Ch9.pcap

MD5	1a94e9fd79d54c67c86127a09788b51c
Submission Date	2018-11-12 08:04:30
Tags	(not set)

Alert 1

Showing 1-1 of 1 item.

Timestamp

Src Ip

Dest Ip

Alert Signature

2017-10-29T10:07:28.094332-0700

192.168.1.88

192.168.1.255

ET POLICY Dropbox Client Broadcasting

DNS 116

Showing 1-20 of 116 items.

Timestamp

Src Ip

Dest Ip

Dns Type

Resource Record Name

Resource Record Type

Resource Data

2017-10-29T10:07:32.710881-0700

192.168.1.88

192.168.1.1

query

apis.google.com

(not set)

2017-10-29T10:07:32.711051-0700

192.168.1.88

192.168.1.1

query

fonts.googleapis.com

(not set)

2017-10-29T10:07:32.758646-0700

192.168.1.88

192.168.1.1

query

ogs.google.com

(not set)

2017-10-29T10:07:32.766935-0700

192.168.1.1

192.168.1.88

answer

fonts.googleapis.com

(not set)

2017-10-29T10:07:32.774511-0700

192.168.1.1

192.168.1.88

answer

apis.google.com

(not set)

2017-10-29T10:07:32.710881-0700

192.168.1.88

192.168.1.1

query

googleads.g.doubleclick.net

(not set)

2017-10-29T10:07:32.710881-0700

192.168.1.88

192.168.1.1

query

clients5.google.com

(not set)

2017-10-29T10:07:32.765513-0700

192.168.1.1

192.168.1.88

answer

googleads.g.doubleclick.net

(not set)

2017-10-29T10:07:32.774514-0700

192.168.1.1

192.168.1.88

answer

clients5.google.com

(not set)

2017-10-29T10:07:32.798533-0700

192.168.1.88

192.168.1.1

query

googlehosted.l.googleusercontent.com

(not set)

2017-10-29T10:07:32.807781-0700

192.168.1.88

192.168.1.1

query

outlook.office365.com

(not set)

2017-10-29T10:07:32.710148-0700

192.168.1.88

192.168.1.1

query

www.google.com

(not set)

2017-10-29T10:07:32.710934-0700

192.168.1.88

192.168.1.1

query

encrypted-tbn0.gstatic.com

(not set)

2017-10-29T10:07:32.757969-0700

192.168.1.1

192.168.1.88

answer

www.google.com

(not set)

2017-10-29T10:07:32.765744-0700

192.168.1.88

192.168.1.1

query

ssl.gstatic.com

(not set)

2017-10-29T10:07:32.774515-0700

192.168.1.1

192.168.1.88

answer

encrypted-tbn0.gstatic.com

(not set)

2017-10-29T10:07:32.888663-0700

192.168.1.1

192.168.1.88

answer

ssl.gstatic.com

(not set)

2017-10-29T10:07:32.817271-0700

192.168.1.1

192.168.1.88

answer

ogs.google.com

(not set)

2017-10-29T10:07:33.057568-0700

192.168.1.1

192.168.1.88

answer

outlook.office365.com

(not set)

2017-10-29T10:07:33.078700-0700

192.168.1.1

192.168.1.88

answer

googlehosted.l.googleusercontent.com

(not set)

TLS 60

Showing 1-20 of 60 items.

Timestamp

Source IP

Destination IP

TLS Version

Server Name Indication

2017-10-29T10:07:34.664154-0700

192.168.1.88

74.125.201.132

TLS 1.2

apidata.googleusercontent.com

2017-10-29T10:07:33.593701-0700

192.168.1.88

40.97.130.18

TLS 1.2

outlook.office365.com

2017-10-29T10:07:34.664149-0700

192.168.1.88

74.125.201.132

TLS 1.2

apidata.googleusercontent.com

2017-10-29T10:07:33.769185-0700

192.168.1.88

74.125.201.132

TLS 1.2

apidata.googleusercontent.com

2017-10-29T10:07:34.664155-0700

192.168.1.88

74.125.201.132

TLS 1.2

apidata.googleusercontent.com

2017-10-29T10:07:34.664156-0700

192.168.1.88

74.125.201.132

TLS 1.2

apidata.googleusercontent.com

2017-10-29T10:07:37.209167-0700

192.168.1.88

172.217.8.174

TLS 1.2

youtube.com

2017-10-29T10:07:37.218772-0700

192.168.1.88

172.217.8.174

TLS 1.2

youtube.com

2017-10-29T10:07:37.856120-0700

192.168.1.88

216.58.216.110

TLS 1.2

www.youtube.com

2017-10-29T10:07:39.228497-0700

192.168.1.88

172.217.4.97

TLS 1.2

yt3.ggpht.com

2017-10-29T10:07:39.315090-0700

192.168.1.88

172.217.4.97

TLS 1.2

yt3.ggpht.com

2017-10-29T10:07:39.320925-0700

192.168.1.88

172.217.4.97

TLS 1.2

yt3.ggpht.com

2017-10-29T10:07:39.324843-0700

192.168.1.88

172.217.4.97

TLS 1.2

yt3.ggpht.com

2017-10-29T10:07:39.369540-0700

192.168.1.88

172.217.4.97

TLS 1.2

yt3.ggpht.com

2017-10-29T10:07:39.332098-0700

192.168.1.88

172.217.4.97

TLS 1.2

yt3.ggpht.com

2017-10-29T10:07:41.138636-0700

192.168.1.88

157.240.2.25

TLS 1.2

connect.facebook.net

2017-10-29T10:07:40.724742-0700

192.168.1.88

216.58.216.98

TLS 1.2

pubads.g.doubleclick.net

2017-10-29T10:07:41.517042-0700

192.168.1.88

216.58.192.230

TLS 1.2

s0.2mdn.net

2017-10-29T10:07:41.522223-0700

192.168.1.88

23.21.109.110

TLS 1.2

insight.adsrvr.org

2017-10-29T10:07:41.544863-0700

192.168.1.88

13.33.154.31

TLS 1.2

js.adsrvr.org

TFTP 0

#	Timestamp	Src Ip	Dest Ip	Tftp Packet	Tftp File	Tftp Mode
No results found.

HTTP 24

Showing 1-20 of 24 items.

Timestamp

Source

Hostname

Port

Method

URL

Status

2017-10-29T10:07:37.094142-0700

192.168.1.88

youtube.com

GET

301

2017-10-29T10:07:40.176209-0700

192.168.1.88

192.168.1.31

GET

/dial/YouTube

400

2017-10-29T10:07:40.179209-0700

192.168.1.88

192.168.1.52

GET

/dial/YouTube

400

2017-10-29T10:07:40.180886-0700

192.168.1.88

192.168.1.18

GET

/dial/YouTube

400

2017-10-29T10:07:40.519846-0700

192.168.1.88

sau.edu

GET

301

2017-10-29T10:07:42.429191-0700

192.168.1.88

www.googletagmanager.com

GET

/gtm.js?id=GTM-MX8CVG

404

2017-10-29T10:07:42.456445-0700

192.168.1.88

www.sau.edu

GET

/prebuilt/_xbase/images/homepage/icons/visit-icon.svg

200

2017-10-29T10:07:42.007429-0700

192.168.1.88

www.sau.edu

GET

200

2017-10-29T10:07:42.465001-0700

192.168.1.88

www.sau.edu

GET

/prebuilt/_xbase/images/homepage/icons/cost-calculator-icon.svg

200

2017-10-29T10:07:43.572091-0700

192.168.1.88

www.sau.edu

GET

/Images/home_page/DBA-advance-Pillutla(0).jpg

200

2017-10-29T10:07:43.999826-0700

192.168.1.88

www.sau.edu

GET

/prebuilt/_xbase/images/homepage/icons/apply-now-icon.svg

200

2017-10-29T10:07:42.832740-0700

192.168.1.88

www.sau.edu

GET

/Images/home_page/FriendshipsWbeehive.jpg

200

2017-10-29T10:07:42.833568-0700

192.168.1.88

www.sau.edu

GET

/prebuilt/_xbase/images/homepage/icons/request-more-info-icon.svg

200

2017-10-29T10:07:43.974720-0700

192.168.1.88

www.sau.edu

GET

/Images/home_page/small-classes-artQuinn.jpg

200

2017-10-29T10:07:44.081479-0700

192.168.1.88

www.sau.edu

GET

/Images/News-and-Events/2017-Fall/JIMPLACETHUMB.jpg

200

2017-10-29T10:07:44.340195-0700

192.168.1.88

www.sau.edu

GET

/images/promos/homepromo/ambrosezine_107.jpg

200

2017-10-29T10:07:44.412268-0700

192.168.1.88

www.sau.edu

GET

/images/promos/homepromo/Global17LGrgb.jpg

200

2017-10-29T10:07:43.211936-0700

192.168.1.88

www.sau.edu

GET

/PreBuilt/_xbase/images/shared/m-background.gif

200

2017-10-29T10:07:43.687796-0700

192.168.1.88

www.sau.edu

GET

/Images/News-and-Events/2017-Fall/WRCThumb_3.jpg

200

2017-10-29T10:07:43.940312-0700

192.168.1.88

www.sau.edu

GET

/Images/News-and-Events/2017-Fall/Thomas_higgins_thumb.jpg

200

SMB 0

#		Timestamp	Src Ip	Dest Ip	SMB Dialect	Command	Session	Tree
No results found.

SMTP 0

#		Timestamp	Source	Destination	Email From	Email To	Subject
No results found.

Flow 216

Showing 1-20 of 216 items.

Timestamp

Flow Id

Event Type

Source

Source Port

Destination

Destination Port

Protocol

Host

2017-10-29T10:07:56.554589-0700

142590948973041

flow

192.168.1.88

5876

192.168.1.1

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1881377935501

flow

192.168.1.88

53331

216.58.192.230

443

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1409533286731573

flow

192.168.1.88

55121

172.217.4.97

443

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1550275070496147

flow

192.168.1.88

55242

184.169.131.88

443

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

424667221225868

flow

192.168.1.88

55066

75.101.136.49

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

143342568345164

flow

192.168.1.88

55058

75.101.136.49

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

2113886448654038

flow

192.168.1.88

55056

75.101.136.49

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1270017716044005

flow

192.168.1.195

63647

192.168.1.255

32412

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

284900395363728

flow

192.168.1.88

59474

172.217.4.110

443

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

989229934229386

flow

192.168.1.88

53581

172.217.8.162

443

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1411916993793346

flow

192.168.1.88

42793

192.168.1.1

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

849065824088460

flow

192.168.1.88

55098

74.125.201.132

443

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1131142096791285

flow

192.168.1.88

55231

35.185.88.112

443

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

2116437659343545

flow

192.168.1.88

21717

192.168.1.1

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

991106835600660

flow

192.168.1.88

55202

198.51.152.184

443

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

428412432608094

flow

192.168.1.88

55053

75.101.136.49

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

569313129708709

flow

192.168.1.88

33964

192.168.1.1

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

569360374662658

flow

192.168.1.88

25528

192.168.1.1

UDP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

147510834054644

flow

192.168.1.88

55173

13.33.154.31

443

TCP

pcapanalyzer

2017-10-29T10:07:56.554589-0700

1837612677261502

flow

192.168.1.88

55163

63.233.192.95

TCP

pcapanalyzer

File 20

Showing 1-20 of 20 items.

Timestamp

Source

Destination

File Name

File Magic

File Size

2017-10-29T10:07:40.519846-0700

63.233.192.95

192.168.1.88

HTML document, ASCII text

142

2017-10-29T10:07:42.429191-0700

216.58.192.168

192.168.1.88

/gtm.js

HTML document, UTF-8 Unicode text, with very long lines

1581

2017-10-29T10:07:42.456445-0700

63.233.192.95

192.168.1.88

/prebuilt/_xbase/images/homepage/icons/visit-icon.svg

SVG Scalable Vector Graphics image

1473

2017-10-29T10:07:42.007429-0700

63.233.192.95

192.168.1.88

HTML document, ASCII text, with very long lines, with CRLF line terminators

13301

2017-10-29T10:07:42.465001-0700

63.233.192.95

192.168.1.88

/prebuilt/_xbase/images/homepage/icons/cost-calculator-icon.svg

SVG Scalable Vector Graphics image

2307

2017-10-29T10:07:43.572091-0700

63.233.192.95

192.168.1.88

/Images/home_page/DBA-advance-Pillutla(0).jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 682x270, frames 3

42347

2017-10-29T10:07:43.999826-0700

63.233.192.95

192.168.1.88

/prebuilt/_xbase/images/homepage/icons/apply-now-icon.svg

SVG Scalable Vector Graphics image

1049

2017-10-29T10:07:42.832740-0700

63.233.192.95

192.168.1.88

/Images/home_page/FriendshipsWbeehive.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 682x270, frames 3

48313

2017-10-29T10:07:43.974720-0700

63.233.192.95

192.168.1.88

/Images/home_page/small-classes-artQuinn.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 682x270, frames 3

69493

2017-10-29T10:07:44.081479-0700

63.233.192.95

192.168.1.88

/Images/News-and-Events/2017-Fall/JIMPLACETHUMB.jpg

JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, software=Photos 2.0, datetime=2017:10:27 11:39:51]

36305

2017-10-29T10:07:44.340195-0700

63.233.192.95

192.168.1.88

/images/promos/homepromo/ambrosezine_107.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 190x107, frames 3

15228

2017-10-29T10:07:42.833568-0700

63.233.192.95

192.168.1.88

/prebuilt/_xbase/images/homepage/icons/request-more-info-icon.svg

SVG Scalable Vector Graphics image

2597

2017-10-29T10:07:44.412268-0700

63.233.192.95

192.168.1.88

/images/promos/homepromo/Global17LGrgb.jpg

JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, PhotometricIntepretation=RGB, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Photos 2.0, datetime=2017:05:24 09:48:59]

12168

2017-10-29T10:07:43.211936-0700

63.233.192.95

192.168.1.88

/PreBuilt/_xbase/images/shared/m-background.gif

GIF image data, version 89a, 5 x 247

1206

2017-10-29T10:07:43.687796-0700

63.233.192.95

192.168.1.88

/Images/News-and-Events/2017-Fall/WRCThumb_3.jpg

JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Canon, model=Canon EOS 7D Mark II, orientation=upper-left, xresolution=150, yresolution=158, resolutionunit=2, software=Photos 2.0, datetime=2017:09:19 15:36:33]

39869

2017-10-29T10:07:43.940312-0700

63.233.192.95

192.168.1.88

/Images/News-and-Events/2017-Fall/Thomas_higgins_thumb.jpg

JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 86x86, frames 3

8229

2017-10-29T10:07:44.067334-0700

63.233.192.95

192.168.1.88

/Images/home_page/CDU-AHtower16.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 682x270, frames 3

80869

2017-10-29T10:07:44.115489-0700

63.233.192.95

192.168.1.88

/Images/News-and-Events/Publications/Scene/Scene2017-August/NajdaAlexsandra-T.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, frames 3

5115

2017-10-29T10:07:44.271527-0700

63.233.192.95

192.168.1.88

/images/promos/homepromo/WRC-ConstCam_107.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 190x107, frames 3

11132

2017-10-29T10:07:44.391092-0700

63.233.192.95

192.168.1.88

/images/promos/homepromo/BOF-TCSA190x107.jpg

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 190x107, frames 3

8229

Comments	(not set)

Update Download PCAP Delete