A1_Net_Traffic.pcap

MD553f70f5267e567200430521cb430d505
Submission Date2019-08-17 08:37:28
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-07-17T20:53:56.315454-070010.110.1.3710.110.3.255ET POLICY Spotify P2P Client*
DNS 170
Showing 1-20 of 170 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-07-17T20:53:52.357699-070010.110.0.14910.10.4.25querywww.google.comA(not set)
2
2019-07-17T20:53:52.853868-070010.110.0.14910.10.4.25queryfonts.gstatic.comA(not set)
3
2019-07-17T20:53:52.358338-070010.10.4.2510.110.0.149answerwww.google.com(not set)(not set)
4
2019-07-17T20:53:52.881426-070010.10.4.2510.110.0.149answerfonts.gstatic.com(not set)(not set)
5
2019-07-17T20:53:52.878498-070010.110.0.14910.30.4.25queryfonts.gstatic.comA(not set)
6
2019-07-17T20:53:52.907851-070010.30.4.2510.110.0.149answerfonts.gstatic.com(not set)(not set)
7
2019-07-17T20:53:57.060532-070010.110.0.14910.10.4.25querywww.scu.edu.auA(not set)
8
2019-07-17T20:53:57.061121-070010.10.4.2510.110.0.149answerwww.scu.edu.au(not set)(not set)
9
2019-07-17T20:53:58.294037-070010.110.0.14910.10.4.25queryutils.qualityconnex.comA(not set)
10
2019-07-17T20:53:58.294761-070010.10.4.2510.110.0.149answerutils.qualityconnex.com(not set)(not set)
11
2019-07-17T20:54:06.544310-070010.110.0.14910.30.4.25queryd1mj578wat5n4o.cloudfront.netA(not set)
12
2019-07-17T20:54:06.519029-070010.110.0.14910.10.4.25queryd1mj578wat5n4o.cloudfront.netA(not set)
13
2019-07-17T20:54:06.523408-070010.110.0.14910.10.4.25queryvars.hotjar.comA(not set)
14
2019-07-17T20:54:06.527306-070010.10.4.2510.110.0.149answervars.hotjar.com(not set)(not set)
15
2019-07-17T20:54:06.580132-070010.10.4.2510.110.0.149answerd1mj578wat5n4o.cloudfront.net(not set)(not set)
16
2019-07-17T20:54:06.580194-070010.30.4.2510.110.0.149answerd1mj578wat5n4o.cloudfront.net(not set)(not set)
17
2019-07-17T20:54:06.596504-070010.110.0.14910.10.4.25queryservice.maxymiser.netA(not set)
18
2019-07-17T20:54:06.623385-070010.110.0.14910.30.4.25queryservice.maxymiser.netA(not set)
19
2019-07-17T20:54:06.630232-070010.10.4.2510.110.0.149answerservice.maxymiser.net(not set)(not set)
20
2019-07-17T20:54:06.630487-070010.30.4.2510.110.0.149answerservice.maxymiser.net(not set)(not set)
TLS 69
Showing 1-20 of 69 items.
#
TimestampSource IPDestination IPTLS VersionIssuer
1
2019-07-17T20:53:57.083135-070010.110.0.149203.2.60.162TLS 1.2C=BM, O=QuoVadis Limited, CN=QuoVadis Global SSL ICA G3
2
2019-07-17T20:53:57.292949-070010.110.0.149203.2.60.162TLS 1.2(not set)
3
2019-07-17T20:53:58.014141-070010.110.0.149203.2.60.162TLS 1.2(not set)
4
2019-07-17T20:53:58.074309-070010.110.0.149203.2.60.162TLS 1.2(not set)
5
2019-07-17T20:53:58.461943-070010.110.0.149203.2.60.162TLS 1.2C=BM, O=QuoVadis Limited, CN=QuoVadis Global SSL ICA G3
6
2019-07-17T20:54:06.449338-070010.110.0.149104.98.27.127TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
7
2019-07-17T20:54:06.561795-070010.110.0.149117.18.232.200TLS 1.3(not set)
8
2019-07-17T20:54:06.570156-070010.110.0.149138.44.25.205TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
9
2019-07-17T20:54:06.572441-070010.110.0.149110.232.118.63TLS 1.2C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
10
2019-07-17T20:54:06.609549-070010.110.0.149138.44.24.71TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
11
2019-07-17T20:54:06.617824-070010.110.0.14913.35.148.178TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert Global CA G2
12
2019-07-17T20:54:07.232259-070010.110.0.14913.211.182.104TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
13
2019-07-17T20:54:07.380200-070010.110.0.14913.54.219.15TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
14
2019-07-17T20:54:07.722868-070010.110.0.14912.129.210.53TLS 1.2C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
15
2019-07-17T20:54:07.807897-070010.110.0.14966.117.25.58TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
16
2019-07-17T20:54:08.126635-070010.110.0.149138.44.25.192TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust RSA CA 2018
17
2019-07-17T20:54:08.181105-070010.110.0.149103.43.119.188TLS 1.2C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
18
2019-07-17T20:54:07.900829-070010.110.0.149151.101.30.49TLS 1.2C=BE, O=GlobalSign nv-sa, CN=GlobalSign CloudSSL CA - SHA256 - G3
19
2019-07-17T20:54:08.089910-070010.110.0.149216.58.200.98TLS 1.3(not set)
20
2019-07-17T20:54:08.404269-070010.110.0.149103.243.221.51TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert ECC Secure Server CA
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 1
Showing 1-1 of 1 item.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-07-17T20:53:57.108294-070010.110.0.149www.scu.edu.au80GET/302
SMB 18
Showing 1-18 of 18 items.
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
1
2019-07-17T20:53:56.065523-070010.110.0.14910.10.4.242.??SMB1_COMMAND_NEGOTIATE_PROTOCOL00
2
2019-07-17T20:53:56.071457-070010.110.0.14910.10.4.243.02SMB2_COMMAND_NEGOTIATE_PROTOCOL00
3
2019-07-17T20:53:56.072205-070010.110.0.14910.10.4.243.02SMB2_COMMAND_TREE_CONNECT4354791492841011
4
2019-07-17T20:53:56.073162-070010.110.0.14910.10.4.243.02SMB2_COMMAND_IOCTL4354791492841010
5
2019-07-17T20:53:56.074043-070010.110.0.14910.10.4.243.02SMB2_COMMAND_IOCTL4354791492841010
6
2019-07-17T20:53:56.074043-070010.110.0.14910.10.4.243.02SMB2_COMMAND_IOCTL4354791492841010
7
2019-07-17T20:53:48.477081-070010.110.1.5210.110.0.149NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
8
2019-07-17T20:53:48.479125-070010.110.1.5210.110.0.149NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX6349165535
9
2019-07-17T20:53:48.480743-070010.110.1.5210.110.0.149NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX6349165535
10
2019-07-17T20:53:48.481472-070010.110.1.5210.110.0.149NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX634913
11
2019-07-17T20:54:05.410604-070010.110.1.5210.110.0.149NT LM 0.12SMB1_COMMAND_TREE_DISCONNECT634913
12
2019-07-17T20:54:05.411991-070010.110.1.5210.110.0.149NT LM 0.12SMB1_COMMAND_LOGOFF_ANDX63491180
13
2019-07-17T20:54:11.641930-070010.110.0.15310.110.0.149NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
14
2019-07-17T20:54:11.643687-070010.110.0.15310.110.0.149NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX409765535
15
2019-07-17T20:54:11.646247-070010.110.0.15310.110.0.149NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX409765535
16
2019-07-17T20:54:11.647356-070010.110.0.15310.110.0.149NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX40972052
17
2019-07-17T20:54:06.763958-070010.110.0.14910.10.4.243.02SMB2_COMMAND_TREE_DISCONNECT4354791492841011
18
2019-07-17T20:54:06.764746-070010.110.0.14910.10.4.243.02SMB2_COMMAND_SESSION_LOGOFF4354791492841010
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 311
Showing 1-20 of 311 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-07-17T20:53:56.315454-07002072639233982279flow10.110.1.4165157239.255.255.2501900UDPpcapanalyzer
2
2019-07-17T20:53:56.315454-0700822485923512113flow10.110.1.16413810.110.3.255138UDPpcapanalyzer
3
2019-07-17T20:53:56.315454-07002100161384720692flow10.110.0.10813710.110.3.255137UDPpcapanalyzer
4
2019-07-17T20:54:14.228314-0700884450907569flow10.110.0.1495702510.30.4.2553UDPpcapanalyzer
5
2019-07-17T20:54:14.228314-07001830768150854984flow10.110.1.525267210.110.0.149139TCPpcapanalyzer
6
2019-07-17T20:54:14.228314-0700424376816359986flow10.110.0.14964152104.72.70.50443TCPpcapanalyzer
7
2019-07-17T20:54:14.228314-0700283871256040203flow10.110.0.1071750010.110.3.25517500UDPpcapanalyzer
8
2019-07-17T20:54:14.228314-07001691920449729577flow10.110.1.1251124239.255.255.2501900UDPpcapanalyzer
9
2019-07-17T20:54:14.228314-07003534444927031flow10.110.0.14964107205.185.208.52443TCPpcapanalyzer
10
2019-07-17T20:54:14.228314-07001270257739164934flow52.98.0.17844310.110.0.14963901TCPpcapanalyzer
11
2019-07-17T20:54:14.228314-07001129722115527316flow10.110.0.14964168103.243.221.17443TCPpcapanalyzer
12
2019-07-17T20:54:14.228314-07001130344884834846flow10.110.0.1496470610.10.4.2553UDPpcapanalyzer
13
2019-07-17T20:54:14.228314-07001974851419143488flow10.110.1.5756438239.255.255.2501900UDPpcapanalyzer
14
2019-07-17T20:54:14.228314-0700145341380807934flow10.110.0.14964127210.176.156.55443TCPpcapanalyzer
15
2019-07-17T20:54:14.228314-07001272095984807335flow10.110.1.11717500255.255.255.25517500UDPpcapanalyzer
16
2019-07-17T20:54:14.228314-07002117551707302819flow10.110.0.10859548239.255.255.2501900UDPpcapanalyzer
17
2019-07-17T20:54:14.228314-07001273491850765497flow10.110.0.1495465410.10.4.2553UDPpcapanalyzer
18
2019-07-17T20:54:14.228314-0700570697761941700flow10.110.0.14964122216.58.203.110443TCPpcapanalyzer
19
2019-07-17T20:54:14.228314-07001837485481158121flow10.110.0.1496414752.65.31.85443TCPpcapanalyzer
20
2019-07-17T20:54:14.228314-07001134532478647347flow10.110.0.1496460810.10.4.2553UDPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments(not set)

Update Download PCAP Delete