2019-MTA-workshop-block-8.pcap

MD59ffde29eed603e61ac9ea3dcdcbe92a6
Submission Date2019-08-20 21:36:22
Tags(not set)
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-05-05T19:02:17.205464-0700172.16.2.97209.90.88.136ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile*
2
2019-05-05T19:07:11.448343-0700209.90.88.136172.16.2.97ET POLICY PE EXE or DLL Windows file download HTTP*
DNS 403
Showing 1-20 of 403 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-05-05T18:59:37.725190-0700172.16.2.115172.16.2.2querydetectportal.firefox.comA(not set)
2
2019-05-05T18:59:37.725312-0700172.16.2.115172.16.2.2querydetectportal.firefox.comA(not set)
3
2019-05-05T18:59:39.283991-0700172.16.2.115172.16.2.2querydetectportal.firefox.comA(not set)
4
2019-05-05T18:59:39.289220-0700172.16.2.115172.16.2.2queryshavar.services.mozilla.comA(not set)
5
2019-05-05T18:59:37.724381-0700172.16.2.115172.16.2.2querywastatedairy.comA(not set)
6
2019-05-05T18:59:37.726156-0700172.16.2.115172.16.2.2querywastatedairy.comA(not set)
7
2019-05-05T18:59:39.353387-0700172.16.2.2172.16.2.115answershavar.services.mozilla.comA(not set)
8
2019-05-05T18:59:37.729051-0700172.16.2.2172.16.2.115answerwastatedairy.comA(not set)
9
2019-05-05T18:59:40.807218-0700172.16.2.2193.108.91.240querydetectportal.firefox.comA(not set)
10
2019-05-05T18:59:41.039866-0700193.108.91.240172.16.2.2answerdetectportal.firefox.comA(not set)
11
2019-05-05T18:59:41.157879-0700172.16.2.2172.16.2.115answerdetectportal.firefox.comA(not set)
12
2019-05-05T18:59:39.283326-0700172.16.2.115172.16.2.2querywastatedairy.comA(not set)
13
2019-05-05T18:59:39.283509-0700172.16.2.2172.16.2.115answerwastatedairy.comA(not set)
14
2019-05-05T18:59:42.155753-0700172.16.2.115172.16.2.2queryfonts.gstatic.comA(not set)
15
2019-05-05T18:59:42.359874-0700172.16.2.115172.16.2.2queryfonts.googleapis.comA(not set)
16
2019-05-05T18:59:42.360369-0700172.16.2.115172.16.2.2queryi2.wp.comA(not set)
17
2019-05-05T18:59:42.360515-0700172.16.2.2172.16.2.115answeri2.wp.comA(not set)
18
2019-05-05T18:59:42.361191-0700172.16.2.115172.16.2.2querystats.wp.comA(not set)
19
2019-05-05T18:59:42.361371-0700172.16.2.2172.16.2.115answerstats.wp.comA(not set)
20
2019-05-05T18:59:42.450768-0700172.16.2.2172.16.2.115answerfonts.googleapis.comA(not set)
TLS 96
Showing 1-20 of 96 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-05-05T18:59:40.295037-0700172.16.2.11535.160.231.181TLS 1.2shavar.services.mozilla.com
2
2019-05-05T18:59:42.115926-0700172.16.2.11523.111.9.35TLS 1.2use.fontawesome.com
3
2019-05-05T18:59:42.138367-0700172.16.2.115172.217.5.74TLS 1.3fonts.googleapis.com
4
2019-05-05T18:59:42.065316-0700172.16.2.115192.0.77.32TLS 1.3s0.wp.com
5
2019-05-05T18:59:42.073106-0700172.16.2.115192.0.76.3TLS 1.3stats.wp.com
6
2019-05-05T18:59:43.463880-0700172.16.2.115192.0.77.2TLS 1.3i2.wp.com
7
2019-05-05T18:59:45.770495-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
8
2019-05-05T18:59:45.901182-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
9
2019-05-05T18:59:48.737822-0700172.16.2.11554.192.146.199TLS 1.2wave.sndcdn.com
10
2019-05-05T18:59:45.771508-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
11
2019-05-05T18:59:45.774701-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
12
2019-05-05T18:59:46.005072-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
13
2019-05-05T18:59:46.005843-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
14
2019-05-05T18:59:46.095607-0700172.16.2.11574.125.20.94TLS 1.3fonts.gstatic.com
15
2019-05-05T18:59:46.302556-0700172.16.2.11535.160.231.181TLS 1.2shavar.services.mozilla.com
16
2019-05-05T18:59:47.422944-0700172.16.2.11552.84.242.37TLS 1.2api-widget.soundcloud.com
17
2019-05-05T19:00:30.772547-0700172.16.2.20974.125.135.188TLS 1.3mtalk.google.com
18
2019-05-05T19:00:30.772548-0700172.16.2.209172.217.14.99TLS 1.3clientservices.googleapis.com
19
2019-05-05T18:59:44.502552-0700172.16.2.11554.192.146.180TLS 1.2w.soundcloud.com
20
2019-05-05T18:59:46.261652-0700172.16.2.11554.192.146.177TLS 1.2widget.sndcdn.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 393
Showing 1-20 of 393 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-05-05T18:59:41.544534-0700172.16.2.115wastatedairy.com80GET/200
2
2019-05-05T18:59:41.824750-0700172.16.2.115wastatedairy.com80GET/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1200
3
2019-05-05T18:59:41.891140-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=1556761022200
4
2019-05-05T18:59:41.892449-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/jetpack/modules/theme-tools/compat/twentyfourteen.css?ver=7.2.1200
5
2019-05-05T18:59:41.892451-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/simple-staff-list/public/css/simple-staff-list-public.css?ver=2.1.1200
6
2019-05-05T18:59:41.894083-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1556761022200
7
2019-05-05T18:59:42.094780-0700172.16.2.115wastatedairy.com80GET/wp-content/themes/twentyfourteen/css/blocks.css?ver=20181230200
8
2019-05-05T18:59:42.172063-0700172.16.2.115wastatedairy.com80GET/wp-content/themes/twentyfourteen/style.css?ver=5.1.1200
9
2019-05-05T18:59:42.133351-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1200
10
2019-05-05T18:59:42.226765-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/jetpack/css/jetpack.css?ver=7.2.1200
11
2019-05-05T18:59:42.095950-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/business-directory-plugin/assets/css/widgets.min.css?ver=5.5.4200
12
2019-05-05T18:59:42.379096-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/simple-contact-form/style.css?ver=5.1.1409
13
2019-05-05T18:59:42.185769-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/business-directory-plugin/themes/default/assets/styles.css?ver=4.0.4200
14
2019-05-05T18:59:42.464334-0700172.16.2.115wastatedairy.com80GET/wp-includes/js/jquery/jquery.js?ver=1.12.4200
15
2019-05-05T18:59:42.469938-0700172.16.2.115detectportal.firefox.com80GET/success.txt200
16
2019-05-05T18:59:42.394656-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/simple-contact-form/simple-contact-form.js?ver=5.1.1409
17
2019-05-05T18:59:42.471519-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/current-weather/assets/css/weather-default.css200
18
2019-05-05T18:59:42.488290-0700172.16.2.115wastatedairy.com80GET/wp-includes/js/masonry.min.js?ver=3.3.2200
19
2019-05-05T18:59:42.388672-0700172.16.2.115wastatedairy.com80GET/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1200
20
2019-05-05T18:59:42.390870-0700172.16.2.115wastatedairy.com80GET/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1200
SMB 61
Showing 1-20 of 61 items.
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
1
2019-05-05T19:00:10.610398-0700172.16.2.209172.16.2.22.??SMB1_COMMAND_NEGOTIATE_PROTOCOL00
2
2019-05-05T19:00:10.728646-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_NEGOTIATE_PROTOCOL00
3
2019-05-05T19:00:10.750866-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_SESSION_SETUP43983820555450
4
2019-05-05T19:00:10.753760-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_TREE_CONNECT43983820555451
5
2019-05-05T19:00:10.757588-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_CREATE43983820555451
6
2019-05-05T19:00:22.937823-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_NEGOTIATE_PROTOCOL00
7
2019-05-05T19:00:22.961643-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_SESSION_SETUP43983820555490
8
2019-05-05T19:00:22.964310-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_TREE_CONNECT43983820555491
9
2019-05-05T19:00:23.195795-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_CREATE43983820555491
10
2019-05-05T19:00:10.495610-0700172.16.2.209172.16.2.22.??SMB1_COMMAND_NEGOTIATE_PROTOCOL00
11
2019-05-05T19:00:10.549402-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_NEGOTIATE_PROTOCOL00
12
2019-05-05T19:00:10.552697-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_SESSION_SETUP43983820555330
13
2019-05-05T19:00:10.556197-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_SESSION_SETUP43983820555330
14
2019-05-05T19:00:10.558599-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_TREE_CONNECT43983820555331
15
2019-05-05T19:00:10.796359-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_IOCTL43983820555331
16
2019-05-05T19:00:24.764990-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_TREE_DISCONNECT43983820555331
17
2019-05-05T19:00:36.965798-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_CLOSE43983820555491
18
2019-05-05T19:00:36.751442-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_READ43983820555451
19
2019-05-05T19:00:36.965797-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_CLOSE43983820555451
20
2019-05-05T19:00:48.769364-0700172.16.2.209172.16.2.22.10SMB2_COMMAND_TREE_DISCONNECT43983820555491
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 518
Showing 1-20 of 518 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-05-05T19:01:04.581323-0700609574325641686flow172.16.2.20958660224.0.0.2525355UDPpcapanalyzer
2
2019-05-05T19:01:04.581323-0700665365950797781flow172.16.2.20962196224.0.0.2525355UDPpcapanalyzer
3
2019-05-05T19:01:04.581323-07001058969638762184flow172.16.2.20959839224.0.0.2525355UDPpcapanalyzer
4
2019-05-05T19:01:04.581323-0700548246486878006flow172.16.2.1155353224.0.0.2515353UDPpcapanalyzer
5
2019-05-05T19:01:04.581323-0700168910682776481flow172.16.2.20953424239.255.255.2501900UDPpcapanalyzer
6
2019-05-05T19:01:04.581323-0700638823054631696flow172.16.2.2095353224.0.0.2515353UDPpcapanalyzer
7
2019-05-05T19:07:11.448343-0700985718975746155flow172.16.2.8352918172.16.2.253UDPpcapanalyzer
8
2019-05-05T19:07:11.448343-0700985800578451878flow172.16.2.8362146172.16.2.253UDPpcapanalyzer
9
2019-05-05T19:07:11.448343-07001267352885350669flow172.16.2.2416409417.249.89.2465224TCPpcapanalyzer
10
2019-05-05T19:07:11.448343-07002112181543739833flow172.16.2.12746722172.217.14.86443UDPpcapanalyzer
11
2019-05-05T19:07:11.448343-0700846390231034699flow172.16.2.11538330192.0.77.2443TCPpcapanalyzer
12
2019-05-05T19:07:11.448343-0700284200511912026flow172.16.2.24150069172.16.2.253UDPpcapanalyzer
13
2019-05-05T19:07:11.448343-0700143574668968939flow172.16.2.209137172.16.2.255137UDPpcapanalyzer
14
2019-05-05T19:07:11.448343-0700143798006049695flow172.16.2.1155080874.125.20.94443TCPpcapanalyzer
15
2019-05-05T19:07:11.448343-07001269758050016010flow172.16.2.9760038172.16.2.253UDPpcapanalyzer
16
2019-05-05T19:07:11.448343-07001692022070863025flow172.16.2.24153713172.16.2.253UDPpcapanalyzer
17
2019-05-05T19:07:11.448343-07001270080179270112flow172.16.2.146123928.8.8.853UDPpcapanalyzer
18
2019-05-05T19:07:11.448343-07001833184762150716flow172.16.2.24164941172.16.2.253UDPpcapanalyzer
19
2019-05-05T19:07:11.448343-07002115183725833624flow172.16.2.127488418.8.8.853UDPpcapanalyzer
20
2019-05-05T19:07:11.448343-07001552349714411207flow172.16.2.20949212104.28.7.11380TCPpcapanalyzer
File 391
Showing 1-20 of 391 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-05-05T18:59:41.544534-0700192.254.233.1172.16.2.115/HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators37566
2
2019-05-05T18:59:41.824750-0700192.254.233.1172.16.2.115/wp-includes/js/wp-emoji-release.min.jsASCII text, with very long lines12034
3
2019-05-05T18:59:41.891140-0700192.254.233.1172.16.2.115/wp-content/plugins/gutenberg/build/block-library/theme.cssASCII text, with very long lines, with no line terminators1875
4
2019-05-05T18:59:41.892451-0700192.254.233.1172.16.2.115/wp-content/plugins/simple-staff-list/public/css/simple-staff-list-public.cssASCII text457
5
2019-05-05T18:59:41.892449-0700192.254.233.1172.16.2.115/wp-content/plugins/jetpack/modules/theme-tools/compat/twentyfourteen.cssASCII text7543
6
2019-05-05T18:59:41.894083-0700192.254.233.1172.16.2.115/wp-content/plugins/gutenberg/build/block-library/style.cssASCII text, with very long lines, with no line terminators29971
7
2019-05-05T18:59:42.172063-0700192.254.233.1172.16.2.115/wp-content/themes/twentyfourteen/style.cssASCII text, with very long lines81216
8
2019-05-05T18:59:42.133351-0700192.254.233.1172.16.2.115/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.cssASCII text, with very long lines28266
9
2019-05-05T18:59:42.094780-0700192.254.233.1172.16.2.115/wp-content/themes/twentyfourteen/css/blocks.cssASCII text7429
10
2019-05-05T18:59:42.095950-0700192.254.233.1172.16.2.115/wp-content/plugins/business-directory-plugin/assets/css/widgets.min.cssASCII text, with no line terminators181
11
2019-05-05T18:59:42.379096-0700192.254.233.1172.16.2.115/wp-content/plugins/simple-contact-form/style.cssHTML document, ASCII text, with no line terminators83
12
2019-05-05T18:59:42.464334-0700192.254.233.1172.16.2.115/wp-includes/js/jquery/jquery.jsASCII text, with very long lines97183
13
2019-05-05T18:59:42.226765-0700192.254.233.1172.16.2.115/wp-content/plugins/jetpack/css/jetpack.cssASCII text, with very long lines70494
14
2019-05-05T18:59:42.185769-0700192.254.233.1172.16.2.115/wp-content/plugins/business-directory-plugin/themes/default/assets/styles.cssASCII text1088
15
2019-05-05T18:59:42.469938-070070.163.84.250172.16.2.115/success.txtASCII text8
16
2019-05-05T18:59:42.394656-0700192.254.233.1172.16.2.115/wp-content/plugins/simple-contact-form/simple-contact-form.jsHTML document, ASCII text, with no line terminators83
17
2019-05-05T18:59:42.388672-0700192.254.233.1172.16.2.115/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.cssASCII text, with very long lines, with no line terminators26726
18
2019-05-05T18:59:42.471519-0700192.254.233.1172.16.2.115/wp-content/plugins/current-weather/assets/css/weather-default.cssASCII text, with CRLF line terminators11404
19
2019-05-05T18:59:42.488290-0700192.254.233.1172.16.2.115/wp-includes/js/masonry.min.jsASCII text, with very long lines28953
20
2019-05-05T18:59:42.390870-0700192.254.233.1172.16.2.115/wp-includes/js/jquery/jquery-migrate.min.jsASCII text, with very long lines10056

Comments(not set)

Update Download PCAP Delete