test.pcap

MD5	aba052f46d037e8186a75d8c00abdb17
Submission Date	2021-11-23 10:09:02
Tags	(not set)

Alert 0

#		Timestamp	Src Ip	Dest Ip	Alert Signature	P
No results found.

DNS 197

Showing 1-20 of 197 items.

Timestamp

Src Ip

Dest Ip

Dns Type

Resource Record Name

Resource Record Type

Resource Data

2019-06-19T16:46:25.852326-0700

10.0.2.15

192.168.1.1

query

dt.adsafeprotected.com

(not set)

2019-06-19T16:46:25.852560-0700

10.0.2.15

192.168.1.1

query

dt.adsafeprotected.com

(not set)

2019-06-19T16:46:25.852402-0700

10.0.2.15

192.168.1.1

query

dt.adsafeprotected.com

AAAA

(not set)

2019-06-19T16:46:25.923909-0700

192.168.1.1

10.0.2.15

answer

dt.adsafeprotected.com

AAAA

(not set)

2019-06-19T16:46:25.931468-0700

192.168.1.1

10.0.2.15

answer

dt.adsafeprotected.com

(not set)

2019-06-19T16:46:29.592129-0700

10.0.2.15

192.168.1.1

query

getpocket.cdn.mozilla.net

(not set)

2019-06-19T16:46:29.592210-0700

10.0.2.15

192.168.1.1

query

getpocket.cdn.mozilla.net

AAAA

(not set)

2019-06-19T16:46:25.925620-0700

192.168.1.1

10.0.2.15

answer

dt.adsafeprotected.com

(not set)

2019-06-19T16:46:29.348433-0700

10.0.2.15

192.168.1.1

query

detectportal.firefox.com

(not set)

2019-06-19T16:46:29.348509-0700

10.0.2.15

192.168.1.1

query

detectportal.firefox.com

AAAA

(not set)

2019-06-19T16:46:29.619404-0700

192.168.1.1

10.0.2.15

answer

getpocket.cdn.mozilla.net

(not set)

2019-06-19T16:46:29.381889-0700

192.168.1.1

10.0.2.15

answer

detectportal.firefox.com

(not set)

2019-06-19T16:46:29.382291-0700

192.168.1.1

10.0.2.15

answer

detectportal.firefox.com

AAAA

(not set)

2019-06-19T16:46:29.783011-0700

10.0.2.15

192.168.1.1

query

ocsp.digicert.com

(not set)

2019-06-19T16:46:29.783091-0700

10.0.2.15

192.168.1.1

query

ocsp.digicert.com

AAAA

(not set)

2019-06-19T16:46:29.814626-0700

192.168.1.1

10.0.2.15

answer

ocsp.digicert.com

(not set)

2019-06-19T16:46:29.816515-0700

192.168.1.1

10.0.2.15

answer

ocsp.digicert.com

AAAA

(not set)

2019-06-19T16:46:30.487336-0700

10.0.2.15

192.168.1.1

query

kali.training

(not set)

2019-06-19T16:46:30.487380-0700

10.0.2.15

192.168.1.1

query

kali.training

AAAA

(not set)

2019-06-19T16:46:30.564081-0700

10.0.2.15

192.168.1.1

query

bugs.kali.org

(not set)

TLS 39

Showing 21-39 of 39 items.

Timestamp

Source IP

Destination IP

TLS Version

Server Name Indication

2019-06-19T16:47:48.199827-0700

10.0.2.15

104.244.36.20

TLS 1.2

dt.adsafeprotected.com

2019-06-19T16:47:46.817808-0700

10.0.2.15

23.216.158.228

TLS 1.2

www.amazon.com

2019-06-19T16:47:49.082927-0700

10.0.2.15

54.209.3.185

TLS 1.2

fls-na.amazon.com

2019-06-19T16:47:53.810795-0700

10.0.2.15

199.166.0.32

TLS 1.2

static.adsafeprotected.com

2019-06-19T16:47:47.045322-0700

10.0.2.15

96.6.22.147

TLS 1.2

sb.scorecardresearch.com

2019-06-19T16:47:47.237982-0700

10.0.2.15

199.166.0.32

TLS 1.2

static.adsafeprotected.com

2019-06-19T16:47:47.302198-0700

10.0.2.15

199.166.0.200

TLS 1.2

sc.iasds01.com

2019-06-19T16:47:45.628656-0700

10.0.2.15

99.84.103.137

TLS 1.2

ia.media-imdb.com

2019-06-19T16:47:45.629750-0700

10.0.2.15

99.84.103.137

TLS 1.2

images-na.ssl-images-amazon.com

2019-06-19T16:47:48.943238-0700

10.0.2.15

54.209.3.185

TLS 1.2

fls-na.amazon.com

2019-06-19T16:47:45.727644-0700

10.0.2.15

99.84.103.137

TLS 1.2

m.media-amazon.com

2019-06-19T16:47:48.959320-0700

10.0.2.15

54.209.3.185

TLS 1.2

fls-na.amazon.com

2019-06-19T16:47:45.852614-0700

10.0.2.15

52.46.157.171

TLS 1.2

aax-us-east.amazon-adsystem.com

2019-06-19T16:47:54.813811-0700

10.0.2.15

104.244.36.20

TLS 1.2

dt.adsafeprotected.com

2019-06-19T16:47:46.065632-0700

10.0.2.15

199.166.0.26

TLS 1.2

pixel.adsafeprotected.com

2019-06-19T16:47:46.101842-0700

10.0.2.15

54.210.128.24

TLS 1.2

www.zergnet.com

2019-06-19T16:47:46.532592-0700

10.0.2.15

54.210.128.24

TLS 1.2

www.zergnet.com

2019-06-19T16:47:47.877949-0700

10.0.2.15

99.84.104.124

TLS 1.2

img2.zergnet.com

2019-06-19T16:47:47.878407-0700

10.0.2.15

99.84.104.124

TLS 1.2

img2.zergnet.com

TFTP 0

#	Timestamp	Src Ip	Dest Ip	Tftp Packet	Tftp File	Tftp Mode
No results found.

HTTP 15

Showing 1-15 of 15 items.

Timestamp

Source

Hostname

Port

Method

URL

Status

2019-06-19T16:46:29.464747-0700

10.0.2.15

detectportal.firefox.com

GET

/success.txt

200

2019-06-19T16:46:38.145783-0700

10.0.2.15

example.com

GET

/favicon.ico

404

2019-06-19T16:46:29.935723-0700

10.0.2.15

ocsp.digicert.com

POST

200

2019-06-19T16:46:29.922104-0700

10.0.2.15

ocsp.digicert.com

POST

200

2019-06-19T16:47:21.078452-0700

10.0.2.15

ocsp.pki.goog

POST

/GTSGIAG3

200

2019-06-19T16:47:29.380629-0700

10.0.2.15

detectportal.firefox.com

GET

/success.txt

200

2019-06-19T16:47:46.521196-0700

10.0.2.15

ocsp.godaddy.com

POST

200

2019-06-19T16:47:49.723378-0700

10.0.2.15

ocsp.sca1b.amazontrust.com

POST

200

2019-06-19T16:47:46.093702-0700

10.0.2.15

ocsp.comodoca.com

POST

200

2019-06-19T16:47:46.128221-0700

10.0.2.15

ocsp.comodoca.com

POST

200

2019-06-19T16:47:47.240903-0700

10.0.2.15

ocsp.pki.goog

POST

/GTSGIAG3

200

2019-06-19T16:47:47.409542-0700

10.0.2.15

ocsp.comodoca.com

POST

200

2019-06-19T16:47:49.182946-0700

10.0.2.15

ocsp.sca1b.amazontrust.com

POST

200

2019-06-19T16:47:49.224142-0700

10.0.2.15

ocsp.sca1b.amazontrust.com

POST

200

2019-06-19T16:48:01.798512-0700

10.0.2.15

example.com

GET

/favicon.ico

(not set)

SMB 0

#		Timestamp	Src Ip	Dest Ip	SMB Dialect	Command	Session	Tree
No results found.

SMTP 0

#		Timestamp	Source	Destination	Email From	Email To	Subject
No results found.

Flow 111

Showing 1-20 of 111 items.

Timestamp

Flow Id

Event Type

Source

Source Port

Destination

Destination Port

Protocol

Host

2019-06-19T16:46:29.464747-0700

760770934669670

flow

10.0.2.15

58576

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:46:29.464747-0700

1798404968670355

flow

10.0.2.15

50242

54.85.102.159

443

TCP

pcapanalyzer

2019-06-19T16:46:29.464747-0700

124398515323472

flow

10.0.2.15

57283

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:46:29.464747-0700

138756591257857

flow

10.0.2.15

40391

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

844767615343136

flow

10.0.2.15

43670

99.84.103.137

443

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

1412381903454182

flow

10.0.2.15

59826

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

1696085968017729

flow

10.0.2.15

43688

99.84.103.137

443

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

993403544155268

flow

10.0.2.15

38648

93.184.216.34

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

1416822899557220

flow

10.0.2.15

60850

172.217.7.131

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

150524806605429

flow

10.0.2.15

33017

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

715854167348672

flow

10.0.2.15

38646

93.184.216.34

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

1279242211980445

flow

10.0.2.15

58746

99.84.103.251

443

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

2125239095259811

flow

10.0.2.15

34181

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

296308881609503

flow

10.0.2.15

39821

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

719736817490801

flow

10.0.2.15

38322

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

1845928786920331

flow

10.0.2.15

58742

99.84.103.251

443

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

1848583076776435

flow

10.0.2.15

38228

192.168.1.1

UDP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

20580571113605

flow

10.0.2.15

33292

52.94.232.32

443

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

166021048672702

flow

10.0.2.15

45000

199.166.0.26

443

TCP

pcapanalyzer

2019-06-19T16:48:01.798512-0700

729164270702640

flow

10.0.2.15

39540

192.168.1.1

UDP

pcapanalyzer

File 26

Showing 1-20 of 26 items.

Timestamp

Source

Destination

File Name

File Magic

File Size

2019-06-19T16:46:29.875635-0700

10.0.2.15

72.21.91.29

data

2019-06-19T16:46:38.145783-0700

93.184.216.34

10.0.2.15

/favicon.ico

HTML document, ASCII text

1270

2019-06-19T16:46:29.464747-0700

204.237.142.121

10.0.2.15

/success.txt

ASCII text

2019-06-19T16:46:29.935723-0700

72.21.91.29

10.0.2.15

data

471

2019-06-19T16:46:29.872686-0700

10.0.2.15

72.21.91.29

data

2019-06-19T16:46:29.922104-0700

72.21.91.29

10.0.2.15

data

471

2019-06-19T16:47:20.996668-0700

10.0.2.15

172.217.5.227

/GTSGIAG3

data

2019-06-19T16:47:21.078452-0700

172.217.5.227

10.0.2.15

/GTSGIAG3

data

471

2019-06-19T16:47:29.380629-0700

204.237.142.121

10.0.2.15

/success.txt

ASCII text

2019-06-19T16:47:46.399905-0700

10.0.2.15

72.167.239.239

data

2019-06-19T16:47:46.521196-0700

72.167.239.239

10.0.2.15

data

1778

2019-06-19T16:47:49.107849-0700

10.0.2.15

99.84.106.60

data

2019-06-19T16:47:49.723378-0700

99.84.106.60

10.0.2.15

data

471

2019-06-19T16:47:46.057442-0700

10.0.2.15

151.139.128.14

data

2019-06-19T16:47:46.093702-0700

151.139.128.14

10.0.2.15

data

471

2019-06-19T16:47:46.094516-0700

10.0.2.15

151.139.128.14

data

2019-06-19T16:47:46.128221-0700

151.139.128.14

10.0.2.15

data

471

2019-06-19T16:47:47.191889-0700

10.0.2.15

172.217.7.131

/GTSGIAG3

data

2019-06-19T16:47:47.240903-0700

172.217.7.131

10.0.2.15

/GTSGIAG3

data

471

2019-06-19T16:47:47.308817-0700

10.0.2.15

151.139.128.14

data

Comments	(not set)

Update Download PCAP Delete