merged.pcap

MD51cd1ea56484846142e58015720fa6d34
Submission Date2021-11-22 18:29:01
Tags(not set)
Alert 35
Showing 1-20 of 35 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2005-01-14T09:58:08.905094-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
2
2005-01-14T09:58:14.907941-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
3
2005-01-14T09:58:20.913970-0800200.57.7.20510.52.10.15GPL SNMP public access udp*
4
2005-05-06T02:42:14.364705-0700192.168.1.14207.46.108.59GPL CHAT MSN user search*
5
2005-05-06T02:43:13.717249-0700192.168.1.14207.46.108.59GPL CHAT MSN user search*
6
2006-08-25T12:36:08.782873-0700192.168.1.2212.72.49.131ET CHAT Skype VOIP Checking Version (Startup)*
7
2006-08-25T12:32:21.808007-0700192.168.1.2212.72.49.131ET CHAT Skype VOIP Checking Version (Startup)*
8
2006-08-25T12:34:05.096863-0700192.168.1.269.114.183.8ET P2P Kazaa over UDP*
9
2011-09-23T13:11:59.760293-0700172.16.0.266.147.240.170ET POLICY HTTP POST contains pass= in cleartext*
10
2011-09-23T13:11:59.760432-0700192.168.43.24466.147.240.170ET POLICY HTTP POST contains pass= in cleartext*
11
2017-07-02T15:20:34.110081-0700192.168.0.106255.255.255.255ET POLICY Dropbox Client Broadcasting*
12
2017-07-02T15:20:24.944089-0700192.168.0.106109.173.11.109ET P2P BitTorrent DHT ping request*
13
2018-08-13T06:34:37.241599-070010.21.1.4546.10.22.5ET P2P BitTorrent DHT ping request*
14
2018-08-13T06:34:57.053088-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
15
2018-08-13T06:55:42.881285-070010.21.1.88216.58.202.14ET POLICY Python-urllib/ Suspicious User Agent*
16
2018-08-13T06:55:43.231299-070010.21.1.88172.217.29.132ET POLICY Python-urllib/ Suspicious User Agent*
17
2018-08-13T06:55:47.291301-070010.21.1.88110.52.23.134ET P2P BitTorrent DHT ping request*
18
2018-08-13T06:34:36.788379-070010.21.1.45172.217.30.110ET POLICY Python-urllib/ Suspicious User Agent*
19
2018-08-13T06:56:03.244116-070010.21.1.88172.217.29.142ET POLICY Python-urllib/ Suspicious User Agent*
20
2018-08-13T06:34:37.049607-070010.21.1.45172.217.30.100ET POLICY Python-urllib/ Suspicious User Agent*
DNS 1374
Showing 1-20 of 1,374 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2005-07-16T07:29:32.596875-070081.131.67.131213.120.62.99queryftp.ipv6.uni-leipzig.deAAAA(not set)
2
2005-07-16T07:29:33.596875-070081.131.67.131213.120.62.99queryftp.ipv6.uni-leipzig.deAAAA(not set)
3
2005-07-16T07:29:34.596875-070081.131.67.131213.120.62.99queryftp.ipv6.uni-leipzig.deAAAA(not set)
4
2005-07-16T07:29:34.753125-0700213.120.62.9981.131.67.131answerftp.ipv6.uni-leipzig.deAAAA(not set)
5
2005-07-16T07:29:36.441602-0700213.120.62.9981.131.67.131answerftp.ipv6.uni-leipzig.deAAAA(not set)
6
2005-07-16T07:29:37.271680-0700213.120.62.9981.131.67.131answerftp.ipv6.uni-leipzig.deAAAA(not set)
7
2006-08-25T12:32:21.664799-0700192.168.1.2192.168.1.1queryui.skype.comA(not set)
8
2006-08-25T12:32:21.664914-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
9
2006-08-25T12:32:21.698599-0700192.168.1.1192.168.1.2answerui.skype.comA(not set)
10
2006-08-25T12:32:23.172938-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
11
2006-08-25T12:32:23.994435-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
12
2006-08-25T12:32:24.673656-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
13
2006-08-25T12:32:25.009057-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
14
2006-08-25T12:32:26.174411-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
15
2006-08-25T12:32:26.663468-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
16
2006-08-25T12:32:26.663826-0700192.168.1.2192.168.1.1queryui.skype.comAAAA(not set)
17
2006-08-25T12:32:27.152203-0700192.168.1.1192.168.1.2answerui.skype.comAAAA(not set)
18
2006-08-25T12:31:06.890652-0700192.168.1.2192.168.1.1query2.1.168.192.in-addr.arpaPTR(not set)
19
2006-08-25T12:31:06.890808-0700192.168.1.2192.168.1.1query114.214.204.212.in-addr.arpaPTR(not set)
20
2006-08-25T12:31:06.924944-0700192.168.1.1192.168.1.2answer2.1.168.192.in-addr.arpaPTR(not set)
TLS 64
Showing 1-20 of 64 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2017-07-02T15:20:34.279553-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
2
2017-07-02T15:20:33.559648-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
3
2017-07-02T15:20:36.867925-0700192.168.0.10654.187.128.85TLS 1.2oauth.accounts.firefox.com
4
2017-07-02T15:20:34.387320-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
5
2017-07-02T15:20:35.427278-0700192.168.0.106172.217.29.238TLS 1.2translate.google.com
6
2017-07-02T15:20:35.630035-0700192.168.0.10654.187.128.85TLS 1.2oauth.accounts.firefox.com
7
2017-07-02T15:20:37.615894-0700192.168.0.10654.192.226.174TLS 1.2snippets.cdn.mozilla.net
8
2017-07-02T15:20:37.624410-0700192.168.0.10654.69.106.30TLS 1.2accounts.firefox.com
9
2017-07-02T15:20:38.535015-0700192.168.0.10652.17.122.61TLS 1.2location.services.mozilla.com
10
2017-07-02T15:20:37.411042-0700192.168.0.106172.217.29.100TLS 1.2www.google.com
11
2017-07-02T15:20:37.605273-0700192.168.0.10654.192.226.174TLS 1.2snippets.cdn.mozilla.net
12
2017-07-02T15:20:40.202010-0700192.168.0.10635.160.100.86TLS 1.2addons.mozilla.org
13
2017-07-02T15:20:41.271164-0700192.168.0.10652.39.237.157TLS 1.2self-repair.mozilla.org
14
2017-07-02T15:20:38.534966-0700192.168.0.10654.69.106.30TLS 1.2accounts.firefox.com
15
2017-07-02T15:20:41.836615-0700192.168.0.10654.192.227.96TLS 1.2normandy-cloudfront.cdn.mozilla.net
16
2017-07-02T15:21:03.457984-0700192.168.0.106216.58.222.42TLS 1.2translate.googleapis.com
17
2017-07-02T15:21:04.527394-0700192.168.0.106172.217.29.99TLS 1.2www.gstatic.com
18
2017-07-02T15:21:19.971634-0700192.168.0.106172.217.29.110TLS 1.2sb-ssl.google.com
19
2017-07-02T15:21:03.143734-0700192.168.0.106216.58.222.42TLS 1.2translate.googleapis.com
20
2017-07-02T15:21:03.376975-0700192.168.0.106216.58.222.42TLS 1.2translate.googleapis.com
TFTP 1
Showing 1-1 of 1 item.
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
12013-05-01T05:24:11.972852-0700192.168.0.253192.168.0.10readrfc1350.txtoctet
HTTP 670
Showing 81-100 of 670 items.
#
TimestampSourceHostnamePortMethodURLStatus
81
2011-09-23T13:11:47.209231-0700172.16.0.2www.epoca2011.org2095GET/cPanel_magic_revision_58686618011.1752/branding/hostmonster/ui_sprites_bg_snap_to_smallest_width.png200
82
2011-09-23T13:11:55.459795-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/graphics/favicon.ico200
83
2011-09-23T13:11:55.459930-0700192.168.43.244www.epoca2011.org2095GET/horde/themes/graphics/favicon.ico200
84
2011-09-23T13:11:47.621113-0700192.168.43.244www.epoca2011.org2095GET/cPanel_magic_revision_1181099244/webmail/hostmonster/branding/responder.jpg200
85
2011-09-23T13:11:48.201405-0700172.16.0.2www.epoca2011.org2095GET/cPanel_magic_revision_38363069535.6975/branding/hostmonster/heading_sprites_compleximg.jpg200
86
2011-09-23T13:11:48.201508-0700192.168.43.244www.epoca2011.org2095GET/cPanel_magic_revision_38363069535.6975/branding/hostmonster/heading_sprites_compleximg.jpg200
87
2011-09-23T13:11:53.243423-0700172.16.0.2www.epoca2011.org2095GET/horde/themes/bluewhite/screen.css200
88
2011-09-23T13:11:54.235054-0700172.16.0.2www.epoca2011.org2095GET/horde/js/prototype.js200
89
2011-09-23T13:12:05.597573-0700172.16.0.2www.epoca2011.org2095GET/horde/services/portal/sidebar.php200
90
2011-09-23T13:11:33.956726-0700192.168.43.244www.epoca2011.org2095POST/login/301
91
2011-09-23T13:11:38.871063-0700192.168.43.244www.epoca2011.org2095GET/cPanel_magic_revision_1214446472/branding/hostmonster/local.css200
92
2011-09-23T13:12:00.374511-0700172.16.0.2www.epoca2011.org2095POST/horde/login.php302
93
2011-09-23T13:12:00.374646-0700192.168.43.244www.epoca2011.org2095POST/horde/login.php302
94
2011-09-23T13:11:39.652100-0700172.16.0.2www.epoca2011.org2095GET/cPanel_magic_revision_1264043643/webmail/hostmonster/branding/favicon.ico200
95
2011-09-23T13:11:39.652205-0700192.168.43.244www.epoca2011.org2095GET/cPanel_magic_revision_1264043643/webmail/hostmonster/branding/favicon.ico200
96
2011-09-23T13:12:01.910591-0700172.16.0.2www.epoca2011.org2095GET/horde/index.php200
97
2011-09-23T13:11:46.554524-0700192.168.43.244www.epoca2011.org2095GET/cPanel_magic_revision_1314052354/cjt/cpanel-all-min.js200
98
2011-09-23T13:11:46.555442-0700172.16.0.2www.epoca2011.org2095GET/cPanel_magic_revision_1314051927/webmail/hostmonster/js/x3_optimized.js200
99
2011-09-23T13:11:47.209370-0700192.168.43.244www.epoca2011.org2095GET/cPanel_magic_revision_58686618011.1752/branding/hostmonster/ui_sprites_bg_snap_to_smallest_width.png200
100
2011-09-23T13:11:47.649295-0700172.16.0.2www.epoca2011.org2095GET/cPanel_magic_revision_48139483185.8516/branding/hostmonster/heading_sprites_img.png200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 5
Showing 1-5 of 5 items.
#
TimestampSourceDestinationEmail FromEmail ToSubject
1
2013-08-22T12:17:56.649185-0700192.168.0.4212.227.15.167DI <digitalinvestigator@networksims.com>w.buchanan@napier.ac.ukTesting
2
2014-01-06T13:20:26.759146-0800192.168.47.171192.168.47.134"Bill" <w.buchanan@napier.ac.uk><test@home.com>Test
3
2015-12-29T11:13:51.630178-0800172.16.16.221172.16.16.231Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
4
2015-12-29T11:14:08.908722-0800172.16.16.225172.16.16.221Chris Sanders <sanders@skynet.local>Chris Sanders <sanders@cyberdyne.local>Help!
5
2017-07-02T15:20:34.040092-0700172.16.16.225172.16.16.221(not set)(not set)(not set)
Flow 1143
Showing 141-160 of 1,143 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
141
2006-08-25T12:31:20.388422-07001692894012207852flow81.131.67.13141730212.129.182.1846346UDPpcapanalyzer
142
2006-08-25T12:31:20.388422-0700145728681053367flow81.131.67.1314173086.193.209.22332186UDPpcapanalyzer
143
2006-08-25T12:31:20.388422-07001429262477109767flow81.131.67.13141730213.118.155.136346UDPpcapanalyzer
144
2006-08-25T12:31:20.388422-07001577410931500057flow81.131.67.1314173082.41.137.366346UDPpcapanalyzer
145
2006-08-25T12:31:20.388422-070044423287249933flow81.131.67.13141730219.52.36.7139218UDPpcapanalyzer
146
2006-08-25T12:31:20.388422-0700756947624073712flow81.131.67.13141730200.43.70.606346UDPpcapanalyzer
147
2006-08-25T12:31:20.388422-07002035799906640248flow81.131.67.1314173061.26.65.1456346UDPpcapanalyzer
148
2006-08-25T12:31:20.388422-07001067804471910690flow81.131.67.13141730217.136.191.586346UDPpcapanalyzer
149
2006-08-25T12:31:20.388422-0700505118659046654flow81.131.67.13141730212.87.122.2106346UDPpcapanalyzer
150
2006-08-25T12:31:20.388422-0700945812368418576flow81.131.67.13141730211.31.4.11139489UDPpcapanalyzer
151
2006-08-25T12:31:20.388422-07001656640193206333flow81.131.67.1314173085.216.130.1515180UDPpcapanalyzer
152
2006-08-25T12:31:20.388422-07002220002463512794flow81.131.67.1314173024.45.35.2286346UDPpcapanalyzer
153
2006-08-25T12:31:20.388422-07001375871738668816flow81.131.67.13141730210.80.167.1466346UDPpcapanalyzer
154
2006-08-25T12:31:20.388422-0700965884897929735flow81.131.67.1314173084.99.71.26346UDPpcapanalyzer
155
2006-08-25T12:31:20.388422-0700825926946188542flow81.131.67.1314173081.51.63.956346UDPpcapanalyzer
156
2006-08-25T12:31:20.388422-07001672716255801333flow81.131.67.1314173024.109.212.316346UDPpcapanalyzer
157
2006-08-25T12:31:20.388422-07001535333136954092flow81.131.67.1314173081.106.187.1986346UDPpcapanalyzer
158
2006-08-25T12:31:20.388422-07002098405496871732flow81.131.67.1314173081.63.55.15021939UDPpcapanalyzer
159
2006-08-25T12:31:20.388422-07001829826159262324flow81.59.142.167634681.131.67.13141730UDPpcapanalyzer
160
2006-08-25T12:31:20.388422-0700704151730998456flow81.131.67.1314173083.112.25.1726346UDPpcapanalyzer
File 670
Showing 81-100 of 670 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
81
2011-09-23T13:11:46.554377-070066.147.240.170172.16.0.2/cPanel_magic_revision_1314052354/cjt/cpanel-all-min.jsASCII text, with very long lines, with no line terminators158542
82
2011-09-23T13:11:46.556520-070066.147.240.170172.16.0.2/cPanel_magic_revision_1181099245/webmail/hostmonster/branding/ufiltering.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, frames 3685
83
2011-09-23T13:11:46.556684-070066.147.240.170192.168.43.244/cPanel_magic_revision_1181099245/webmail/hostmonster/branding/ufiltering.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, frames 3685
84
2011-09-23T13:11:46.657327-070066.147.240.170172.16.0.2/webmail/x3/images/squirrelmail_logo.gifGIF image data, version 89a, 150 x 483511
85
2011-09-23T13:11:53.620553-070066.147.240.170172.16.0.2/horde/themes/graphics/horde-power1.pngPNG image data, 84 x 31, 8-bit/color RGB, non-interlaced2259
86
2011-09-23T13:11:47.168837-070066.147.240.170172.16.0.2/cPanel_magic_revision_7645080595.11748/branding/hostmonster/heading_sprites_bg_snap_to_smallest_width.pngPNG image data, 11 x 138, 8-bit/color RGB, interlaced2669
87
2011-09-23T13:11:47.209231-070066.147.240.170172.16.0.2/cPanel_magic_revision_58686618011.1752/branding/hostmonster/ui_sprites_bg_snap_to_smallest_width.pngPNG image data, 1 x 2246, 8-bit/color RGB, interlaced808
88
2011-09-23T13:11:55.459795-070066.147.240.170172.16.0.2/horde/themes/graphics/favicon.icoMS Windows icon resource - 1 icon, 16x161150
89
2011-09-23T13:11:55.459930-070066.147.240.170192.168.43.244/horde/themes/graphics/favicon.icoMS Windows icon resource - 1 icon, 16x161150
90
2011-09-23T13:11:58.062475-0700192.168.43.24466.147.240.170/horde/login.phpASCII text, with no line terminators94
91
2011-09-23T13:11:58.062611-0700172.16.0.266.147.240.170/horde/login.phpASCII text, with no line terminators94
92
2011-09-23T13:11:47.621113-070066.147.240.170192.168.43.244/cPanel_magic_revision_1181099244/webmail/hostmonster/branding/responder.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 299x299, segment length 16, baseline, precision 8, 32x32, frames 3685
93
2011-09-23T13:11:48.201405-070066.147.240.170172.16.0.2/cPanel_magic_revision_38363069535.6975/branding/hostmonster/heading_sprites_compleximg.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", progressive, precision 8, 763x149, frames 327354
94
2011-09-23T13:11:48.201508-070066.147.240.170192.168.43.244/cPanel_magic_revision_38363069535.6975/branding/hostmonster/heading_sprites_compleximg.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", progressive, precision 8, 763x149, frames 327354
95
2011-09-23T13:11:53.243423-070066.147.240.170172.16.0.2/horde/themes/bluewhite/screen.cssASCII text3210
96
2011-09-23T13:11:54.235054-070066.147.240.170172.16.0.2/horde/js/prototype.jsASCII text, with very long lines, with no line terminators81469
97
2011-09-23T13:12:05.597573-070066.147.240.170172.16.0.2/horde/services/portal/sidebar.phpHTML document, ASCII text, with very long lines11433
98
2011-09-23T13:11:33.750856-0700192.168.43.24466.147.240.170/login/ASCII text, with no line terminators109
99
2011-09-23T13:11:33.956726-070066.147.240.170192.168.43.244/login/HTML document, ASCII text153
100
2011-09-23T13:11:38.871063-070066.147.240.170192.168.43.244/cPanel_magic_revision_1214446472/branding/hostmonster/local.cssASCII text2158

Comments(not set)

Update Download PCAP Delete