.217.29.99TLS 1.2www.gstatic.com
23
2017-07-02T15:21:05.047927-0700192.168.0.106172.217.29.99TLS 1.2www.gstatic.com
24
2017-07-02T15:21:05.047548-0700192.168.0.106172.217.29.99TLS 1.2www.gstatic.com
25
2018-08-13T06:34:39.339907-070010.21.1.45144.76.96.212TLS 1.2stat.s3blog.org
26
2018-08-13T06:34:41.360026-070010.21.1.45138.201.253.2TLS 1.2crvtck.com
27
2018-08-13T06:55:40.576551-070010.21.1.88172.217.29.138TLS 1.2fonts.googleapis.com
28
2018-08-13T06:55:40.999055-070010.21.1.88144.76.96.212TLS 1.2stat.s3blog.org
29
2018-08-13T06:55:41.434097-070010.21.1.88172.217.29.138TLS 1.2translate.googleapis.com
30
2018-08-13T06:55:41.437212-070010.21.1.88172.217.29.138TLS 1.2translate.googleapis.com
31
2018-08-13T06:55:41.437400-070010.21.1.88172.217.29.138TLS 1.2translate.googleapis.com
32
2018-08-13T06:55:41.437770-070010.21.1.88172.217.29.138TLS 1.2translate.googleapis.com
33
2018-08-13T06:55:41.782509-070010.21.1.88172.217.29.131TLS 1.2www.gstatic.com
34
2018-08-13T06:55:41.782796-070010.21.1.88172.217.29.131TLS 1.2www.gstatic.com
35
2018-08-13T06:55:41.812120-070010.21.1.88172.217.29.131TLS 1.2www.gstatic.com
36
2018-08-13T06:56:10.533728-070010.21.1.88144.76.96.212TLS 1.2stat.s3blog.org
37
2018-08-20T11:10:04.842916-070010.21.1.98216.58.202.110TLS 1.2translate.google.com
38
2018-08-20T11:10:04.888246-070010.21.1.9854.244.7.9TLS 1.2tiles.services.mozilla.com
39
2018-08-20T11:10:05.544852-070010.21.1.9854.230.59.226TLS 1.2tiles-cloudfront.cdn.mozilla.net
40
2018-08-20T11:10:06.310907-070010.21.1.98216.58.202.110TLS 1.2safebrowsing.google.com
TFTP 1
Showing 1-1 of 1 item.
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
12013-05-01T05:24:11.972852-0700192.168.0.253192.168.0.10readrfc1350.txtoctet
HTTP 670
Showing 121-140 of 670 items.
#
TimestampSourceHostnamePortMethodURLStatus
121
2011-09-23T13:12:08.057382-0700192.168.43.244www.epoca2011.org2095GET/horde/login.php?frameset_loaded=1200
122
2011-09-23T13:12:08.057514-0700192.168.43.244www.epoca2011.org2095GET/horde/services/javascript.php?file=tree.js&app=horde200
123
2011-09-23T13:12:08.669845-0700172.16.0.2www.epoca2011.org2095GET/horde/imp/themes/screen.css200
124
2011-09-23T13:12:09.594238-0700172.16.0.2www.epoca2011.org2095GET/horde/turba/themes/screen.css200
125
2011-09-23T13:12:09.010240-0700192.168.43.244www.epoca2011.org2095GET/horde/kronolith/themes/screen.css200
126
2011-09-23T13:12:08.669986-0700192.168.43.244www.epoca2011.org2095GET/horde/imp/themes/screen.css200
127
2011-09-23T13:12:09.612845-0700172.16.0.2www.epoca2011.org2095GET/horde/js/popup.js200
128
2011-09-23T13:12:09.019992-0700192.168.43.244www.epoca2011.org2095GET/horde/kronolith/themes/bluewhite/screen.css200
129
2011-09-23T13:12:08.976589-0700172.16.0.2www.epoca2011.org2095GET/horde/imp/themes/bluewhite/screen.css200
130
2011-09-23T13:12:10.207982-0700172.16.0.2www.epoca2011.org2095GET/horde/imp/themes/graphics/imp.png200
131
2011-09-23T13:12:09.070739-0700192.168.43.244www.epoca2011.org2095GET/horde/ingo/themes/screen.css200
132
2011-09-23T13:12:08.976734-0700192.168.43.244www.epoca2011.org2095GET/horde/imp/themes/bluewhite/screen.css200
133
2011-09-23T13:12:09.131542-0700192.168.43.244www.epoca2011.org2095GET/horde/nag/themes/screen.css200
134
2011-09-23T13:12:09.010112-0700172.16.0.2www.epoca2011.org2095GET/horde/kronolith/themes/screen.css200
135
2011-09-23T13:12:10.211389-0700172.16.0.2www.epoca2011.org2095GET/horde/mimp/themes/graphics/mimp.png200
136
2011-09-23T13:12:09.594200-0700192.168.43.244www.epoca2011.org2095GET/horde/mnemo/themes/bluewhite/screen.css200
137
2011-09-23T13:12:10.824160-0700172.16.0.2www.epoca2011.org2095GET/horde/nag/themes/graphics/nag.png200
138
2011-09-23T13:12:09.070603-0700172.16.0.2www.epoca2011.org2095GET/horde/ingo/themes/screen.css200
139
2011-09-23T13:12:09.594322-0700192.168.43.244www.epoca2011.org2095GET/horde/turba/themes/screen.css200
140
2011-09-23T13:12:10.825773-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/prefs.png200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 5
Showing 1-5 of 5 items.
#
TimestampSourceDestinationEmail FromEmail ToSubject
1
2013-08-22T12:17:56.649185-0700192.168.0.4212.227.15.167DI <digitalinvestigator@networksims.com>w.buchanan@napier.ac.ukTesting
2
2014-01-06T13:20:26.759146-0800192.168.47.171192.168.47.134"Bill" <w.buchanan@napier.ac.uk><test@home.com>Test
3
2015-12-29T11:13:51.630178-0800172.16.16.221172.16.16.231Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
4
2015-12-29T11:14:08.908722-0800172.16.16.225172.16.16.221Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
5
2017-07-02T15:20:34.040092-0700172.16.16.225172.16.16.221(not set)(not set)(not set)
Flow 1143
Showing 1-20 of 1,143 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2002-07-25T23:19:03.543641-070047072469784406flow10.1.3.143500010.1.6.182006UDPpcapanalyzer
2
2005-01-14T09:58:05.638272-0800161030837428135flow10.1.6.18200710.1.3.1435001UDPpcapanalyzer
3
2005-01-14T09:58:05.638272-080047072469838750flow10.1.6.18200610.1.3.1435000UDPpcapanalyzer
4
2005-01-14T09:58:05.638272-08001672288094489009flow10.1.3.1433280310.1.6.181720TCPpcapanalyzer
5
2005-01-14T09:58:05.638272-08002108609527171034flow10.1.3.1433280410.1.6.181232TCPpcapanalyzer
6
2005-07-16T07:29:32.065625-0700140879359696387flow200.57.7.2044338200.57.7.19480TCPpcapanalyzer
7
2005-07-16T07:29:32.065625-07002113396778721426flow200.57.7.20230000200.57.7.19640362UDPpcapanalyzer
8
2005-07-16T07:29:32.065625-0700990073852147903flow200.57.7.2044573200.57.7.19480TCPpcapanalyzer
9
2005-07-16T07:29:32.065625-07001694087709946134flow200.57.7.1972428200.57.7.1992424UDPpcapanalyzer
10
2005-07-16T07:29:32.065625-07001413372943574856flow200.57.7.2054314200.73.183.213110TCPpcapanalyzer
11
2005-07-16T07:29:32.065625-0700991209869738086flow200.57.7.2044558200.57.7.19480TCPpcapanalyzer
12
2005-07-16T07:29:32.065625-07001977435293762074flow200.57.7.2041047207.46.107.1651863TCPpcapanalyzer
13
2005-07-16T07:29:32.065625-0700713703442857994flow200.57.7.2044565200.57.7.19480TCPpcapanalyzer
14
2005-07-16T07:29:32.065625-070016550794046159flow200.57.7.1952427200.57.7.2029693UDPpcapanalyzer
15
2005-07-16T07:29:32.065625-070016576563584556flow200.57.7.2044559200.57.7.19480TCPpcapanalyzer
16
2005-07-16T07:29:32.065625-07002133007598353108flow200.57.7.19523200.57.7.2053432TCPpcapanalyzer
17
2005-07-16T07:29:32.065625-07001571421296763843flow200.57.7.2044563200.57.7.19480TCPpcapanalyzer
18
2005-07-16T07:29:32.065625-07001011138518113258flow200.57.7.2044218200.57.7.19480TCPpcapanalyzer
19
2005-07-16T07:29:32.065625-07001856065959173428flow200.57.7.2044556200.57.7.19480TCPpcapanalyzer
20
2005-07-16T07:29:32.065625-07001293255592435337flow200.57.7.2044372200.57.7.19480TCPpcapanalyzer
File 670
Showing 141-160 of 670 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
141
2011-09-23T13:12:09.010112-070066.147.240.170172.16.0.2/horde/kronolith/themes/screen.cssassembler source, ASCII text8527
142
2011-09-23T13:12:09.594200-070066.147.240.170192.168.43.244/horde/mnemo/themes/bluewhite/screen.cssASCII text135
143
2011-09-23T13:12:10.824160-070066.147.240.170172.16.0.2/horde/nag/themes/graphics/nag.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced532
144
2011-09-23T13:12:09.070603-070066.147.240.170172.16.0.2/horde/ingo/themes/screen.cssASCII text209
145
2011-09-23T13:12:09.594322-070066.147.240.170192.168.43.244/horde/turba/themes/screen.cssASCII text3092
146
2011-09-23T13:12:10.825773-070066.147.240.170172.16.0.2/horde/themes/graphics/prefs.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced333
147
2011-09-23T13:12:09.594375-070066.147.240.170192.168.43.244/horde/turba/themes/bluewhite/screen.cssASCII text135
148
2011-09-23T13:12:09.612966-070066.147.240.170192.168.43.244/horde/js/popup.jsASCII text, with very long lines, with no line terminators424
149
2011-09-23T13:12:10.208105-070066.147.240.170192.168.43.244/horde/themes/graphics/horde.pngPNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced488
150
2011-09-23T13:12:10.208164-070066.147.240.170192.168.43.244/horde/imp/themes/graphics/imp.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced334
151
2011-09-23T13:12:10.208215-070066.147.240.170192.168.43.244/horde/dimp/themes/graphics/dimp.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced334
152
2011-09-23T13:12:10.211495-070066.147.240.170192.168.43.244/horde/mimp/themes/graphics/mimp.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced306
153
2011-09-23T13:12:09.181431-070066.147.240.170172.16.0.2/horde/nag/themes/bluewhite/screen.cssASCII text133
154
2011-09-23T13:12:10.822553-070066.147.240.170192.168.43.244/horde/mnemo/themes/graphics/mnemo.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced564
155
2011-09-23T13:12:09.181552-070066.147.240.170192.168.43.244/horde/nag/themes/bluewhite/screen.cssASCII text133
156
2011-09-23T13:12:10.824275-070066.147.240.170192.168.43.244/horde/nag/themes/graphics/nag.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced532
157
2011-09-23T13:12:10.825329-070066.147.240.170192.168.43.244/horde/turba/themes/graphics/turba.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced393
158
2011-09-23T13:12:09.592855-070066.147.240.170172.16.0.2/horde/mnemo/themes/screen.cssASCII text3618
159
2011-09-23T13:12:10.825890-070066.147.240.170192.168.43.244/horde/themes/graphics/prefs.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced333
160
2011-09-23T13:12:11.436381-070066.147.240.170192.168.43.244/horde/themes/graphics/edit.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced585

Comments(not set)

Update Download PCAP Delete