/////Log File 1/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
10:18:09.858
10.60.63.44
10.225.208.160 3676
81
TCP
TCP:Flag
s=......S., SrcPort=3676, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1442
602966, Ack=0, Win=65535 ( ) = 65535
10:18:09.913
10.225.208.160 10.60.63.44
81
3676
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3676, PayloadLen=0, Seq=3830
98810, Ack=1442602967, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:18:09.914
10.60.63.44
10.225.208.160 3676
81
TCP
TCP:Flag
s=...A...., SrcPort=3676, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1442
602967, Ack=383098811, Win=64000 (scale factor 0x1) = 128000
10:18:09.914
10.60.63.44
10.225.208.160 3676
81
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=3676, DstPort=HOSTS2 Name Server(81), PayloadL
en=0, Seq=1442602967, Ack=383098811, Win=64000 (scale factor 0x1) = 128000
10:18:10.034
10.225.208.160 10.60.63.44
81
3676
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3676, PayloadLen=0, Seq=3830
98811, Ack=1442602968, Win=57344
10:18:10.255
10.60.63.44
10.225.208.160 3679
81
TCP
TCP:Flag
s=......S., SrcPort=3679, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=5192
84420, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
10:18:10.303
10.225.208.160 10.60.63.44
81
3679
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3679, PayloadLen=0, Seq=3861
78634, Ack=519284421, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:18:10.303
10.60.63.44
10.225.208.160 3679
81
TCP
TCP:Flag
s=...A...., SrcPort=3679, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=5192
84421, Ack=386178635, Win=64000 (scale factor 0x1) = 128000
10:18:10.329
10.60.63.44
10.225.208.160 3679
81
TCP
TCP:Flag
s=...A...F, SrcPort=3679, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=5192
84421, Ack=386178635, Win=64000 (scale factor 0x1) = 128000
10:18:10.374
10.225.208.160 10.60.63.44
81
3679
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3679, PayloadLen=0, Seq=3861
78635, Ack=519284422, Win=57344
10:18:13.012
10.60.63.44
239.255.255.250 3686
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:18:13.929
10.60.63.44
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x265DE348
10:18:16.024
10.60.63.44
239.255.255.250 3686
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:18:19.025
10.60.63.44
239.255.255.250 3686
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:18:20.469
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:18:20.469
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:18:54.508
10.60.63.44
239.255.255.250 3729
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:18:57.510
10.60.63.44
239.255.255.250 3729
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:19:00.510
10.60.63.44
239.255.255.250 3729
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:19:02.791
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:19:02.791
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:19:02.791
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48

10:19:16.969
10.60.63.44
239.255.255.250 3856
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:19:21.650
10.60.63.44
239.255.255.250 3856
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:19:24.651
10.60.63.44
239.255.255.250 3856
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:19:24.861
10.225.208.160 10.60.63.44
81
3676
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3676, PayloadLen=0, Seq=3830
98811, Ack=1442602968, Win=57344
10:19:25.271
10.225.208.160 10.60.63.44
81
3679
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3679, PayloadLen=0, Seq=3861
78635, Ack=519284422, Win=57344
10:19:49.026
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:19:49.026
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:19:58.269
10.60.63.44
239.255.255.250 3923
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:04.005
10.60.63.44
239.255.255.250 3923
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:07.007
10.60.63.44
239.255.255.250 3923
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:31.828
10.60.63.44
239.255.255.250 4285
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:34.829
10.60.63.44
239.255.255.250 4285
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:37.831
10.60.63.44
239.255.255.250 4285
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:53.169
10.60.63.44
239.255.255.250 4630
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:56.169
10.60.63.44
239.255.255.250 4630
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:20:59.170
10.60.63.44
239.255.255.250 4630
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:21:10.535
10.60.63.44
202.126.40.5
52421 53
DNS
DNS:Quer
yId = 0xDA5A, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:21:10.870
10.60.63.44
239.255.255.250 4662
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:21:11.970
202.126.40.5
10.60.63.44
53
52421 DNS
DNS:Quer
yId = 0xDA5A, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:21:11.970
10.60.63.44
202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.63.44:52421
10:21:17.917
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:21:17.917
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:21:17.917
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:21:20.911
10.60.63.44
239.255.255.250 4690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:21:23.912
10.60.63.44
239.255.255.250 4690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:21:26.923
10.60.63.44
239.255.255.250 4690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:22:04.643
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:22:04.644
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48

10:22:04.644
10.60.63.44
ort = 1036, DstPort = 1947,
10:22:37.405
10.60.63.44
uest, M-SEARCH *
10:22:40.416
10.60.63.44
uest, M-SEARCH *
10:22:41.333
10.60.63.44
uest, M-SEARCH *
10:22:44.333
10.60.63.44
uest, M-SEARCH *
10:22:47.339
10.60.63.44
uest, M-SEARCH *
10:22:51.359
10.60.63.44
ort = 1036, DstPort = 1947,
10:22:51.359
10.60.63.44
ort = 1036, DstPort = 1947,
10:22:51.359
10.60.63.44
ort = 1036, DstPort = 1947,
10:23:00.227
10.60.63.44
uest, M-SEARCH *
10:23:09.981
10.60.63.44
uest, M-SEARCH *
10:23:12.983
10.60.63.44
uest, M-SEARCH *
10:23:38.165
10.60.63.44
ort = 1036, DstPort = 1947,
10:23:38.165
10.60.63.44
ort = 1036, DstPort = 1947,
10:23:38.165
10.60.63.44
ort = 1036, DstPort = 1947,
10:23:39.934
10.60.63.44
ort = 1036, DstPort = 1947,
10:24:16.355
10.60.63.44
uest, M-SEARCH *
10:24:19.358
10.60.63.44
uest, M-SEARCH *
10:24:22.359
10.60.63.44
uest, M-SEARCH *
10:24:28.390
10.60.63.44
ort = 1036, DstPort = 1947,
10:24:28.390
10.60.63.44
ort = 1036, DstPort = 1947,
10:24:28.391
10.60.63.44
ort = 1036, DstPort = 1947,
10:24:45.222
10.60.63.44
uest, M-SEARCH *
10:24:52.749
10.60.63.44
uest, M-SEARCH *
10:24:52.811
10.60.63.44
uest, M-SEARCH *
10:24:55.814
10.60.63.44
uest, M-SEARCH *
10:24:58.815
10.60.63.44
uest, M-SEARCH *
10:25:15.322
10.60.63.44
ort = 1036, DstPort = 1947,
10:25:15.323
10.60.63.44
ort = 1036, DstPort = 1947,
10:25:15.323
10.60.63.44
ort = 1036, DstPort = 1947,

255.255.255.255 1036
Length = 48
239.255.255.250 1343

1947

UDP

UDP:SrcP

1900

HTTP

SSDP:Req

239.255.255.250 1343

1900

HTTP

SSDP:Req

239.255.255.250 1368

1900

HTTP

SSDP:Req

239.255.255.250 1368

1900

HTTP

SSDP:Req

239.255.255.250 1368

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1447

1900

HTTP

SSDP:Req

239.255.255.250 1447

1900

HTTP

SSDP:Req

239.255.255.250 1447

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1529

1900

HTTP

SSDP:Req

239.255.255.250 1529

1900

HTTP

SSDP:Req

239.255.255.250 1529

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1758

1900

HTTP

SSDP:Req

239.255.255.250 1758

1900

HTTP

SSDP:Req

239.255.255.250 1818

1900

HTTP

SSDP:Req

239.255.255.250 1818

1900

HTTP

SSDP:Req

239.255.255.250 1818

1900

HTTP

SSDP:Req

255.255.255.255 1036
Length = 48
255.255.255.255 1036
Length = 48
255.255.255.255 1036
Length = 48

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

10:25:19.737
10.60.63.44
239.255.255.250 1844
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:25:22.743
10.60.63.44
239.255.255.250 1844
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:25:25.745
10.60.63.44
239.255.255.250 1844
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:25:58.760
10.60.63.44
239.255.255.250 2044
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:01.760
10.60.63.44
239.255.255.250 2044
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:02.402
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:26:02.402
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:26:03.932
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:26:04.760
10.60.63.44
239.255.255.250 2044
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:20.286
10.60.63.44
239.255.255.250 2102
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:23.290
10.60.63.44
239.255.255.250 2102
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:26.315
10.60.63.44
239.255.255.250 2102
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:30.502
10.60.63.44
239.255.255.250 2123
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:33.505
10.60.63.44
239.255.255.250 2123
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:36.505
10.60.63.44
239.255.255.250 2123
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:50.288
10.60.63.44
239.255.255.250 2188
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:51.221
10.60.63.44
239.255.255.250 2206
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:26:51.800
10.60.63.44
10.225.208.160 2209
81
TCP
TCP:Flag
s=......S., SrcPort=2209, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3657
167900, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
10:26:51.850
10.225.208.160 10.60.63.44
81
2209
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2209, PayloadLen=0, Seq=3279
299835, Ack=3657167901, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:26:51.850
10.60.63.44
10.225.208.160 2209
81
TCP
TCP:Flag
s=...A...., SrcPort=2209, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3657
167901, Ack=3279299836, Win=64000 (scale factor 0x1) = 128000
10:26:51.850
10.60.63.44
10.225.208.160 2209
81
TCP
TCP:Flag
s=...A...F, SrcPort=2209, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3657
167901, Ack=3279299836, Win=64000 (scale factor 0x1) = 128000
10:26:51.859
10.60.63.44
10.225.208.160 2210
81
TCP
TCP:Flag
s=......S., SrcPort=2210, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1788
596691, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
10:26:51.910
10.225.208.160 10.60.63.44
81
2209
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2209, PayloadLen=0, Seq=3279
299836, Ack=3657167902, Win=57344 (scale factor 0x0) = 57344
10:26:51.918
10.225.208.160 10.60.63.44
81
2210
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2210, PayloadLen=0, Seq=3281
108729, Ack=1788596692, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:26:51.919
10.60.63.44
10.225.208.160 2210
81
TCP
TCP:Flag
s=...A...., SrcPort=2210, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1788
596692, Ack=3281108730, Win=64000 (scale factor 0x1) = 128000
10:26:51.919
10.60.63.44
10.225.208.160 2210
81
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml

10:26:52.108
10.225.208.160 10.60.63.44
81
2210
TCP
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2210, PayloadLen=0,
108730, Ack=1788596770, Win=57344 (scale factor 0x0) = 57344
10:26:54.222
10.60.63.44
239.255.255.250 2206
1900
HTTP
uest, M-SEARCH *
10:26:56.988
10.60.63.44
10.50.166.175 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:26:57.222
10.60.63.44
239.255.255.250 2206
1900
HTTP
uest, M-SEARCH *
10:27:00.994
10.60.63.44
10.50.228.126 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:27:12.387
10.60.63.44
239.255.255.250 2240
1900
HTTP
uest, M-SEARCH *
10:27:20.103
10.60.63.44
239.255.255.250 2240
1900
HTTP
uest, M-SEARCH *
10:27:20.184
10.60.63.44
239.255.255.250 2319
1900
HTTP
uest, M-SEARCH *
10:27:23.186
10.60.63.44
239.255.255.250 2319
1900
HTTP
uest, M-SEARCH *
10:27:26.186
10.60.63.44
239.255.255.250 2319
1900
HTTP
uest, M-SEARCH *
10:27:50.100
10.60.63.44
239.255.255.250 2653
1900
HTTP
uest, M-SEARCH *
10:27:53.119
10.60.63.44
239.255.255.250 2653
1900
HTTP
uest, M-SEARCH *
10:27:56.119
10.60.63.44
239.255.255.250 2653
1900
HTTP
uest, M-SEARCH *
10:28:12.324
10.225.208.160 10.60.63.44
81
2209
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2209, PayloadLen=0,
299836, Ack=3657167902, Win=57344
10:28:12.335
10.225.208.160 10.60.63.44
81
2210
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2210, PayloadLen=0,
108730, Ack=1788596770, Win=57344
10:28:22.724
10.60.63.44
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:28:22.724
10.60.63.44
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:28:24.666
10.60.63.44
239.255.255.250 2736
1900
HTTP
uest, M-SEARCH *
10:28:35.450
10.60.63.44
239.255.255.250 2736
1900
HTTP
uest, M-SEARCH *
10:28:38.458
10.60.63.44
239.255.255.250 2736
1900
HTTP
uest, M-SEARCH *
10:29:05.108
10.60.63.44
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:29:05.108
10.60.63.44
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:29:05.108
10.60.63.44
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
10:29:32.487
10.60.63.44
239.255.255.250 3017
1900
HTTP
uest, M-SEARCH *
10:29:36.028
10.60.63.44
239.255.255.250 3017
1900
HTTP
uest, M-SEARCH *
10:29:39.039
10.60.63.44
239.255.255.250 3017
1900
HTTP
uest, M-SEARCH *
10:29:45.216
10.60.63.44
239.255.255.250 3165
1900
HTTP
uest, M-SEARCH *
10:29:48.217
10.60.63.44
239.255.255.250 3165
1900
HTTP
uest, M-SEARCH *
10:29:51.217
10.60.63.44
239.255.255.250 3165
1900
HTTP

TCP:Flag
Seq=3281
SSDP:Req
UDP:SrcP
SSDP:Req
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
TCP:Flag
Seq=3279
TCP:Flag
Seq=3281
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
UDP:SrcP
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req

uest, M-SEARCH *
10:29:51.779
10.60.63.44
ort = 1036, DstPort = 1947,
10:29:51.779
10.60.63.44
ort = 1036, DstPort = 1947,
10:29:51.779
10.60.63.44
ort = 1036, DstPort = 1947,
10:30:10.093
10.60.63.44
uest, M-SEARCH *
10:30:14.250
10.60.63.44
uest, M-SEARCH *
10:30:17.254
10.60.63.44
uest, M-SEARCH *
10:30:20.266
10.60.63.44
uest, M-SEARCH *
10:30:38.610
10.60.63.44
ort = 1036, DstPort = 1947,
10:30:38.610
10.60.63.44
ort = 1036, DstPort = 1947,
10:30:38.610
10.60.63.44
ort = 1036, DstPort = 1947,
10:30:47.721
10.60.63.44
uest, M-SEARCH *
10:30:49.972
10.60.63.44
uest, M-SEARCH *
10:30:55.250
10.60.63.44
uest, M-SEARCH *
10:30:58.251
10.60.63.44
uest, M-SEARCH *
10:31:13.176
10.60.63.44
uest, M-SEARCH *
10:31:16.181
10.60.63.44
uest, M-SEARCH *
10:31:19.184
10.60.63.44
uest, M-SEARCH *
10:32:10.259
10.60.63.44
uest, M-SEARCH *
10:32:13.259
10.60.63.44
uest, M-SEARCH *
10:32:16.259
10.60.63.44
uest, M-SEARCH *
10:32:16.953
10.60.63.44
uest, M-SEARCH *
10:32:19.957
10.60.63.44
uest, M-SEARCH *
10:32:22.958
10.60.63.44
uest, M-SEARCH *
10:32:37.901
10.60.63.44
uest, M-SEARCH *
10:32:50.926
10.60.63.44
uest, M-SEARCH *
10:32:53.927
10.60.63.44
uest, M-SEARCH *
10:32:56.931
10.60.63.44
uest, M-SEARCH *
10:33:02.713
10.60.63.44
ort = 1036, DstPort = 1947,
10:33:02.713
10.60.63.44
ort = 1036, DstPort = 1947,
10:33:02.713
10.60.63.44

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

3258

1900

HTTP

SSDP:Req

239.255.255.250 3285

1900

HTTP

SSDP:Req

239.255.255.250 3285

1900

HTTP

SSDP:Req

239.255.255.250 3285

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

3458

1900

HTTP

SSDP:Req

239.255.255.250 3476

1900

HTTP

SSDP:Req

239.255.255.250 3476

1900

HTTP

SSDP:Req

239.255.255.250 3476

1900

HTTP

SSDP:Req

239.255.255.250 3631

1900

HTTP

SSDP:Req

239.255.255.250 3631

1900

HTTP

SSDP:Req

239.255.255.250 3631

1900

HTTP

SSDP:Req

239.255.255.250 3722

1900

HTTP

SSDP:Req

239.255.255.250 3722

1900

HTTP

SSDP:Req

239.255.255.250 3722

1900

HTTP

SSDP:Req

239.255.255.250 3751

1900

HTTP

SSDP:Req

239.255.255.250 3751

1900

HTTP

SSDP:Req

239.255.255.250 3751

1900

HTTP

SSDP:Req

239.255.255.250 3784

1900

HTTP

SSDP:Req

239.255.255.250 3820

1900

HTTP

SSDP:Req

239.255.255.250 3820

1900

HTTP

SSDP:Req

239.255.255.250 3820

1900

HTTP

SSDP:Req

255.255.255.255 1036
Length = 48
255.255.255.255 1036
Length = 48
255.255.255.255 1036

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

ort = 1036, DstPort = 1947, Length = 48

10:33:02.713
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:33:53.858
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:33:53.858
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:33:53.858
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:33:53.858
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:33:57.582
10.60.63.44
239.255.255.250 3927
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:00.583
10.60.63.44
239.255.255.250 3927
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:03.583
10.60.63.44
239.255.255.250 3927
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:16.596
10.60.63.44
239.255.255.250 3959
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:19.603
10.60.63.44
239.255.255.250 3959
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:20.420
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=......S., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924192780, Ack=0,
Win=65535 ( Negotiating scale factor 0x1 ) = 65535
10:34:20.444
10.60.63.44
202.126.40.5
65255 53
DNS
DNS:Quer
yId = 0xC96D, QUERY (Standard query), Query for mercurysvr.globetel.com of type
Host Addr on class Internet
10:34:20.450
10.60.63.44
202.126.40.5
56691 53
DNS
DNS:Quer
yId = 0x39D3, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:34:20.460
10.60.63.44
239.255.255.250 3976
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:20.474
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:Flag
s=...A..S., SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=645484797, Ack=392
4192781, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:34:20.475
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=...A...., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924192781, Ack=64
5484798, Win=64000 (scale factor 0x1) = 128000
10:34:20.476
10.60.63.44
161.69.13.141 3973
80
HTTP
HTTP:Req
uest, POST /DSS/Query, Query:crc=2ef2988f
10:34:20.496
202.126.40.5
10.60.63.44
53
65255 DNS
DNS:Quer
yId = 0xC96D, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:34:20.498
10.60.63.44
68.178.232.99 3978
8081
TCP
TCP:Flag
s=......S., SrcPort=3978, DstPort=8081, PayloadLen=0, Seq=3145896413, Ack=0, Win
=65535 ( Negotiating scale factor 0x1 ) = 65535
10:34:20.515
202.126.40.5
10.60.63.44
53
56691 DNS
DNS:Quer
yId = 0x39D3, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:34:20.520
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:Flag
s=......S., SrcPort=3979, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2003
472639, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
10:34:20.555
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:Flag
s=...A..S., SrcPort=8081, DstPort=3978, PayloadLen=0, Seq=645742276, Ack=3145896
414, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:34:20.556
10.60.63.44
68.178.232.99 3978
8081
TCP
TCP:Flag
s=...A...., SrcPort=3978, DstPort=8081, PayloadLen=0, Seq=3145896414, Ack=645742
277, Win=64000 (scale factor 0x1) = 128000
10:34:20.558
10.60.63.44
68.178.232.99 3978
8081
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml

10:34:20.576
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3979, PayloadLen=0, Seq=6459
99772, Ack=2003472640, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
10:34:20.576
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:Flag
s=...A...., SrcPort=3979, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2003
472640, Ack=645999773, Win=64000 (scale factor 0x1) = 128000
10:34:20.578
10.60.63.44
68.178.232.99 3979
81
HTTP
HTTP:Req
uest, POST /spipe/pkg, Query:AgentGuid={EF8096E1-6DF8-4107-9190-58F9A3090A4F}&So
urce=Agent_3.0.0
10:34:20.578
10.60.63.44
68.178.232.99 3979
81
HTTP
HTTP:HTT
P Payload, URL: /spipe/pkg
10:34:20.578
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:[Con
tinuation to #193]Flags=...AP..., SrcPort=3979, DstPort=HOSTS2 Name Server(81),
PayloadLen=67, Seq=2003474152 - 2003474219, Ack=645999773, Win=64000 (scale fact
or 0x1) = 128000
10:34:20.593
10.60.63.44
202.126.40.5
57786 53
DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:34:20.593
10.60.63.44
222.127.143.5 57786 53
DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:34:20.593
10.60.63.44
202.126.40.5
57786 53
DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:34:20.593
10.60.63.44
222.127.143.5 57786 53
DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:34:20.666
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3979, PayloadLen=0, Seq=6459
99773, Ack=2003474152, Win=57344 (scale factor 0x0) = 57344
10:34:20.687
202.126.40.5
10.60.63.44
53
57786 DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
10:34:20.687
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:Flag
s=...A...., SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=645484798, Ack=392
4193197, Win=57344 (scale factor 0x0) = 57344
10:34:20.687
202.126.40.5
10.60.63.44
53
57786 DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:34:20.697
222.127.143.5 10.60.63.44
53
57786 DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:34:20.697
10.60.63.44
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.63.44:57786
10:34:20.716
222.127.143.5 10.60.63.44
53
57786 DNS
DNS:Quer
yId = 0xAA56, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:34:20.716
10.60.63.44
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.63.44:57786
10:34:20.716
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=3978, PayloadLen=0, Seq=645742277, Ack=3145896
503, Win=57344 (scale factor 0x0) = 57344
10:34:20.777
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3979, PayloadLen=0, Seq=6459
99773, Ack=2003474219, Win=57344 (scale factor 0x0) = 57344
10:34:21.007
161.69.13.141 10.60.63.44
80
3973
HTTP
HTTP:Res
ponse, HTTP/1.1, Status: Ok, URL: /DSS/Query
10:34:21.140
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=...A...., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=64
5486008, Win=64000 (scale factor 0x1) = 128000

10:34:23.461
10.60.63.44
239.255.255.250 3976
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:24.014
10.60.63.44
239.255.255.250 3983
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:27.030
10.60.63.44
239.255.255.250 3983
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:27.189
10.60.63.44
239.255.255.250 3996
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:30.197
10.60.63.44
239.255.255.250 3996
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:33.207
10.60.63.44
239.255.255.250 3996
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:34:44.968
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:34:44.969
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:34:44.969
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:34:45.648
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:Flag
s=...A...F, SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=645486008, Ack=392
4193197, Win=57344 (scale factor 0x0) = 57344
10:34:45.648
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=...A...., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=64
5486009, Win=64000
10:34:51.688
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=6454
86008, Ack=3924193197, Win=57344
10:34:51.688
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=...A...., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=64
5486009, Win=64000
10:34:57.291
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=...A.R.., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=64
5486009, Win=0
10:35:07.647
10.60.63.44
239.255.255.250 4099
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:10.649
10.60.63.44
239.255.255.250 4099
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:13.649
10.60.63.44
239.255.255.250 4099
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:18.378
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=6454
86008, Ack=3924193197, Win=57344
10:35:18.378
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=.....R.., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=39
24193197, Win=0
10:35:22.683
10.60.63.44
239.255.255.250 4117
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:25.684
10.60.63.44
239.255.255.250 4117
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:28.685
10.60.63.44
239.255.255.250 4117
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:31.494
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:35:31.494
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:35:31.494
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:35:42.986
10.60.63.44
239.255.255.250 4163
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:44.958
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:[Seg

ment Lost]Flags=...A...F, SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=6454

86008, Ack=3924193197, Win=57344
10:35:44.958
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=.....R.., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=39
24193197, Win=0
10:35:50.783
10.60.63.44
239.255.255.250 4163
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:35:53.820
10.60.63.44
239.255.255.250 4163
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:36:17.544
10.60.63.44
239.255.255.250 4243
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:36:20.555
10.60.63.44
239.255.255.250 4243
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:36:23.555
10.60.63.44
239.255.255.250 4243
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:36:52.504
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=6454
86008, Ack=3924193197, Win=57344
10:36:52.504
10.60.63.44
161.69.13.141 3973
80
TCP
TCP:Flag
s=.....R.., SrcPort=3973, DstPort=HTTP(80), PayloadLen=0, Seq=3924193197, Ack=39
24193197, Win=0
10:36:55.502
10.60.63.44
239.255.255.250 4491
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:36:58.566
10.60.63.44
239.255.255.250 4491
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:01.089
10.60.63.44
239.255.255.250 4517
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:05.519
10.60.63.44
239.255.255.250 4517
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:08.522
10.60.63.44
239.255.255.250 4517
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:30.220
10.60.63.44
239.255.255.250 4575
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:41.955
10.60.63.44
239.255.255.250 4773
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:44.955
10.60.63.44
239.255.255.250 4773
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:47.957
10.60.63.44
239.255.255.250 4773
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:37:51.632
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:37:51.632
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:37:51.632
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:37:52.874
161.69.13.141 10.60.63.44
80
3973
TCP
TCP:Flag
s=...A.R.., SrcPort=HTTP(80), DstPort=3973, PayloadLen=0, Seq=645486009, Ack=392
4193197, Win=57344
10:38:07.702
10.60.63.44
239.255.255.250 4850
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:10.713
10.60.63.44
239.255.255.250 4850
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:13.721
10.60.63.44
239.255.255.250 4850
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:23.271
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:[Kee
p alive]Flags=...A...., SrcPort=8081, DstPort=3978, PayloadLen=0, Seq=645742276,
Ack=3145896503, Win=57344 (scale factor 0x0) = 57344
10:38:23.271
10.60.63.44
68.178.232.99 3978
8081
TCP
TCP:Flag
s=...A...., SrcPort=3978, DstPort=8081, PayloadLen=0, Seq=3145896503, Ack=645742
277, Win=64000 (scale factor 0x1) = 128000

10:38:23.292
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:[Kee
p alive]Flags=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3979, PayloadLen
=0, Seq=645999772, Ack=2003474219, Win=57344 (scale factor 0x0) = 57344
10:38:23.292
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:Flag
s=...A...., SrcPort=3979, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2003
474219, Ack=645999773, Win=64000 (scale factor 0x1) = 128000
10:38:23.293
10.60.63.44
239.255.255.250 4894
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:26.294
10.60.63.44
239.255.255.250 4894
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:29.295
10.60.63.44
239.255.255.250 4894
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:38.032
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:38:38.033
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:38:38.033
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:38:40.881
10.60.63.44
239.255.255.250 4939
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:48.149
10.60.63.44
239.255.255.250 4939
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:48.433
10.60.63.44
239.255.255.250 4993
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:56.365
10.60.63.44
239.255.255.250 4993
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:38:59.368
10.60.63.44
239.255.255.250 4993
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:05.260
10.60.63.44
239.255.255.250 1160
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:08.262
10.60.63.44
239.255.255.250 1160
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:11.263
10.60.63.44
239.255.255.250 1160
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:32.562
10.60.63.44
239.255.255.250 1415
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:35.562
10.60.63.44
239.255.255.250 1415
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:35.568
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:[Kee
p alive][Dup Ack #262]Flags=...A...., SrcPort=8081, DstPort=3978, PayloadLen=0,
Seq=645742276, Ack=3145896503, Win=57344 (scale factor 0x0) = 57344
10:39:35.568
10.60.63.44
68.178.232.99 3978
8081
TCP
TCP:[Dup
Ack #263]Flags=...A...., SrcPort=3978, DstPort=8081, PayloadLen=0, Seq=31458965
03, Ack=645742277, Win=64000 (scale factor 0x1) = 128000
10:39:35.628
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:[Kee
p alive][Dup Ack #264]Flags=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=39
79, PayloadLen=0, Seq=645999772, Ack=2003474219, Win=57344 (scale factor 0x0) =
57344
10:39:35.628
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:[Dup
Ack #265]Flags=...A...., SrcPort=3979, DstPort=HOSTS2 Name Server(81), PayloadL
en=0, Seq=2003474219, Ack=645999773, Win=64000 (scale factor 0x1) = 128000
10:39:38.562
10.60.63.44
239.255.255.250 1415
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:39:53.026
10.60.63.44
239.255.255.250 1461
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:09.877
10.60.63.44
239.255.255.250 1504
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:12.878
10.60.63.44
239.255.255.250 1504
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:15.129
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP

ort = 1036, DstPort = 1947, Length = 48

10:40:15.129
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:40:15.129
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:40:15.878
10.60.63.44
239.255.255.250 1504
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:20.458
10.60.63.44
239.255.255.250 1536
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:23.458
10.60.63.44
239.255.255.250 1536
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:26.458
10.60.63.44
239.255.255.250 1536
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:40:53.321
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:[Kee
p alive][Request Fast-Retransmit from Seq3145896503]Flags=...A...., SrcPort=8081
, DstPort=3978, PayloadLen=0, Seq=645742276, Ack=3145896503, Win=57344 (scale fa
ctor 0x0) = 57344
10:40:53.321
10.60.63.44
68.178.232.99 3978
8081
TCP
TCP:[Req
uest Fast-Retransmit from Seq645742277]Flags=...A...., SrcPort=3978, DstPort=808
1, PayloadLen=0, Seq=3145896503, Ack=645742277, Win=64000 (scale factor 0x1) = 1
28000
10:40:53.340
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:[Kee
p alive][Request Fast-Retransmit from Seq2003474219]Flags=...A...., SrcPort=HOST
S2 Name Server(81), DstPort=3979, PayloadLen=0, Seq=645999772, Ack=2003474219, W
in=57344 (scale factor 0x0) = 57344
10:40:53.340
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq645999773]Flags=...A...., SrcPort=3979, DstPort=HOS
TS2 Name Server(81), PayloadLen=0, Seq=2003474219, Ack=645999773, Win=64000 (sca
le factor 0x1) = 128000
10:41:17.551
10.60.63.44
239.255.255.250 1644
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:20.580
10.60.63.44
239.255.255.250 1644
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:23.580
10.60.63.44
239.255.255.250 1644
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:28.800
10.60.63.44
239.255.255.250 1803
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:31.802
10.60.63.44
239.255.255.250 1803
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:34.802
10.60.63.44
239.255.255.250 1803
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:47.447
10.60.63.44
239.255.255.250 1830
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:52.535
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:41:52.535
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:41:52.535
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:41:53.479
10.60.63.44
239.255.255.250 1853
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:56.480
10.60.63.44
239.255.255.250 1853
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:41:59.482
10.60.63.44
239.255.255.250 1853
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:05.833
10.60.63.44
239.255.255.250 1867
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:08.862
10.60.63.44
239.255.255.250 1867
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:11.886
10.60.63.44
239.255.255.250 1867
1900
HTTP
SSDP:Req

uest, M-SEARCH *
10:42:39.600
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:42:39.600
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:42:39.600
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:42:39.600
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:42:46.803
10.60.63.44
239.255.255.250 1948
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:49.851
10.60.63.44
239.255.255.250 1948
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:52.852
10.60.63.44
239.255.255.250 1948
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:56.291
10.60.63.44
239.255.255.250 1968
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:42:59.540
10.60.63.44
239.255.255.250 1968
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:02.541
10.60.63.44
239.255.255.250 1968
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:15.961
10.60.63.44
239.255.255.250 1997
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:18.964
10.60.63.44
239.255.255.250 1997
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:20.565
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:[Kee
p alive][Request Fast-Retransmit from Seq3145896503]Flags=...A...., SrcPort=8081
, DstPort=3978, PayloadLen=0, Seq=645742276, Ack=3145896503, Win=57344 (scale fa
ctor 0x0) = 57344
10:43:20.565
10.60.63.44
68.178.232.99 3978
8081
TCP
TCP:[Req
uest Fast-Retransmit from Seq645742277]Flags=...A...., SrcPort=3978, DstPort=808
1, PayloadLen=0, Seq=3145896503, Ack=645742277, Win=64000 (scale factor 0x1) = 1
28000
10:43:20.625
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:[Kee
p alive][Request Fast-Retransmit from Seq2003474219]Flags=...A...., SrcPort=HOST
S2 Name Server(81), DstPort=3979, PayloadLen=0, Seq=645999772, Ack=2003474219, W
in=57344 (scale factor 0x0) = 57344
10:43:20.625
10.60.63.44
68.178.232.99 3979
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq645999773]Flags=...A...., SrcPort=3979, DstPort=HOS
TS2 Name Server(81), PayloadLen=0, Seq=2003474219, Ack=645999773, Win=64000 (sca
le factor 0x1) = 128000
10:43:21.965
10.60.63.44
239.255.255.250 1997
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:30.147
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:43:30.147
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:43:30.147
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:43:38.279
10.60.63.44
239.255.255.250 2029
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:41.292
10.60.63.44
239.255.255.250 2029
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:43:42.771
68.178.232.99 10.60.63.44
8081
3978
TCP
TCP:Flag
s=...A.R.., SrcPort=8081, DstPort=3978, PayloadLen=0, Seq=645742277, Ack=3145896
503, Win=57344
10:43:42.839
68.178.232.99 10.60.63.44
81
3979
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3979, PayloadLen=0, Seq=6459
99773, Ack=2003474219, Win=57344
10:43:44.293
10.60.63.44
239.255.255.250 2029
1900
HTTP
SSDP:Req

uest, M-SEARCH *
10:44:08.805
10.60.63.44
uest, M-SEARCH *
10:44:13.594
10.60.63.44
uest, M-SEARCH *
10:44:16.377
10.60.63.44
ort = 1036, DstPort = 1947,
10:44:16.377
10.60.63.44
ort = 1036, DstPort = 1947,
10:44:16.377
10.60.63.44
ort = 1036, DstPort = 1947,
10:44:16.596
10.60.63.44
uest, M-SEARCH *
10:44:42.637
10.60.63.44
uest, M-SEARCH *
10:44:55.414
10.60.63.44
uest, M-SEARCH *
10:44:58.417
10.60.63.44
uest, M-SEARCH *
10:45:01.418
10.60.63.44
uest, M-SEARCH *
10:45:02.890
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:02.890
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:02.891
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:02.891
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:24.154
10.60.63.44
uest, M-SEARCH *
10:45:27.166
10.60.63.44
uest, M-SEARCH *
10:45:30.167
10.60.63.44
uest, M-SEARCH *
10:45:54.079
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:54.079
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:54.081
10.60.63.44
ort = 1036, DstPort = 1947,
10:45:58.353
10.60.63.44
uest, M-SEARCH *
10:45:59.094
10.60.63.44
uest, M-SEARCH *
10:46:09.858
10.60.63.44
uest, M-SEARCH *
10:46:13.309
10.60.63.44
uest, M-SEARCH *
10:46:38.039
10.60.63.44
uest, M-SEARCH *
10:46:41.040
10.60.63.44
uest, M-SEARCH *
10:46:44.046
10.60.63.44
uest, M-SEARCH *
10:46:52.037
10.60.63.44
uest, M-SEARCH *
10:46:55.039
10.60.63.44
uest, M-SEARCH *
10:46:58.040
10.60.63.44

239.255.255.250 2171

1900

HTTP

SSDP:Req

239.255.255.250 2171

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

2171

1900

HTTP

SSDP:Req

239.255.255.250 2240

1900

HTTP

SSDP:Req

239.255.255.250 2275

1900

HTTP

SSDP:Req

239.255.255.250 2275

1900

HTTP

SSDP:Req

239.255.255.250 2275

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

2447

1900

HTTP

SSDP:Req

239.255.255.250 2447

1900

HTTP

SSDP:Req

239.255.255.250 2447

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

2517

1900

HTTP

SSDP:Req

239.255.255.250 2531

1900

HTTP

SSDP:Req

239.255.255.250 2531

1900

HTTP

SSDP:Req

239.255.255.250 2531

1900

HTTP

SSDP:Req

239.255.255.250 2616

1900

HTTP

SSDP:Req

239.255.255.250 2616

1900

HTTP

SSDP:Req

239.255.255.250 2616

1900

HTTP

SSDP:Req

239.255.255.250 2694

1900

HTTP

SSDP:Req

239.255.255.250 2694

1900

HTTP

SSDP:Req

239.255.255.250 2694

1900

HTTP

SSDP:Req

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

uest, M-SEARCH *
10:47:16.987
10.60.63.44
239.255.255.250 2955
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:47:19.992
10.60.63.44
239.255.255.250 2955
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:47:22.997
10.60.63.44
239.255.255.250 2955
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:47:31.008
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:47:31.008
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:47:31.008
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:47:31.008
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:48:00.372
10.60.63.44
239.255.255.250 3227
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:03.372
10.60.63.44
239.255.255.250 3227
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:06.372
10.60.63.44
239.255.255.250 3227
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:17.619
10.60.63.44
239.255.255.250 3252
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:20.621
10.60.63.44
239.255.255.250 3252
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:21.841
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:48:21.841
10.60.63.44
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:48:23.622
10.60.63.44
239.255.255.250 3252
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:24.791
10.60.63.44
239.255.255.250 3278
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:24.833
10.60.63.44
202.126.40.5
54757 53
DNS
DNS:Quer
yId = 0xE44E, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:48:24.833
10.60.63.44
222.127.143.5 54757 53
DNS
DNS:Quer
yId = 0xE44E, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:48:24.922
10.60.63.44
202.126.40.5
56001 53
DNS
DNS:Quer
yId = 0xEA7C, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
10:48:25.068
202.126.40.5
10.60.63.44
53
54757 DNS
DNS:Quer
yId = 0xE44E, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
10:48:25.138
222.127.143.5 10.60.63.44
53
54757 DNS
DNS:Quer
yId = 0xE44E, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
10:48:25.138
10.60.63.44
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.63.44:54757
10:48:25.178
202.126.40.5
10.60.63.44
53
56001 DNS
DNS:Quer
yId = 0xEA7C, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
10:48:25.854
10.60.63.44
10.60.36.74
1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
10:48:34.548
10.60.63.44
239.255.255.250 3278
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:39.671
10.60.63.44
239.255.255.250 3315
1900
HTTP
SSDP:Req
uest, M-SEARCH *
10:48:42.674
10.60.63.44
239.255.255.250 3315
1900
HTTP
SSDP:Req

uest, M-SEARCH *
10:48:45.676
10.60.63.44
uest, M-SEARCH *
10:48:47.084
10.60.63.44
uest, M-SEARCH *
10:48:50.086
10.60.63.44
uest, M-SEARCH *
10:48:53.086
10.60.63.44
uest, M-SEARCH *
10:49:04.583
10.60.63.44
ort = 1036, DstPort = 1947,
10:49:04.583
10.60.63.44
ort = 1036, DstPort = 1947,
10:49:04.583
10.60.63.44
ort = 1036, DstPort = 1947,
10:49:51.534
10.60.63.44
ort = 1036, DstPort = 1947,
10:49:51.534
10.60.63.44
ort = 1036, DstPort = 1947,
10:49:51.534
10.60.63.44
ort = 1036, DstPort = 1947,
10:49:55.657
10.60.63.44
uest, M-SEARCH *
10:49:58.660
10.60.63.44
uest, M-SEARCH *
10:50:01.663
10.60.63.44
uest, M-SEARCH *

239.255.255.250 3315

1900

HTTP

SSDP:Req

239.255.255.250 3328

1900

HTTP

SSDP:Req

239.255.255.250 3328

1900

HTTP

SSDP:Req

239.255.255.250 3328

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

3718

1900

HTTP

SSDP:Req

239.255.255.250 3718

1900

HTTP

SSDP:Req

239.255.255.250 3718

1900

HTTP

SSDP:Req

255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
255.255.255.255
Length = 48
239.255.255.250

/////LOG FILE2/////
Time
Source IP
Dest. IP
Source port
Description
11:12:04.381
10.70.61.135
239.255.255.250 3713
uest, M-SEARCH *
11:12:07.407
10.70.61.135
239.255.255.250 3713
uest, M-SEARCH *
11:12:08.055
10.70.61.135
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x6444224A
11:12:10.407
10.70.61.135
239.255.255.250 3713
uest, M-SEARCH *
11:12:31.939
10.70.61.135
255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
11:12:31.939
10.70.61.135
255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
11:12:45.873
10.70.61.135
239.255.255.250 4295
uest, M-SEARCH *
11:12:48.875
10.70.61.135
239.255.255.250 4295
uest, M-SEARCH *
11:12:51.876
10.70.61.135
239.255.255.250 4295
uest, M-SEARCH *
11:13:14.333
10.70.61.135
255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
11:13:14.333
10.70.61.135
255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
11:13:14.333
10.70.61.135
255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48

Dest. port

Protocol

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

11:13:29.897
10.70.61.135
239.255.255.250 4605
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:13:32.897
10.70.61.135
239.255.255.250 4605
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:13:35.901
10.70.61.135
239.255.255.250 4605
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:13:56.174
10.70.61.135
239.255.255.250 4757
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:01.238
10.70.61.135
239.255.255.250 4771
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:06.993
10.70.61.135
239.255.255.250 4780
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:09.994
10.70.61.135
239.255.255.250 4780
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:12.996
10.70.61.135
239.255.255.250 4780
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:35.662
10.70.61.135
239.255.255.250 4862
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:38.665
10.70.61.135
239.255.255.250 4862
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:14:41.665
10.70.61.135
239.255.255.250 4862
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:08.304
10.70.61.135
239.255.255.250 4963
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:08.358
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=......S., SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92453, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
11:15:10.420
10.225.208.160 10.70.61.135
81
4965
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4965, PayloadLen=0, Seq=2887
59680, Ack=644692454, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:15:10.420
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...., SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92454, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:10.421
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...F, SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92454, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:13.427
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...F, SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92454, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:15.380
10.225.208.160 10.70.61.135
81
4965
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4965, PayloadLen=0, Seq=2887
59680, Ack=644692454, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:15:15.380
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...., SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92455, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:17.963
10.70.61.135
239.255.255.250 1141
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:19.564
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...F, SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92454, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:20.963
10.70.61.135
239.255.255.250 1141
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:23.422
10.225.208.160 10.70.61.135
81
4965
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4965, PayloadLen=0, Seq=2887
59680, Ack=644692454, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:15:23.422
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:[Dup
Ack #31]Flags=...A...., SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLe
n=0, Seq=644692455, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:23.965
10.70.61.135
239.255.255.250 1141
1900
HTTP
SSDP:Req
uest, M-SEARCH *

11:15:26.360
10.70.61.135
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
11:15:26.360
10.70.61.135
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
11:15:27.870
10.70.61.135
239.255.255.250 1153
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:30.879
10.70.61.135
239.255.255.250 1153
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:31.533
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...F, SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92454, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:15:33.883
10.70.61.135
239.255.255.250 1153
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:43.047
10.70.61.135
239.255.255.250 1218
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:43.264
10.225.208.160 10.70.61.135
81
4965
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4965, PayloadLen=0, Seq=2887
59680, Ack=644692454, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:15:43.264
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq288759681]Flags=...A...., SrcPort=4965, DstPort=HOS
TS2 Name Server(81), PayloadLen=0, Seq=644692455, Ack=288759681, Win=64000 (scal
e factor 0x1) = 128000
11:15:48.937
10.70.61.135
239.255.255.250 1218
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:51.938
10.70.61.135
239.255.255.250 1218
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:15:55.573
10.70.61.135
10.225.208.160 4965
81
TCP
TCP:Flag
s=...A...F, SrcPort=4965, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=6446
92454, Ack=288759681, Win=64000 (scale factor 0x1) = 128000
11:16:09.384
10.70.61.135
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
11:16:09.384
10.70.61.135
255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
11:16:20.036
10.70.61.135
239.255.255.250 1466
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:16:20.083
10.70.61.135
202.126.40.5
51702 53
DNS
DNS:Quer
yId = 0xB588, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
11:16:20.145
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag
s=......S., SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052
360988, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
11:16:21.083
10.70.61.135
222.127.143.5 51702 53
DNS
DNS:Quer
yId = 0xB588, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
11:16:23.133
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:[Syn
ReTransmit #54]Flags=......S., SrcPort=1469, DstPort=HOSTS2 Name Server(81), Pay
loadLen=0, Seq=3052360988, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 6
5535
11:16:23.606
202.126.40.5
10.70.61.135
53
51702 DNS
DNS:Quer
yId = 0xB588, QUERY (Standard query), Response - Success, Array[68.178.232.99,26
07:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
11:16:23.606
10.70.61.135
202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.61.135:51702
11:16:23.606
10.225.208.160 10.70.61.135
81
1469
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1469, PayloadLen=0, Seq=5105
19036, Ack=3052360989, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:16:23.606
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:[Kee
p alive]Flags=...A...., SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen
=0, Seq=3052360989, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:23.607
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag

s=...A...F, SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052

360989, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:23.696
222.127.143.5 10.70.61.135
53
51702 DNS
DNS:Quer
yId = 0xB588, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
11:16:23.696
10.70.61.135
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.61.135:51702
11:16:25.375
10.225.208.160 10.70.61.135
81
4965
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=4965, PayloadLen=0, Seq=2887
59681, Ack=644692454, Win=57344
11:16:27.791
10.70.61.135
239.255.255.250 1495
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:16:28.646
10.225.208.160 10.70.61.135
81
1469
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1469, PayloadLen=0, Seq=5105
19036, Ack=3052360989, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:16:28.646
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag
s=...A...., SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052
360990, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:29.571
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag
s=...A...F, SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052
360989, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:30.805
10.70.61.135
239.255.255.250 1495
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:16:33.806
10.70.61.135
239.255.255.250 1495
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:16:36.646
10.225.208.160 10.70.61.135
81
1469
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1469, PayloadLen=0, Seq=5105
19036, Ack=3052360989, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:16:36.646
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag
s=...A...., SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052
360990, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:41.541
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag
s=...A...F, SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052
360989, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:55.130
10.70.61.135
239.255.255.250 1732
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:16:56.625
10.225.208.160 10.70.61.135
81
1469
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1469, PayloadLen=0, Seq=5105
19036, Ack=3052360989, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:16:56.625
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:[Dup
Ack #72]Flags=...A...., SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLe
n=0, Seq=3052360990, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:16:58.131
10.70.61.135
239.255.255.250 1732
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:17:01.134
10.70.61.135
239.255.255.250 1732
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:17:05.581
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:Flag
s=...A...F, SrcPort=1469, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3052
360989, Ack=510519037, Win=64000 (scale factor 0x1) = 128000
11:17:27.797
10.225.208.160 10.70.61.135
81
1469
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1469, PayloadLen=0, Seq=5105
19036, Ack=3052360989, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
11:17:27.797
10.70.61.135
10.225.208.160 1469
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq510519037]Flags=...A...., SrcPort=1469, DstPort=HOS
TS2 Name Server(81), PayloadLen=0, Seq=3052360990, Ack=510519037, Win=64000 (sca
le factor 0x1) = 128000
11:17:32.296
10.70.61.135
239.255.255.250 1808
1900
HTTP
SSDP:Req
uest, M-SEARCH *
11:17:35.304
10.70.61.135
239.255.255.250 1808
1900
HTTP
SSDP:Req
uest, M-SEARCH *

11:17:38.305
10.70.61.135
239.255.255.250 1808
1900
HTTP
uest, M-SEARCH *
11:17:47.158
10.225.208.160 10.70.61.135
81
1469
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=1469, PayloadLen=0,
19037, Ack=3052360989, Win=57344
11:18:06.338
10.70.61.135
239.255.255.250 1981
1900
HTTP
uest, M-SEARCH *
11:18:09.342
10.70.61.135
239.255.255.250 1981
1900
HTTP
uest, M-SEARCH *
11:18:12.345
10.70.61.135
239.255.255.250 1981
1900
HTTP
uest, M-SEARCH *
11:18:21.990
10.70.61.135
239.255.255.250 2129
1900
HTTP
uest, M-SEARCH *
11:18:24.998
10.70.61.135
239.255.255.250 2129
1900
HTTP
uest, M-SEARCH *
11:18:26.501
10.70.61.135
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
11:18:26.501
10.70.61.135
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
11:18:27.729
10.70.61.135
255.255.255.255 1036
1947
UDP
ort = 1036, DstPort = 1947, Length = 48
11:18:27.999
10.70.61.135
239.255.255.250 2129
1900
HTTP
uest, M-SEARCH *
11:18:44.593
10.70.61.135
239.255.255.250 2343
1900
HTTP
uest, M-SEARCH *
11:18:56.740
10.70.61.135
239.255.255.250 2368
1900
HTTP
uest, M-SEARCH *
11:18:59.741
10.70.61.135
239.255.255.250 2368
1900
HTTP
uest, M-SEARCH *
11:19:02.742
10.70.61.135
239.255.255.250 2368
1900
HTTP
uest, M-SEARCH *
11:19:22.248
10.70.61.135
239.255.255.250 2510
1900
HTTP
uest, M-SEARCH *
11:19:25.257
10.70.61.135
239.255.255.250 2510
1900
HTTP
uest, M-SEARCH *
11:19:28.258
10.70.61.135
239.255.255.250 2510
1900
HTTP
uest, M-SEARCH *
11:19:34.058
10.70.61.135
239.255.255.250 2584
1900
HTTP
uest, M-SEARCH *
11:19:37.059
10.70.61.135
239.255.255.250 2584
1900
HTTP
uest, M-SEARCH *
11:19:40.065
10.70.61.135
239.255.255.250 2584
1900
HTTP
uest, M-SEARCH *
11:19:41.442
10.70.61.135
239.255.255.250 2619
1900
HTTP
uest, M-SEARCH *
11:19:44.442
10.70.61.135
239.255.255.250 2619
1900
HTTP
uest, M-SEARCH *
11:19:47.447
10.70.61.135
239.255.255.250 2619
1900
HTTP
uest, M-SEARCH *
11:19:52.334
10.70.61.135
239.255.255.250 2661
1900
HTTP
uest, M-SEARCH *
11:19:55.186
10.70.61.135
239.255.255.250 2677
1900
HTTP
uest, M-SEARCH *
11:19:58.230
10.70.61.135
239.255.255.250 2677
1900
HTTP
uest, M-SEARCH *
11:20:01.233
10.70.61.135
239.255.255.250 2677
1900
HTTP
uest, M-SEARCH *
11:20:14.067
10.70.61.135
239.255.255.250 2739
1900
HTTP
uest, M-SEARCH *
11:20:17.069
10.70.61.135
239.255.255.250 2739
1900
HTTP

SSDP:Req
TCP:Flag
Seq=5105
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
UDP:SrcP
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req

uest, M-SEARCH
11:20:20.070
uest, M-SEARCH
11:20:29.745
uest, M-SEARCH
11:20:37.750
uest, M-SEARCH
11:20:40.758
uest, M-SEARCH
11:20:50.208
uest, M-SEARCH
11:20:53.211
uest, M-SEARCH
11:20:56.224
uest, M-SEARCH
11:21:23.239
uest, M-SEARCH
11:21:26.251
uest, M-SEARCH
11:21:29.253
uest, M-SEARCH
11:22:00.297
uest, M-SEARCH
11:22:03.297
uest, M-SEARCH
11:22:06.301
uest, M-SEARCH
11:22:41.494
uest, M-SEARCH
11:22:44.494
uest, M-SEARCH
11:22:47.495
uest, M-SEARCH
11:22:54.915
uest, M-SEARCH
11:22:57.940
uest, M-SEARCH
11:23:00.942
uest, M-SEARCH
11:23:01.918
uest, M-SEARCH
11:23:06.353
uest, M-SEARCH
11:23:09.362
uest, M-SEARCH
11:23:17.169
uest, M-SEARCH
11:23:18.072
uest, M-SEARCH
11:23:24.251
uest, M-SEARCH
11:23:27.252
uest, M-SEARCH
11:23:59.016
uest, M-SEARCH
11:24:02.029
uest, M-SEARCH
11:24:05.031
uest, M-SEARCH
11:25:24.019

*
10.70.61.135

239.255.255.250 2739

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 2785

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 2785

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 2785

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 2913

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 2913

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 2913

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3013

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3013

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3013

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3213

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3213

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3213

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3305

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3305

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3305

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3354

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3354

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3354

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3377

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3377

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3377

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3414

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3423

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3423

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3423

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3570

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3570

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3570

1900

HTTP

SSDP:Req

10.70.61.135

239.255.255.250 3837

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH *
11:25:24.125
10.70.61.135
10.225.208.160 3839
81
TCP
TCP:Flag
s=......S., SrcPort=3839, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3484
7105, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535

/////LOG FILE 3/////

no file
/////LOG FILE 4/////
Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
12:42:40.370
10.70.39.207
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x4DD2D4D1
12:42:40.370
10.70.39.207
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x4DD2D4D1
12:42:40.968
10.70.39.207
239.255.255.250 1165
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:40.968
10.70.39.207
239.255.255.250 1165
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:43.972
10.70.39.207
239.255.255.250 1165
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:43.972
10.70.39.207
239.255.255.250 1165
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:48.876
10.70.39.207
239.255.255.250 1198
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:48.876
10.70.39.207
239.255.255.250 1198
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:51.884
10.70.39.207
239.255.255.250 1198
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:51.884
10.70.39.207
239.255.255.250 1198
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:54.886
10.70.39.207
239.255.255.250 1198
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:54.886
10.70.39.207
239.255.255.250 1198
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:57.385
209.85.175.188 10.70.39.207
5228
41961 TCP
TCP:Flag
s=...A...., SrcPort=5228, DstPort=41961, PayloadLen=0, Seq=769887378, Ack=489011
764, Win=57344
12:42:57.385
209.85.175.188 10.70.39.207
5228
41961 TCP
TCP:[Dup
Ack #13]Flags=...A...., SrcPort=5228, DstPort=41961, PayloadLen=0, Seq=76988737
8, Ack=489011764, Win=57344
12:42:57.385
10.70.39.207
209.85.175.188 41961 5228
TCP
TCP:Flag
s=.....R.., SrcPort=41961, DstPort=5228, PayloadLen=0, Seq=489011764, Ack=489011
764, Win=0
12:42:57.385
10.70.39.207
209.85.175.188 41961 5228
TCP
TCP:Flag
s=.....R.., SrcPort=41961, DstPort=5228, PayloadLen=0, Seq=489011764, Ack=489011
764, Win=0
12:42:59.877
10.70.39.207
239.255.255.250 1236
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:42:59.877
10.70.39.207
239.255.255.250 1236
1900
HTTP
SSDP:Req

uest, M-SEARCH *
12:43:02.898
10.70.39.207
239.255.255.250 1236
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:02.898
10.70.39.207
239.255.255.250 1236
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:05.900
10.70.39.207
239.255.255.250 1236
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:05.900
10.70.39.207
239.255.255.250 1236
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:30.743
10.70.39.207
239.255.255.250 1357
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:30.743
10.70.39.207
239.255.255.250 1357
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:33.748
10.70.39.207
239.255.255.250 1357
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:33.748
10.70.39.207
239.255.255.250 1357
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:36.753
10.70.39.207
239.255.255.250 1357
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:36.753
10.70.39.207
239.255.255.250 1357
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:52.836
10.70.39.207
239.255.255.250 1437
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:52.836
10.70.39.207
239.255.255.250 1437
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:55.849
10.70.39.207
239.255.255.250 1437
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:55.849
10.70.39.207
239.255.255.250 1437
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:56.021
10.70.39.207
239.255.255.250 1460
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:56.021
10.70.39.207
239.255.255.250 1460
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:59.022
10.70.39.207
239.255.255.250 1460
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:43:59.022
10.70.39.207
239.255.255.250 1460
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:02.024
10.70.39.207
239.255.255.250 1460
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:02.024
10.70.39.207
239.255.255.250 1460
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:07.410
10.70.39.207
239.255.255.250 1505
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:07.410
10.70.39.207
239.255.255.250 1505
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:10.412
10.70.39.207
239.255.255.250 1505
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:10.412
10.70.39.207
239.255.255.250 1505
1900
HTTP
SSDP:Req
uest, M-SEARCH *
12:44:12.330
209.85.175.188 10.70.39.207
5228
41961 TCP
TCP:Flag
s=...A...., SrcPort=5228, DstPort=41961, PayloadLen=0, Seq=769887378, Ack=489011
764, Win=57344
12:44:12.330
209.85.175.188 10.70.39.207
5228
41961 TCP
TCP:[Dup
Ack #43]Flags=...A...., SrcPort=5228, DstPort=41961, PayloadLen=0, Seq=76988737
8, Ack=489011764, Win=57344
12:44:12.330
10.70.39.207
209.85.175.188 41961 5228
TCP
TCP:Flag
s=.....R.., SrcPort=41961, DstPort=5228, PayloadLen=0, Seq=489011764, Ack=489011
764, Win=0
12:44:12.330
10.70.39.207
209.85.175.188 41961 5228
TCP
TCP:Flag
s=.....R.., SrcPort=41961, DstPort=5228, PayloadLen=0, Seq=489011764, Ack=489011

764, Win=0
12:44:13.448
uest, M-SEARCH
12:44:13.448
uest, M-SEARCH

10.70.39.207

239.255.255.250 1505

1900

HTTP

SSDP:Req

10.70.39.207

239.255.255.250 1505

1900

HTTP

SSDP:Req

*
*

/////LOG FILE 5/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
14:40:29.448
10.50.124.217 202.126.40.5
59076 53
DNS
DNS:Quer
yId = 0x75F5, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
14:40:29.448
10.50.124.217 202.126.40.5
59076 53
DNS
DNS:Quer
yId = 0x75F5, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
14:40:29.448
10.50.124.217 202.126.40.5
59076 53
DNS
DNS:Quer
yId = 0x75F5, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
14:40:29.710
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:40:29.710
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:40:29.710
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:40:29.747
202.126.40.5
10.50.124.217 53
56745 DNS
DNS:Quer
yId = 0xE58F, QUERY (Standard query), Response - Success, Array[68.178.232.99,26
07:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
14:40:29.747
202.126.40.5
10.50.124.217 53
56745 DNS
DNS:Quer
yId = 0xE58F, QUERY (Standard query), Response - Success, Array[68.178.232.99,26
07:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
14:40:29.747
202.126.40.5
10.50.124.217 53
56745 DNS
DNS:Quer
yId = 0xE58F, QUERY (Standard query), Response - Success, Array[68.178.232.99,26
07:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
14:40:30.155
202.126.40.5
10.50.124.217 53
59076 DNS
DNS:Quer
yId = 0x75F5, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
14:40:30.155
202.126.40.5
10.50.124.217 53
59076 DNS
DNS:Quer
yId = 0x75F5, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
14:40:30.155
202.126.40.5
10.50.124.217 53
59076 DNS
DNS:Quer
yId = 0x75F5, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
14:40:31.853
10.50.124.217 255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x0C4F7A48
14:40:31.853
10.50.124.217 255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x0C4F7A48
14:40:31.853
10.50.124.217 255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x0C4F7A48
14:40:32.728
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:40:32.728
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:40:32.728
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:40:35.743
10.50.124.217 239.255.255.250 2919
1900
HTTP
SSDP:Req
uest, M-SEARCH *

14:40:35.743
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:35.743
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:42.381
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:42.381
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:42.381
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:45.381
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:45.381
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:45.381
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:48.384
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:48.384
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:48.384
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:58.629
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:58.629
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:40:58.629
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:00.430
10.50.124.217 255.255.255.255
ort = 1036, DstPort = 1947, Length = 48
14:41:04.363
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:41:04.363
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:41:04.363
10.50.124.217 239.255.255.250
uest, M-SEARCH *
14:41:07.367
10.50.124.217 239.255.255.250
uest, M-SEARCH *

2919

1900

HTTP

SSDP:Req

2919

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

2970

1900

HTTP

SSDP:Req

3020

1900

HTTP

SSDP:Req

3020

1900

HTTP

SSDP:Req

3020

1900

HTTP

SSDP:Req

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

1036

1947

UDP

UDP:SrcP

3020

1900

HTTP

SSDP:Req

3020

1900

HTTP

SSDP:Req

3020

1900

HTTP

SSDP:Req

3020

1900

HTTP

SSDP:Req

14:41:07.367
10.50.124.217 239.255.255.250 3020
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:41:07.367
10.50.124.217 239.255.255.250 3020
1900
HTTP
SSDP:Req
uest, M-SEARCH *
14:41:09.740
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0, Seq=270130040, Ack=289769
441, Win=57344
14:41:09.740
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:[Dup
Ack #52]Flags=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0, Seq=27013004
0, Ack=289769441, Win=57344
14:41:09.740
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:[Req
uest Fast-Retransmit from Seq289769441]Flags=...A...., SrcPort=5223, DstPort=494
16, PayloadLen=0, Seq=270130040, Ack=289769441, Win=57344
14:41:09.740
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:41:09.740
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:41:09.740
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:41:51.127
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.127
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.127
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.127
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.127
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.127
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.128
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.128
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.128
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.128
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.128
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:41:51.128
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:42:29.732
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0, Seq=270130040, Ack=289769
441, Win=57344
14:42:29.732
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:[Dup
Ack #70]Flags=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0, Seq=27013004
0, Ack=289769441, Win=57344
14:42:29.732
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:[Req
uest Fast-Retransmit from Seq289769441]Flags=...A...., SrcPort=5223, DstPort=494
16, PayloadLen=0, Seq=270130040, Ack=289769441, Win=57344
14:42:29.732
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:42:29.732
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769

441, Win=0
14:42:29.732
10.50.124.217 17.149.36.195 49416
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0,
441, Win=0
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:41.888
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:44.046
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:44.046
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:42:44.046
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:32.969
10.50.124.217 255.255.255.255 1036
ort = 1036, DstPort = 1947, Length = 48
14:43:39.648
17.149.36.195 10.50.124.217 5223
s=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0,
441, Win=57344
14:43:39.648
17.149.36.195 10.50.124.217 5223
Ack #100]Flags=...A...., SrcPort=5223, DstPort=49416,
40, Ack=289769441, Win=57344
14:43:39.648
17.149.36.195 10.50.124.217 5223
uest Fast-Retransmit from Seq289769441]Flags=...A....,

5223
TCP
TCP:Flag
Seq=289769441, Ack=289769
1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

49416 TCP
TCP:Flag
Seq=270130040, Ack=289769
49416 TCP
TCP:[Dup
PayloadLen=0, Seq=2701300
49416 TCP
TCP:[Req
SrcPort=5223, DstPort=494

16, PayloadLen=0, Seq=270130040, Ack=289769441, Win=57344

14:43:39.648
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:43:39.648
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:43:39.648
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:23.759
10.50.124.217 255.255.255.255 1036
1947
UDP
UDP:SrcP
ort = 1036, DstPort = 1947, Length = 48
14:44:56.968
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0, Seq=270130040, Ack=289769
441, Win=57344
14:44:56.968
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:[Dup
Ack #118]Flags=...A...., SrcPort=5223, DstPort=49416, PayloadLen=0, Seq=2701300
40, Ack=289769441, Win=57344
14:44:56.968
17.149.36.195 10.50.124.217 5223
49416 TCP
TCP:[Req
uest Fast-Retransmit from Seq289769441]Flags=...A...., SrcPort=5223, DstPort=494
16, PayloadLen=0, Seq=270130040, Ack=289769441, Win=57344
14:44:56.968
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:44:56.968
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0
14:44:56.968
10.50.124.217 17.149.36.195 49416 5223
TCP
TCP:Flag
s=.....R.., SrcPort=49416, DstPort=5223, PayloadLen=0, Seq=289769441, Ack=289769
441, Win=0

/////LOG FILE6/////

Time
Source IP
Dest. IP
Source port
Description
14:51:40.783
10.50.145.39
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x1A9322F1
14:51:46.317
10.50.145.39
239.255.255.250 2828
uest, M-SEARCH *
14:51:49.331
10.50.145.39
239.255.255.250 2828
uest, M-SEARCH *
14:51:56.541
10.50.145.39
239.255.255.250 2866
uest, M-SEARCH *
14:51:59.547
10.50.145.39
239.255.255.250 2866
uest, M-SEARCH *
14:52:06.484
10.50.145.39
239.255.255.250 2905
uest, M-SEARCH *
14:52:09.490
10.50.145.39
239.255.255.250 2905
uest, M-SEARCH *
14:52:12.558
10.50.145.39
239.255.255.250 2905
uest, M-SEARCH *
14:54:32.408
10.50.145.39
239.255.255.250 3389
uest, M-SEARCH *
14:54:35.412
10.50.145.39
239.255.255.250 3389
uest, M-SEARCH *
14:54:38.412
10.50.145.39
239.255.255.250 3389
uest, M-SEARCH *
14:54:46.662
10.50.145.39
239.255.255.250 3537
uest, M-SEARCH *
14:54:49.683
10.50.145.39
239.255.255.250 3537
uest, M-SEARCH *
14:54:52.690
10.50.145.39
239.255.255.250 3537
uest, M-SEARCH *
15:02:28.791
10.50.145.39
239.255.255.250 4761
uest, M-SEARCH *
15:02:31.792
10.50.145.39
239.255.255.250 4761
uest, M-SEARCH *
15:02:34.820
10.50.145.39
239.255.255.250 4761
uest, M-SEARCH *
15:02:50.582
10.50.145.39
239.255.255.250 4818
uest, M-SEARCH *
15:02:53.583
10.50.145.39
239.255.255.250 4818
uest, M-SEARCH *
15:02:56.588
10.50.145.39
239.255.255.250 4818
uest, M-SEARCH *
15:09:56.234
10.50.145.39
239.255.255.250 1790
uest, M-SEARCH *
15:09:59.235
10.50.145.39
239.255.255.250 1790
uest, M-SEARCH *
15:10:02.235
10.50.145.39
239.255.255.250 1790
uest, M-SEARCH *
15:10:18.562
10.50.145.39
239.255.255.250 1845
uest, M-SEARCH *
15:10:24.206
10.50.145.39
239.255.255.250 1845
uest, M-SEARCH *
15:10:27.212
10.50.145.39
239.255.255.250 1845
uest, M-SEARCH *
15:19:33.334
10.50.145.39
239.255.255.250 3027
uest, M-SEARCH *
15:19:36.336
10.50.145.39
239.255.255.250 3027
uest, M-SEARCH *
15:19:39.341
10.50.145.39
239.255.255.250 3027
uest, M-SEARCH *

Dest. port

Protocol

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

15:19:55.238
uest, M-SEARCH
15:19:58.249
uest, M-SEARCH
15:20:01.250
uest, M-SEARCH
15:22:07.651
uest, M-SEARCH
15:22:10.652
uest, M-SEARCH
15:22:13.653
uest, M-SEARCH
15:22:33.931
uest, M-SEARCH
15:22:36.933
uest, M-SEARCH
15:22:39.962
uest, M-SEARCH
15:22:58.859
uest, M-SEARCH
15:23:01.866
uest, M-SEARCH
15:23:04.870
uest, M-SEARCH

10.50.145.39

239.255.255.250 3084

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3084

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3084

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3397

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3397

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3397

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3451

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3451

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3451

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3510

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3510

1900

HTTP

SSDP:Req

10.50.145.39

239.255.255.250 3510

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*

/////LOG FILE 7/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
15:36:19.114
10.60.55.16
222.127.143.5 49212 53
DNS
DNS:Quer
yId = 0x8068, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
15:36:19.418
10.60.55.16
239.255.255.250 3657
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:36:22.419
10.60.55.16
239.255.255.250 3657
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:36:22.681
10.60.55.16
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0xC81CCA8C
15:36:25.030
222.127.143.5 10.60.55.16
53
49212 DNS
DNS:Quer
yId = 0x8068, QUERY (Standard query), Response - Success, 209.85.175.104, 209.85
.175.105 ...
15:36:25.030
10.60.55.16
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.55.16:49212
15:36:25.420
10.60.55.16
239.255.255.250 3657
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:36:34.129
10.60.55.16
239.255.255.250 3892
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:36:37.134
10.60.55.16
239.255.255.250 3892
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:36:40.138
10.60.55.16
239.255.255.250 3892
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:38:13.287
10.60.55.16
239.255.255.250 4419
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:38:13.945
10.60.55.16
239.255.255.250 4429
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:38:20.084
10.60.55.16
239.255.255.250 4429
1900
HTTP
SSDP:Req
uest, M-SEARCH *

15:38:23.084
10.60.55.16
239.255.255.250 4429
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:19.386
10.60.55.16
239.255.255.250 4901
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:19.587
10.60.55.16
10.227.12.60
4909
8081
TCP
TCP:Flag
s=......S., SrcPort=4909, DstPort=8081, PayloadLen=0, Seq=3160101849, Ack=0, Win
=65535 ( Negotiating scale factor 0x1 ) = 65535
15:39:19.772
10.60.55.16
10.225.208.160 4914
81
TCP
TCP:Flag
s=......S., SrcPort=4914, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3602
24399, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
15:39:20.443
10.227.12.60
10.60.55.16
8081
4909
TCP
TCP:Flag
s=...A..S., SrcPort=8081, DstPort=4909, PayloadLen=0, Seq=3336688616, Ack=316010
1850, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:39:20.443
10.60.55.16
10.227.12.60
4909
8081
TCP
TCP:Flag
s=...A...., SrcPort=4909, DstPort=8081, PayloadLen=0, Seq=3160101850, Ack=333668
8617, Win=64000 (scale factor 0x1) = 128000
15:39:20.444
10.60.55.16
10.227.12.60
4909
8081
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
15:39:20.483
10.225.208.160 10.60.55.16
81
4914
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4914, PayloadLen=0, Seq=3336
945474, Ack=360224400, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:39:20.483
10.60.55.16
10.225.208.160 4914
81
TCP
TCP:Flag
s=...A...., SrcPort=4914, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3602
24400, Ack=3336945475, Win=64000 (scale factor 0x1) = 128000
15:39:20.486
10.60.55.16
10.225.208.160 4914
81
TCP
TCP:Flag
s=...A...F, SrcPort=4914, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3602
24400, Ack=3336945475, Win=64000 (scale factor 0x1) = 128000
15:39:20.519
10.60.55.16
10.225.208.160 4936
81
TCP
TCP:Flag
s=......S., SrcPort=4936, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3953
198527, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
15:39:20.723
10.225.208.160 10.60.55.16
81
4914
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4914, PayloadLen=0, Seq=3336
945475, Ack=360224401, Win=57344
15:39:20.762
10.225.208.160 10.60.55.16
81
4936
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4936, PayloadLen=0, Seq=3338
743790, Ack=3953198528, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:39:20.762
10.60.55.16
10.225.208.160 4936
81
TCP
TCP:Flag
s=...A...., SrcPort=4936, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3953
198528, Ack=3338743791, Win=64000 (scale factor 0x1) = 128000
15:39:20.762
10.60.55.16
10.225.208.160 4936
81
TCP
TCP:Flag
s=...A...F, SrcPort=4936, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3953
198528, Ack=3338743791, Win=64000 (scale factor 0x1) = 128000
15:39:20.783
10.227.12.60
10.60.55.16
8081
4909
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=4909, PayloadLen=0, Seq=3336688617, Ack=316010
1928, Win=57344 (scale factor 0x0) = 57344
15:39:20.847
10.60.55.16
10.225.208.160 4942
81
TCP
TCP:Flag
s=......S., SrcPort=4942, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=8495
16319, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
15:39:20.962
10.225.208.160 10.60.55.16
81
4936
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4936, PayloadLen=0, Seq=3338
743791, Ack=3953198529, Win=57344
15:39:21.002
10.225.208.160 10.60.55.16
81
4942
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4942, PayloadLen=0, Seq=3340
799555, Ack=849516320, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:39:21.002
10.60.55.16
10.225.208.160 4942
81
TCP
TCP:Flag
s=...A...., SrcPort=4942, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=8495
16320, Ack=3340799556, Win=64000 (scale factor 0x1) = 128000
15:39:21.002
10.60.55.16
10.225.208.160 4942
81
TCP
TCP:Flag
s=...A...F, SrcPort=4942, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=8495
16320, Ack=3340799556, Win=64000 (scale factor 0x1) = 128000

15:39:21.071
10.60.55.16
10.225.208.160 4946
81
TCP
TCP:Flag
s=......S., SrcPort=4946, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3842
24834, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
15:39:21.203
10.225.208.160 10.60.55.16
81
4942
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4942, PayloadLen=0, Seq=3340
799556, Ack=849516321, Win=57344
15:39:21.260
10.225.208.160 10.60.55.16
81
4946
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4946, PayloadLen=0, Seq=3343
369956, Ack=384224835, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:39:21.260
10.60.55.16
10.225.208.160 4946
81
TCP
TCP:Flag
s=...A...., SrcPort=4946, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3842
24835, Ack=3343369957, Win=64000 (scale factor 0x1) = 128000
15:39:21.264
10.60.55.16
10.225.208.160 4946
81
HTTP
HTTP:Req
uest, POST /spipe/pkg, Query:AgentGuid={EF8096E1-6DF8-4107-9190-58F9A3090A4F}&So
urce=Agent_3.0.0
15:39:21.264
10.60.55.16
10.225.208.160 4946
81
HTTP
HTTP:HTT
P Payload, URL: /spipe/pkg
15:39:21.264
10.60.55.16
10.225.208.160 4946
81
TCP
TCP:[Con
tinuation to #40]Flags=...AP..., SrcPort=4946, DstPort=HOSTS2 Name Server(81), P
ayloadLen=66, Seq=384226341 - 384226407, Ack=3343369957, Win=64000 (scale factor
0x1) = 128000
15:39:21.447
10.60.55.16
202.126.40.5
64868 53
DNS
DNS:Quer
yId = 0xFB57, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
15:39:21.732
10.225.208.160 10.60.55.16
81
4946
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4946, PayloadLen=0, Seq=3343
369957, Ack=384225131, Win=57344 (scale factor 0x0) = 57344
15:39:22.283
10.225.208.160 10.60.55.16
81
4946
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4946, PayloadLen=0, Seq=3343
369957, Ack=384226407, Win=57344 (scale factor 0x0) = 57344
15:39:22.352
202.126.40.5
10.60.55.16
53
64868 DNS
DNS:Quer
yId = 0xFB57, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:302:0:0:0:0:31]
15:39:22.529
10.60.55.16
239.255.255.250 4901
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:25.530
10.60.55.16
239.255.255.250 4901
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:27.789
10.60.55.16
239.255.255.250 4991
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:35.666
10.60.55.16
239.255.255.250 4991
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:38.666
10.60.55.16
239.255.255.250 4991
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:42.417
10.60.55.16
239.255.255.250 1063
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:45.427
10.60.55.16
239.255.255.250 1063
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:39:48.431
10.60.55.16
239.255.255.250 1063
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:40:36.078
10.227.12.60
10.60.55.16
8081
4909
TCP
TCP:Flag
s=...A.R.., SrcPort=8081, DstPort=4909, PayloadLen=0, Seq=3336688617, Ack=316010
1928, Win=57344
15:40:36.087
10.225.208.160 10.60.55.16
81
4914
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=4914, PayloadLen=0, Seq=3336
945475, Ack=360224401, Win=57344
15:40:36.107
10.225.208.160 10.60.55.16
81
4936
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=4936, PayloadLen=0, Seq=3338
743791, Ack=3953198529, Win=57344
15:40:36.117
10.225.208.160 10.60.55.16
81
4942
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=4942, PayloadLen=0, Seq=3340

799556, Ack=849516321, Win=57344

15:40:36.208
10.225.208.160 10.60.55.16
81
4946
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=4946, PayloadLen=0, Seq=3343
369957, Ack=384226407, Win=57344

/////LOG FILE 8/////

Time
Source IP
Dest. IP
Source port
Description
15:47:09.442
10.50.226.36
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x0B185FBA
15:47:09.603
10.50.226.36
239.255.255.250 3529
uest, M-SEARCH *
15:47:13.443
10.50.226.36
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x0B185FBA
15:47:21.698
10.50.226.36
239.255.255.250 3610
uest, M-SEARCH *
15:47:27.601
10.50.226.36
239.255.255.250 3610
uest, M-SEARCH *
15:47:27.642
10.50.226.36
239.255.255.250 3640
uest, M-SEARCH *
15:47:30.649
10.50.226.36
239.255.255.250 3640
uest, M-SEARCH *
15:47:33.660
10.50.226.36
239.255.255.250 3640
uest, M-SEARCH *
15:47:39.737
10.50.226.36
239.255.255.250 3679
uest, M-SEARCH *
15:47:42.782
10.50.226.36
239.255.255.250 3679
uest, M-SEARCH *
15:47:45.823
10.50.226.36
239.255.255.250 3679
uest, M-SEARCH *

Dest. port

Protocol

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

/////LOG FILE 9/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
15:54:13.389
10.50.237.64
10.225.208.160 2589
81
TCP
TCP:Flag
s=......S., SrcPort=2589, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1642
128318, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
15:54:13.389
10.50.237.64
10.225.208.160 2589
81
TCP
TCP:[Syn
ReTransmit #1]Flags=......S., SrcPort=2589, DstPort=HOSTS2 Name Server(81), Payl
oadLen=0, Seq=1642128318, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65
535
15:54:13.712
10.50.237.64
222.127.143.5 56473 53
DNS
DNS:Quer
yId = 0x4836, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
15:54:13.712
10.50.237.64
222.127.143.5 56473 53
DNS
DNS:Quer
yId = 0x4836, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
15:54:13.824
202.126.40.5
10.50.237.64
53
56473 DNS
DNS:Quer
yId = 0x4836, QUERY (Standard query), Response - Success, Array[68.178.232.99,20

8.109.255.49,2607:F208:302:0:0:0:0:31]
15:54:13.824
202.126.40.5
10.50.237.64
53
56473 DNS
DNS:Quer
yId = 0x4836, QUERY (Standard query), Response - Success, Array[68.178.232.99,20
8.109.255.49,2607:F208:302:0:0:0:0:31]
15:54:13.844
10.225.208.160 10.50.237.64
81
2589
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2589, PayloadLen=0, Seq=1864
355611, Ack=1642128319, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:13.844
10.225.208.160 10.50.237.64
81
2589
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2589, PayloadLen=0, Seq=1864
355611, Ack=1642128319, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:13.844
10.50.237.64
10.225.208.160 2589
81
TCP
TCP:Flag
s=...A...., SrcPort=2589, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1642
128319, Ack=1864355612, Win=64000 (scale factor 0x1) = 128000
15:54:13.844
10.50.237.64
10.225.208.160 2589
81
TCP
TCP:[Dup
Ack #9]Flags=...A...., SrcPort=2589, DstPort=HOSTS2 Name Server(81), PayloadLen
=0, Seq=1642128319, Ack=1864355612, Win=64000 (scale factor 0x1) = 128000
15:54:13.845
10.50.237.64
10.225.208.160 2589
81
TCP
TCP:Flag
s=...A...F, SrcPort=2589, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1642
128319, Ack=1864355612, Win=64000 (scale factor 0x1) = 128000
15:54:13.845
10.50.237.64
10.225.208.160 2589
81
TCP
TCP:Flag
s=...A...F, SrcPort=2589, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1642
128319, Ack=1864355612, Win=64000 (scale factor 0x1) = 128000
15:54:13.923
222.127.143.5 10.50.237.64
53
56473 DNS
DNS:Quer
yId = 0x4836, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
15:54:13.923
222.127.143.5 10.50.237.64
53
56473 DNS
DNS:Quer
yId = 0x4836, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
15:54:13.923
10.50.237.64
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.237.64:56473
15:54:13.923
10.50.237.64
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.237.64:56473
15:54:14.005
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=......S., SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565155, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
15:54:14.005
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Syn
ReTransmit #17]Flags=......S., SrcPort=2592, DstPort=HOSTS2 Name Server(81), Pay
loadLen=0, Seq=3745565155, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 6
5535
15:54:14.054
10.225.208.160 10.50.237.64
81
2589
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2589, PayloadLen=0, Seq=1864
355612, Ack=1642128320, Win=57344 (scale factor 0x0) = 57344
15:54:14.054
10.225.208.160 10.50.237.64
81
2589
TCP
TCP:[Dup
Ack #19]Flags=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2589, PayloadLe
n=0, Seq=1864355612, Ack=1642128320, Win=57344 (scale factor 0x0) = 57344
15:54:14.205
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:14.205
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:14.205
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...., SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:14.205
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Dup
Ack #23]Flags=...A...., SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLe
n=0, Seq=3745565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:14.208
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000

15:54:14.208
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:15.671
10.50.237.64
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0xB57C8934
15:54:15.671
10.50.237.64
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0xB57C8934
15:54:17.156
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:17.156
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:19.193
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:19.193
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:19.193
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...., SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565157, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:19.193
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Dup
Ack #33]Flags=...A...., SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLe
n=0, Seq=3745565157, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:23.191
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:23.191
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:24.291
10.50.237.64
239.255.255.250 2666
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:24.291
10.50.237.64
239.255.255.250 2666
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:27.239
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:27.239
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:27.239
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq1868209380]Flags=...A...., SrcPort=2592, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3745565157, Ack=1868209380, Win=64000 (s
cale factor 0x1) = 128000
15:54:27.239
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq1868209380]Flags=...A...., SrcPort=2592, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3745565157, Ack=1868209380, Win=64000 (s
cale factor 0x1) = 128000
15:54:31.140
10.50.237.64
239.255.255.250 2690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:31.140
10.50.237.64
239.255.255.250 2690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:34.145
10.50.237.64
239.255.255.250 2690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:34.145
10.50.237.64
239.255.255.250 2690
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:35.261
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000

15:54:35.261
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:43.375
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:43.375
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:54:43.375
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq1868209380]Flags=...A...., SrcPort=2592, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3745565157, Ack=1868209380, Win=64000 (s
cale factor 0x1) = 128000
15:54:43.375
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq1868209380]Flags=...A...., SrcPort=2592, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3745565157, Ack=1868209380, Win=64000 (s
cale factor 0x1) = 128000
15:54:46.934
10.50.237.64
239.255.255.250 2753
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:46.934
10.50.237.64
239.255.255.250 2753
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:49.936
10.50.237.64
239.255.255.250 2753
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:49.936
10.50.237.64
239.255.255.250 2753
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:52.939
10.50.237.64
239.255.255.250 2753
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:52.939
10.50.237.64
239.255.255.250 2753
1900
HTTP
SSDP:Req
uest, M-SEARCH *
15:54:59.201
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:54:59.201
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:55:16.283
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:55:16.283
10.225.208.160 10.50.237.64
81
2592
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2592, PayloadLen=0, Seq=1868
209379, Ack=3745565156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
15:55:16.283
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq1868209380]Flags=...A...., SrcPort=2592, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3745565157, Ack=1868209380, Win=64000 (s
cale factor 0x1) = 128000
15:55:16.283
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq1868209380]Flags=...A...., SrcPort=2592, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3745565157, Ack=1868209380, Win=64000 (s
cale factor 0x1) = 128000
15:55:22.442
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=1042917143, Ack=35351
47333, Win=57344
15:55:22.442
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:[Dup
Ack #65]Flags=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=10429171
43, Ack=3535147333, Win=57344
15:55:22.442
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
15:55:22.442
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351

47333, Win=0
15:55:47.281
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:55:47.281
10.50.237.64
10.225.208.160 2592
81
TCP
TCP:Flag
s=...A...F, SrcPort=2592, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3745
565156, Ack=1868209380, Win=64000 (scale factor 0x1) = 128000
15:56:37.819
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=1042917143, Ack=35351
47333, Win=57344
15:56:37.819
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:[Dup
Ack #71]Flags=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=10429171
43, Ack=3535147333, Win=57344
15:56:37.819
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
15:56:37.819
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
15:57:52.378
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=1042917143, Ack=35351
47333, Win=57344
15:57:52.378
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:[Dup
Ack #75]Flags=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=10429171
43, Ack=3535147333, Win=57344
15:57:52.378
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
15:57:52.378
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
15:59:07.574
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=1042917143, Ack=35351
47333, Win=57344
15:59:07.574
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:[Dup
Ack #79]Flags=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=10429171
43, Ack=3535147333, Win=57344
15:59:07.574
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
15:59:07.574
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
16:00:22.489
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=1042917143, Ack=35351
47333, Win=57344
16:00:22.489
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:[Dup
Ack #83]Flags=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=10429171
43, Ack=3535147333, Win=57344
16:00:22.489
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
16:00:22.489
10.50.237.64
17.149.36.75
61903 5223
TCP
TCP:Flag
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0, Seq=3535147333, Ack=35351
47333, Win=0
16:01:37.357
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=1042917143, Ack=35351
47333, Win=57344
16:01:37.357
17.149.36.75
10.50.237.64
5223
61903 TCP
TCP:[Dup
Ack #87]Flags=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0, Seq=10429171

43, Ack=3535147333, Win=57344

16:01:37.357
10.50.237.64
17.149.36.75
61903
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0,
47333, Win=0
16:01:37.357
10.50.237.64
17.149.36.75
61903
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0,
47333, Win=0
16:01:42.613
10.50.237.64
239.255.255.250 4140
uest, M-SEARCH *
16:01:42.613
10.50.237.64
239.255.255.250 4140
uest, M-SEARCH *
16:01:45.628
10.50.237.64
239.255.255.250 4140
uest, M-SEARCH *
16:01:45.628
10.50.237.64
239.255.255.250 4140
uest, M-SEARCH *
16:01:48.630
10.50.237.64
239.255.255.250 4140
uest, M-SEARCH *
16:01:48.630
10.50.237.64
239.255.255.250 4140
uest, M-SEARCH *
16:02:06.433
10.50.237.64
239.255.255.250 4201
uest, M-SEARCH *
16:02:06.433
10.50.237.64
239.255.255.250 4201
uest, M-SEARCH *
16:02:09.465
10.50.237.64
239.255.255.250 4201
uest, M-SEARCH *
16:02:09.465
10.50.237.64
239.255.255.250 4201
uest, M-SEARCH *
16:02:12.469
10.50.237.64
239.255.255.250 4201
uest, M-SEARCH *
16:02:12.469
10.50.237.64
239.255.255.250 4201
uest, M-SEARCH *
16:02:52.532
17.149.36.75
10.50.237.64
5223
s=...A...., SrcPort=5223, DstPort=61903, PayloadLen=0,
47333, Win=57344
16:02:52.532
17.149.36.75
10.50.237.64
5223
Ack #103]Flags=...A...., SrcPort=5223, DstPort=61903,
143, Ack=3535147333, Win=57344
16:02:52.532
10.50.237.64
17.149.36.75
61903
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0,
47333, Win=0
16:02:52.532
10.50.237.64
17.149.36.75
61903
s=.....R.., SrcPort=61903, DstPort=5223, PayloadLen=0,
47333, Win=0
16:04:07.390
17.149.36.75
10.50.237.64
5223
s=...A.R.., SrcPort=5223, DstPort=61903, PayloadLen=0,
47333, Win=57344
16:04:07.390
17.149.36.75
10.50.237.64
5223
s=...A.R.., SrcPort=5223, DstPort=61903, PayloadLen=0,
47333, Win=57344
16:04:35.356
10.50.237.64
239.255.255.250 4919
uest, M-SEARCH *
16:04:35.356
10.50.237.64
239.255.255.250 4919
uest, M-SEARCH *
16:04:38.363
10.50.237.64
239.255.255.250 4919
uest, M-SEARCH *
16:04:38.363
10.50.237.64
239.255.255.250 4919
uest, M-SEARCH *
16:04:41.365
10.50.237.64
239.255.255.250 4919
uest, M-SEARCH *
16:04:41.365
10.50.237.64
239.255.255.250 4919

5223
TCP
TCP:Flag
Seq=3535147333, Ack=35351
5223
TCP
TCP:Flag
Seq=3535147333, Ack=35351
1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

61903 TCP
TCP:Flag
Seq=1042917143, Ack=35351
61903 TCP
TCP:[Dup
PayloadLen=0, Seq=1042917
5223
TCP
TCP:Flag
Seq=3535147333, Ack=35351
5223
TCP
TCP:Flag
Seq=3535147333, Ack=35351
61903 TCP
TCP:Flag
Seq=1042917144, Ack=35351
61903 TCP
TCP:Flag
Seq=1042917144, Ack=35351
1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

uest, M-SEARCH
16:04:58.798
uest, M-SEARCH
16:04:58.798
uest, M-SEARCH
16:05:01.820
uest, M-SEARCH
16:05:01.820
uest, M-SEARCH
16:05:04.824
uest, M-SEARCH
16:05:04.824
uest, M-SEARCH
16:09:25.704
uest, M-SEARCH
16:09:25.704
uest, M-SEARCH
16:09:28.704
uest, M-SEARCH
16:09:28.704
uest, M-SEARCH
16:09:31.704
uest, M-SEARCH
16:09:31.704
uest, M-SEARCH
16:10:02.509
uest, M-SEARCH
16:10:02.509
uest, M-SEARCH
16:10:05.531
uest, M-SEARCH
16:10:05.531
uest, M-SEARCH
16:10:08.545
uest, M-SEARCH
16:10:08.545
uest, M-SEARCH
16:10:14.099
uest, M-SEARCH
16:10:14.099
uest, M-SEARCH
16:10:17.102
uest, M-SEARCH
16:10:17.102
uest, M-SEARCH
16:10:20.107
uest, M-SEARCH
16:10:20.107
uest, M-SEARCH
16:16:31.295
uest, M-SEARCH
16:16:31.295
uest, M-SEARCH
16:16:34.346
uest, M-SEARCH
16:16:34.346
uest, M-SEARCH
16:16:37.347
uest, M-SEARCH
16:16:37.347

*
10.50.237.64

239.255.255.250 1118

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1118

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1118

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1118

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1118

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1118

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1742

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1742

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1742

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1742

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1742

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1742

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1913

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1913

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1913

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1913

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1913

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1913

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1953

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1953

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1953

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1953

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1953

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 1953

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4538

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4538

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4538

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4538

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4538

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4538

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
16:16:55.073
uest, M-SEARCH
16:16:55.073
uest, M-SEARCH
16:16:58.073
uest, M-SEARCH
16:16:58.073
uest, M-SEARCH
16:17:01.075
uest, M-SEARCH
16:17:01.075
uest, M-SEARCH
16:20:23.701
uest, M-SEARCH
16:20:23.701
uest, M-SEARCH
16:20:26.705
uest, M-SEARCH
16:20:26.705
uest, M-SEARCH
16:20:29.709
uest, M-SEARCH
16:20:29.709
uest, M-SEARCH
16:20:48.708
uest, M-SEARCH
16:20:48.708
uest, M-SEARCH
16:20:51.710
uest, M-SEARCH
16:20:51.710
uest, M-SEARCH
16:20:54.711
uest, M-SEARCH
16:20:54.711
uest, M-SEARCH

*
10.50.237.64

239.255.255.250 4814

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4814

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4814

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4814

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4814

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 4814

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2072

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2072

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2072

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2072

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2072

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2072

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2333

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2333

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2333

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2333

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2333

1900

HTTP

SSDP:Req

10.50.237.64

239.255.255.250 2333

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

/////LOG FILE 10/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
16:44:12.270
10.70.23.147
10.225.208.160 4782
81
TCP
TCP:Flag
s=......S., SrcPort=4782, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2937
872623, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
16:44:12.318
10.225.208.160 10.70.23.147
81
4782
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4782, PayloadLen=0, Seq=2623
216525, Ack=2937872624, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
16:44:12.318
10.70.23.147
10.225.208.160 4782
81
TCP
TCP:Flag
s=...A...., SrcPort=4782, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2937
872624, Ack=2623216526, Win=64000 (scale factor 0x1) = 128000
16:44:12.319
10.70.23.147
10.225.208.160 4782
81
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=4782, DstPort=HOSTS2 Name Server(81), PayloadL
en=0, Seq=2937872624, Ack=2623216526, Win=64000 (scale factor 0x1) = 128000
16:44:12.388
10.225.208.160 10.70.23.147
81
4782
TCP
TCP:Flag

s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4782, PayloadLen=0,

216526, Ack=2937872625, Win=57344
16:44:13.598
10.70.23.147
255.255.255.255 68
67
DHCP
uest, MsgType = INFORM, TransactionID = 0x4A05B822
16:44:18.492
10.70.23.147
239.255.255.250 4826
1900
HTTP
uest, M-SEARCH *
16:44:21.497
10.70.23.147
239.255.255.250 4826
1900
HTTP
uest, M-SEARCH *
16:44:24.497
10.70.23.147
239.255.255.250 4826
1900
HTTP
uest, M-SEARCH *
16:44:25.247
10.70.23.147
255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
16:44:25.248
10.70.23.147
255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
16:44:53.163
10.70.23.147
239.255.255.250 4852
1900
HTTP
uest, M-SEARCH *
16:44:56.165
10.70.23.147
239.255.255.250 4852
1900
HTTP
uest, M-SEARCH *
16:44:59.166
10.70.23.147
239.255.255.250 4852
1900
HTTP
uest, M-SEARCH *
16:45:28.249
10.225.208.160 10.70.23.147
81
4782
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=4782, PayloadLen=0,
216526, Ack=2937872625, Win=57344
16:46:13.492
10.70.23.147
239.255.255.250 4998
1900
HTTP
uest, M-SEARCH *
16:46:16.500
10.70.23.147
239.255.255.250 4998
1900
HTTP
uest, M-SEARCH *
16:46:19.500
10.70.23.147
239.255.255.250 4998
1900
HTTP
uest, M-SEARCH *
16:46:21.740
10.70.23.147
239.255.255.250 1046
1900
HTTP
uest, M-SEARCH *
16:46:24.750
10.70.23.147
239.255.255.250 1046
1900
HTTP
uest, M-SEARCH *
16:46:27.751
10.70.23.147
239.255.255.250 1046
1900
HTTP
uest, M-SEARCH *
16:46:36.041
10.70.23.147
239.255.255.250 1237
1900
HTTP
uest, M-SEARCH *
16:46:43.433
10.70.23.147
239.255.255.250 1237
1900
HTTP
uest, M-SEARCH *
16:46:48.062
10.70.23.147
239.255.255.250 1237
1900
HTTP
uest, M-SEARCH *
16:47:55.577
10.70.23.147
239.255.255.250 1524
1900
HTTP
uest, M-SEARCH *
16:47:58.578
10.70.23.147
239.255.255.250 1524
1900
HTTP
uest, M-SEARCH *
16:48:01.578
10.70.23.147
239.255.255.250 1524
1900
HTTP
uest, M-SEARCH *
16:48:18.260
10.70.23.147
239.255.255.250 1552
1900
HTTP
uest, M-SEARCH *
16:48:21.262
10.70.23.147
239.255.255.250 1552
1900
HTTP
uest, M-SEARCH *
16:48:24.263
10.70.23.147
239.255.255.250 1552
1900
HTTP
uest, M-SEARCH *
16:48:33.760
10.70.23.147
239.255.255.250 1596
1900
HTTP
uest, M-SEARCH *
16:48:36.768
10.70.23.147
239.255.255.250 1596
1900
HTTP
uest, M-SEARCH *
16:48:39.771
10.70.23.147
239.255.255.250 1596
1900
HTTP
uest, M-SEARCH *
16:49:01.319
10.70.23.147
239.255.255.250 1628
1900
HTTP

Seq=2623
DHCP:Req
SSDP:Req
SSDP:Req
SSDP:Req
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
TCP:Flag
Seq=2623
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req

uest, M-SEARCH
16:49:07.582
uest, M-SEARCH
16:49:10.583
uest, M-SEARCH
16:49:46.740
uest, M-SEARCH
16:49:49.743
uest, M-SEARCH
16:49:52.746
uest, M-SEARCH
16:50:13.180
uest, M-SEARCH
16:50:16.185
uest, M-SEARCH
16:50:19.187
uest, M-SEARCH
16:50:27.918
uest, M-SEARCH
16:50:30.918
uest, M-SEARCH
16:50:33.918
uest, M-SEARCH
16:50:44.163
uest, M-SEARCH
16:50:47.170
uest, M-SEARCH
16:50:50.170
uest, M-SEARCH
16:50:53.195
uest, M-SEARCH
16:51:00.986
uest, M-SEARCH
16:51:03.986
uest, M-SEARCH
16:51:06.546
uest, M-SEARCH
16:51:09.546
uest, M-SEARCH
16:51:12.552
uest, M-SEARCH
16:51:25.983
uest, M-SEARCH
16:51:28.984
uest, M-SEARCH
16:51:31.989
uest, M-SEARCH
16:52:03.240
uest, M-SEARCH
16:52:16.955
uest, M-SEARCH
16:52:19.955
uest, M-SEARCH
16:52:22.955
uest, M-SEARCH
16:52:25.592
uest, M-SEARCH
16:52:28.604
uest, M-SEARCH
16:52:31.621

*
10.70.23.147

239.255.255.250 1628

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1628

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1668

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1668

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1668

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1694

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1694

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1694

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1765

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1765

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1765

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1995

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1995

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 1995

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2135

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2135

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2135

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2184

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2184

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2184

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2230

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2230

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2230

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2526

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2708

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2708

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2708

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2750

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2750

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2750

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
16:52:40.789
uest, M-SEARCH
16:52:43.794
uest, M-SEARCH
16:52:46.796
uest, M-SEARCH
16:53:15.333
uest, M-SEARCH
16:53:30.091
uest, M-SEARCH
16:53:33.091
uest, M-SEARCH
16:53:36.093
uest, M-SEARCH
16:53:39.889
uest, M-SEARCH
16:53:42.894
uest, M-SEARCH
16:53:45.897
uest, M-SEARCH
16:53:49.668
uest, M-SEARCH
16:53:52.670
uest, M-SEARCH
16:53:55.673
uest, M-SEARCH
16:54:27.958
uest, M-SEARCH
16:54:30.178
uest, M-SEARCH
16:54:40.542
uest, M-SEARCH
16:54:43.551
uest, M-SEARCH
16:55:00.459
uest, M-SEARCH
16:55:03.460
uest, M-SEARCH
16:55:04.950
uest, M-SEARCH
16:55:07.979
uest, M-SEARCH
16:55:11.008
uest, M-SEARCH
16:55:40.777
uest, M-SEARCH
16:55:42.887
uest, M-SEARCH
16:55:54.314
uest, M-SEARCH
16:55:57.317
uest, M-SEARCH
16:56:00.446
uest, M-SEARCH
16:56:03.447
uest, M-SEARCH
16:56:06.493
uest, M-SEARCH
16:56:08.077

*
10.70.23.147

239.255.255.250 2798

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2798

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2798

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2858

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2891

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2891

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 2891

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3085

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3085

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3085

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3112

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3112

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3112

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3679

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3702

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3702

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3702

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3892

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3892

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3920

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3920

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3920

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3983

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3996

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3996

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 3996

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 4029

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 4029

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 4029

1900

HTTP

SSDP:Req

10.70.23.147

239.255.255.250 4057

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH *
16:56:11.079
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:13.724
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:56:13.725
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:56:13.725
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:56:14.081
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:15.066
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:18.099
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:21.102
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:27.436
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:30.441
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:33.454
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:53.500
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:56.504
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:56:59.537
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:27.532
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:30.533
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:33.535
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:35.123
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:38.125
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:41.127
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:57:43.178
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:57:43.178
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:58:25.509
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:58:25.509
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:58:28.441
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:58:31.443
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:58:34.444
10.70.23.147
239.255.255.250
uest, M-SEARCH *
16:59:07.827
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:59:07.828
10.70.23.147
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
16:59:07.828
10.70.23.147
255.255.255.255

4057

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

4057

1900

HTTP

SSDP:Req

4080

1900

HTTP

SSDP:Req

4080

1900

HTTP

SSDP:Req

4080

1900

HTTP

SSDP:Req

4126

1900

HTTP

SSDP:Req

4126

1900

HTTP

SSDP:Req

4126

1900

HTTP

SSDP:Req

4157

1900

HTTP

SSDP:Req

4157

1900

HTTP

SSDP:Req

4157

1900

HTTP

SSDP:Req

4726

1900

HTTP

SSDP:Req

4726

1900

HTTP

SSDP:Req

4726

1900

HTTP

SSDP:Req

4753

1900

HTTP

SSDP:Req

4753

1900

HTTP

SSDP:Req

4753

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

4985

1900

HTTP

SSDP:Req

4985

1900

HTTP

SSDP:Req

4985

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

ort = 1035, DstPort = 1947, Length = 48

16:59:08.629
10.70.23.147
239.255.255.250 1174
uest, M-SEARCH *
16:59:11.631
10.70.23.147
239.255.255.250 1174
uest, M-SEARCH *
16:59:14.632
10.70.23.147
239.255.255.250 1174
uest, M-SEARCH *

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

////LOG FILE 11/////

Time
Source IP
Dest. IP
Source port
Description
17:09:05.683
10.60.42.205
239.255.255.250 2688
uest, M-SEARCH *
17:09:09.396
10.60.42.205
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x90C303A6
17:09:09.400
10.60.42.205
239.255.255.250 2688
uest, M-SEARCH *
17:09:12.402
10.60.42.205
239.255.255.250 2688
uest, M-SEARCH *

Dest. port

Protocol

1900

HTTP

SSDP:Req

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

/////LOG FILE 12/////

Time
Source IP
Dest. IP
Source port
Description
17:47:02.521
10.70.20.116
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x731D71B7
17:47:02.972
10.70.20.116
239.255.255.250 4780
uest, M-SEARCH *
17:47:05.042
17.149.36.202 10.70.20.116
5223
s=...A...., SrcPort=5223, DstPort=51392, PayloadLen=0,
53652, Win=57344
17:47:05.042
10.70.20.116
17.149.36.202 51392
s=.....R.., SrcPort=51392, DstPort=5223, PayloadLen=0,
53652, Win=0
17:47:06.017
10.70.20.116
239.255.255.250 4780
uest, M-SEARCH *
17:47:09.019
10.70.20.116
239.255.255.250 4780
uest, M-SEARCH *
17:47:24.418
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:47:24.418
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:47:40.207
10.70.20.116
239.255.255.250 4821
uest, M-SEARCH *
17:47:43.208
10.70.20.116
239.255.255.250 4821
uest, M-SEARCH *
17:47:46.208
10.70.20.116
239.255.255.250 4821
uest, M-SEARCH *
17:48:07.000
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:48:07.000
10.70.20.116
255.255.255.255 1035

Dest. port

Protocol

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

51392 TCP
TCP:Flag
Seq=1902272823, Ack=14670
5223
TCP
TCP:Flag
Seq=1467053652, Ack=14670
1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

ort = 1035, DstPort = 1947, Length = 48

17:48:07.000
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:48:21.878
17.149.36.202 10.70.20.116
5223
s=...A...., SrcPort=5223, DstPort=51392, PayloadLen=0,
53652, Win=57344
17:48:21.878
10.70.20.116
17.149.36.202 51392
s=.....R.., SrcPort=51392, DstPort=5223, PayloadLen=0,
53652, Win=0
17:48:22.166
10.70.20.116
239.255.255.250 4862
uest, M-SEARCH *
17:48:25.168
10.70.20.116
239.255.255.250 4862
uest, M-SEARCH *
17:48:28.168
10.70.20.116
239.255.255.250 4862
uest, M-SEARCH *
17:48:34.183
10.70.20.116
239.255.255.250 4969
uest, M-SEARCH *
17:48:37.183
10.70.20.116
239.255.255.250 4969
uest, M-SEARCH *
17:48:40.183
10.70.20.116
239.255.255.250 4969
uest, M-SEARCH *
17:48:50.463
10.70.20.116
239.255.255.250 1217
uest, M-SEARCH *
17:48:53.391
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:48:53.391
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:48:53.391
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:48:53.392
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:48:59.791
10.70.20.116
239.255.255.250 1217
uest, M-SEARCH *
17:49:02.799
10.70.20.116
239.255.255.250 1217
uest, M-SEARCH *
17:49:39.175
17.149.36.202 10.70.20.116
5223
s=...A...., SrcPort=5223, DstPort=51392, PayloadLen=0,
53652, Win=57344
17:49:39.175
10.70.20.116
17.149.36.202 51392
s=.....R.., SrcPort=51392, DstPort=5223, PayloadLen=0,
53652, Win=0
17:49:43.790
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:49:43.790
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:49:43.790
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:49:43.790
10.70.20.116
255.255.255.255 1035
ort = 1035, DstPort = 1947, Length = 48
17:49:45.802
10.70.20.116
239.255.255.250 1542
uest, M-SEARCH *
17:49:48.804
10.70.20.116
239.255.255.250 1542
uest, M-SEARCH *
17:49:51.823
10.70.20.116
239.255.255.250 1542
uest, M-SEARCH *
17:50:08.458
10.70.20.116
239.255.255.250 1574
uest, M-SEARCH *
17:50:11.458
10.70.20.116
239.255.255.250 1574
uest, M-SEARCH *
17:50:14.460
10.70.20.116
239.255.255.250 1574

1947

UDP

UDP:SrcP

51392 TCP
TCP:Flag
Seq=1902272823, Ack=14670
5223
TCP
TCP:Flag
Seq=1467053652, Ack=14670
1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

51392 TCP
TCP:Flag
Seq=1902272823, Ack=14670
5223
TCP
TCP:Flag
Seq=1467053652, Ack=14670
1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1947

UDP

UDP:SrcP

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

uest, M-SEARCH *
17:50:34.791
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:50:34.791
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:51:01.817
10.70.20.81
10.70.20.116
51073 22
TCP
TCP:Flag
s=......S., SrcPort=51073, DstPort=SSH(22), PayloadLen=0, Seq=1738818659, Ack=0,
Win=65535 ( ) = 65535
17:51:01.817
10.70.20.116
10.70.20.81
22
51073 TCP
TCP:Flag
s=...A.R.., SrcPort=SSH(22), DstPort=51073, PayloadLen=0, Seq=0, Ack=1738818660,
Win=0
17:51:04.084
10.70.20.116
239.255.255.250 1603
1900
HTTP
SSDP:Req
uest, M-SEARCH *
17:51:06.316
10.70.20.81
10.70.20.116
51073 22
TCP
TCP:Flag
s=......S., SrcPort=51073, DstPort=SSH(22), PayloadLen=0, Seq=1738818659, Ack=0,
Win=65535 ( ) = 65535
17:51:06.316
10.70.20.116
10.70.20.81
22
51073 TCP
TCP:Flag
s=...A.R.., SrcPort=SSH(22), DstPort=51073, PayloadLen=0, Seq=0, Ack=1738818660,
Win=0
17:51:07.086
10.70.20.116
239.255.255.250 1603
1900
HTTP
SSDP:Req
uest, M-SEARCH *
17:51:10.086
10.70.20.116
239.255.255.250 1603
1900
HTTP
SSDP:Req
uest, M-SEARCH *
17:51:15.075
10.70.20.116
239.255.255.250 1611
1900
HTTP
SSDP:Req
uest, M-SEARCH *
17:51:17.592
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:51:17.592
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:51:17.592
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:51:17.592
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:51:21.248
10.70.20.116
239.255.255.250 1611
1900
HTTP
SSDP:Req
uest, M-SEARCH *
17:51:22.888
10.70.20.81
10.70.20.116
51073 22
TCP
TCP:Flag
s=......S., SrcPort=51073, DstPort=SSH(22), PayloadLen=0, Seq=1738818659, Ack=0,
Win=65535 ( ) = 65535
17:51:22.888
10.70.20.116
10.70.20.81
22
51073 TCP
TCP:Flag
s=...A.R.., SrcPort=SSH(22), DstPort=51073, PayloadLen=0, Seq=0, Ack=1738818660,
Win=0
17:51:24.254
10.70.20.116
239.255.255.250 1611
1900
HTTP
SSDP:Req
uest, M-SEARCH *
17:51:57.374
10.70.20.81
10.70.20.116
51073 22
TCP
TCP:Flag
s=......S., SrcPort=51073, DstPort=SSH(22), PayloadLen=0, Seq=1738818659, Ack=0,
Win=65535 ( ) = 65535
17:51:57.374
10.70.20.116
10.70.20.81
22
51073 TCP
TCP:Flag
s=...A.R.., SrcPort=SSH(22), DstPort=51073, PayloadLen=0, Seq=0, Ack=1738818660,
Win=0
17:51:57.393
17.149.36.202 10.70.20.116
5223
51392 TCP
TCP:Flag
s=...A.R.., SrcPort=5223, DstPort=51392, PayloadLen=0, Seq=1902272824, Ack=14670
53652, Win=57344
17:52:08.189
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:52:08.189
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:52:08.189
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
17:52:08.189
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48

17:52:56.165
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:52:59.011
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:52:59.011
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:52:59.012
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:52:59.177
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:53:02.177
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:53:45.384
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:53:45.384
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:53:45.384
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:54:17.300
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:54:20.302
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:54:23.303
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:54:32.250
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:54:32.250
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:54:37.912
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:54:40.913
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:54:43.916
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:55:12.032
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:55:15.034
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:55:18.035
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:55:44.877
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:55:47.884
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:55:50.888
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:03.574
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:05.495
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:56:05.495
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:56:05.495
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:56:14.312
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:17.313
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:20.315
10.70.20.116
239.255.255.250
uest, M-SEARCH *

1690

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1690

1900

HTTP

SSDP:Req

1690

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1904

1900

HTTP

SSDP:Req

1904

1900

HTTP

SSDP:Req

1904

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

2174

1900

HTTP

SSDP:Req

2174

1900

HTTP

SSDP:Req

2174

1900

HTTP

SSDP:Req

2370

1900

HTTP

SSDP:Req

2370

1900

HTTP

SSDP:Req

2370

1900

HTTP

SSDP:Req

2473

1900

HTTP

SSDP:Req

2473

1900

HTTP

SSDP:Req

2473

1900

HTTP

SSDP:Req

2548

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

2575

1900

HTTP

SSDP:Req

2575

1900

HTTP

SSDP:Req

2575

1900

HTTP

SSDP:Req

17:56:26.421
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:29.423
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:32.425
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:37.168
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:40.205
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:43.207
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:56:52.414
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:56:52.414
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:56:52.414
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:57:00.269
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:03.272
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:06.272
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:19.669
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:22.687
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:25.698
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:39.192
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:57:39.192
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:57:39.192
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:57:48.731
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:55.453
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:57:58.455
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:58:09.993
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:58:12.993
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:58:15.994
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:00.489
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:01.639
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:07.237
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:10.256
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:12.327
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:59:12.327
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48

2595

1900

HTTP

SSDP:Req

2595

1900

HTTP

SSDP:Req

2595

1900

HTTP

SSDP:Req

2613

1900

HTTP

SSDP:Req

2613

1900

HTTP

SSDP:Req

2613

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

2654

1900

HTTP

SSDP:Req

2654

1900

HTTP

SSDP:Req

2654

1900

HTTP

SSDP:Req

2697

1900

HTTP

SSDP:Req

2697

1900

HTTP

SSDP:Req

2697

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

2717

1900

HTTP

SSDP:Req

2717

1900

HTTP

SSDP:Req

2717

1900

HTTP

SSDP:Req

2739

1900

HTTP

SSDP:Req

2739

1900

HTTP

SSDP:Req

2739

1900

HTTP

SSDP:Req

2923

1900

HTTP

SSDP:Req

2934

1900

HTTP

SSDP:Req

2934

1900

HTTP

SSDP:Req

2934

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

17:59:12.327
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:59:20.964
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:23.969
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:26.977
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:50.967
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:53.967
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:56.968
10.70.20.116
239.255.255.250
uest, M-SEARCH *
17:59:58.637
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:59:58.637
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
17:59:58.637
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:00:14.301
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:15.828
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:26.894
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:29.895
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:34.970
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:37.976
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:40.981
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:00:45.193
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:00:45.193
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:00:45.193
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:00:45.193
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:01:35.529
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:01:35.529
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:01:35.530
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:01:35.530
10.70.20.116
255.255.255.255
ort = 1035, DstPort = 1947, Length = 48
18:01:39.754
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:01:42.757
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:01:45.758
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:02:06.112
10.70.20.116
239.255.255.250
uest, M-SEARCH *
18:02:16.779
10.70.20.116
239.255.255.250
uest, M-SEARCH *

1035

1947

UDP

UDP:SrcP

2979

1900

HTTP

SSDP:Req

2979

1900

HTTP

SSDP:Req

2979

1900

HTTP

SSDP:Req

3022

1900

HTTP

SSDP:Req

3022

1900

HTTP

SSDP:Req

3022

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

3075

1900

HTTP

SSDP:Req

3085

1900

HTTP

SSDP:Req

3085

1900

HTTP

SSDP:Req

3085

1900

HTTP

SSDP:Req

3127

1900

HTTP

SSDP:Req

3127

1900

HTTP

SSDP:Req

3127

1900

HTTP

SSDP:Req

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

1035

1947

UDP

UDP:SrcP

3205

1900

HTTP

SSDP:Req

3205

1900

HTTP

SSDP:Req

3205

1900

HTTP

SSDP:Req

3237

1900

HTTP

SSDP:Req

3237

1900

HTTP

SSDP:Req

18:02:17.152
10.70.20.116
239.255.255.250 3254
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:02:20.153
10.70.20.116
239.255.255.250 3254
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:02:23.153
10.70.20.116
239.255.255.250 3254
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:02:48.545
10.70.20.116
239.255.255.250 3284
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:02:51.546
10.70.20.116
239.255.255.250 3284
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:02:54.552
10.70.20.116
239.255.255.250 3284
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:03:26.767
10.70.20.116
239.255.255.250 3340
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:03:29.770
10.70.20.116
239.255.255.250 3340
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:03:32.770
10.70.20.116
239.255.255.250 3340
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:03:51.394
10.70.20.116
239.255.255.250 3403
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:03.251
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:04:03.251
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:04:04.037
10.70.20.116
239.255.255.250 3403
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:07.037
10.70.20.116
239.255.255.250 3403
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:08.231
10.70.20.116
202.126.40.5
65371 53
DNS
DNS:Quer
yId = 0xF53A, QUERY (Standard query), Query for mercurysvr.globetel.com of type
Host Addr on class Internet
18:04:08.232
10.70.20.116
202.126.40.5
63267 53
DNS
DNS:Quer
yId = 0x4975, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
18:04:08.257
10.70.20.116
239.255.255.250 3439
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:08.378
202.126.40.5
10.70.20.116
53
65371 DNS
DNS:Quer
yId = 0xF53A, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
18:04:08.379
10.70.20.116
68.178.232.99 3442
8081
TCP
TCP:Flag
s=......S., SrcPort=3442, DstPort=8081, PayloadLen=0, Seq=1264509568, Ack=0, Win
=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:08.418
202.126.40.5
10.70.20.116
53
63267 DNS
DNS:Quer
yId = 0x4975, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
18:04:08.421
10.70.20.116
68.178.232.99 3443
81
TCP
TCP:Flag
s=......S., SrcPort=3443, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1120
755887, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:08.569
68.178.232.99 10.70.20.116
8081
3442
TCP
TCP:Flag
s=...A..S., SrcPort=8081, DstPort=3442, PayloadLen=0, Seq=2337639679, Ack=126450
9569, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:08.569
10.70.20.116
68.178.232.99 3442
8081
TCP
TCP:Flag
s=...A...., SrcPort=3442, DstPort=8081, PayloadLen=0, Seq=1264509569, Ack=233763
9680, Win=64000 (scale factor 0x1) = 128000
18:04:08.580
10.70.20.116
68.178.232.99 3442
8081
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
18:04:08.608
68.178.232.99 10.70.20.116
81
3443
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3443, PayloadLen=0, Seq=2337
895913, Ack=1120755888, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:08.608
10.70.20.116
68.178.232.99 3443
81
TCP
TCP:Flag

s=...A...., SrcPort=3443, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1120

755888, Ack=2337895914, Win=64000 (scale factor 0x1) = 128000
18:04:08.609
10.70.20.116
68.178.232.99 3443
81
TCP
TCP:Flag
s=...A...F, SrcPort=3443, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1120
755888, Ack=2337895914, Win=64000 (scale factor 0x1) = 128000
18:04:08.632
10.70.20.116
10.225.208.160 3445
81
TCP
TCP:Flag
s=......S., SrcPort=3445, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=4375
22350, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:08.889
68.178.232.99 10.70.20.116
81
3443
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3443, PayloadLen=0, Seq=2337
895914, Ack=1120755889, Win=57344
18:04:08.889
10.225.208.160 10.70.20.116
81
3445
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3445, PayloadLen=0, Seq=2338
408405, Ack=437522351, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:08.889
10.70.20.116
10.225.208.160 3445
81
TCP
TCP:Flag
s=...A...., SrcPort=3445, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=4375
22351, Ack=2338408406, Win=64000 (scale factor 0x1) = 128000
18:04:08.889
10.70.20.116
10.225.208.160 3445
81
TCP
TCP:Flag
s=...A...F, SrcPort=3445, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=4375
22351, Ack=2338408406, Win=64000 (scale factor 0x1) = 128000
18:04:08.928
68.178.232.99 10.70.20.116
8081
3442
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=3442, PayloadLen=0, Seq=2337639680, Ack=126450
9658, Win=57344 (scale factor 0x0) = 57344
18:04:08.944
10.70.20.116
10.225.208.160 3448
81
TCP
TCP:Flag
s=......S., SrcPort=3448, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3747
139307, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:09.008
68.178.232.99 10.70.20.116
8081
3442
HTTP
HTTP:Res
ponse, HTTP/1.1, Status: Moved temporarily, URL: /Software/SiteStat.xml
18:04:09.008
10.70.20.116
68.178.232.99 3442
8081
TCP
TCP:Flag
s=...A...., SrcPort=3442, DstPort=8081, PayloadLen=0, Seq=1264509658, Ack=233763
9777, Win=63952
18:04:09.008
10.70.20.116
68.178.232.99 3442
8081
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=3442, DstPort=8081, PayloadLen=0, Seq=12645096
58, Ack=2337639777, Win=63952
18:04:09.009
68.178.232.99 10.70.20.116
81
3443
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3443, PayloadLen=0, Seq=2337
895914, Ack=1120755889, Win=57344
18:04:09.010
10.70.20.116
68.178.232.99 3449
8081
TCP
TCP:Flag
s=......S., SrcPort=3449, DstPort=8081, PayloadLen=0, Seq=3949402540, Ack=0, Win
=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:09.079
68.178.232.99 10.70.20.116
81
3700
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3700, PayloadLen=0, Seq=3466
465197, Ack=1120755888, Win=57344
18:04:09.089
10.225.208.160 10.70.20.116
81
3445
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3445, PayloadLen=0, Seq=2338
408406, Ack=437522352, Win=57344
18:04:09.119
10.225.208.160 10.70.20.116
81
3448
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3448, PayloadLen=0, Seq=2340
459061, Ack=3747139308, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:09.119
10.70.20.116
10.225.208.160 3448
81
TCP
TCP:Flag
s=...A...., SrcPort=3448, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3747
139308, Ack=2340459062, Win=64000 (scale factor 0x1) = 128000
18:04:09.119
10.70.20.116
10.225.208.160 3448
81
TCP
TCP:Flag
s=...A...F, SrcPort=3448, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3747
139308, Ack=2340459062, Win=64000 (scale factor 0x1) = 128000
18:04:09.123
10.70.20.116
10.225.208.160 3450
81
TCP
TCP:Flag
s=......S., SrcPort=3450, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2227
861427, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:09.199
68.178.232.99 10.70.20.116
8081
3442
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=3442, PayloadLen=0, Seq=2337639777, Ack=126450

9659, Win=57344
18:04:09.289
68.178.232.99 10.70.20.116
8081
3449
TCP
TCP:Flag
s=...A..S., SrcPort=8081, DstPort=3449, PayloadLen=0, Seq=2340715435, Ack=394940
2541, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:09.289
10.70.20.116
68.178.232.99 3449
8081
TCP
TCP:Flag
s=...A...., SrcPort=3449, DstPort=8081, PayloadLen=0, Seq=3949402541, Ack=234071
5436, Win=64000 (scale factor 0x1) = 128000
18:04:09.289
10.70.20.116
68.178.232.99 3449
8081
HTTP
HTTP:Req
uest, GET /Software/SiteStat.xml
18:04:09.319
10.225.208.160 10.70.20.116
81
3448
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3448, PayloadLen=0, Seq=2340
459062, Ack=3747139309, Win=57344
18:04:09.369
10.225.208.160 10.70.20.116
81
3450
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3450, PayloadLen=0, Seq=2341
228270, Ack=2227861428, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:09.369
10.70.20.116
10.225.208.160 3450
81
TCP
TCP:Flag
s=...A...., SrcPort=3450, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2227
861428, Ack=2341228271, Win=64000 (scale factor 0x1) = 128000
18:04:09.379
10.70.20.116
10.225.208.160 3450
81
HTTP
HTTP:Req
uest, POST /spipe/pkg, Query:AgentGuid={EF8096E1-6DF8-4107-9190-58F9A3090A4F}&So
urce=Agent_3.0.0
18:04:09.379
10.70.20.116
10.225.208.160 3450
81
HTTP
HTTP:HTT
P Payload, URL: /spipe/pkg
18:04:09.379
10.70.20.116
10.225.208.160 3450
81
TCP
TCP:[Con
tinuation to #210]Flags=...AP..., SrcPort=3450, DstPort=HOSTS2 Name Server(81),
PayloadLen=67, Seq=2227862934 - 2227863001, Ack=2341228271, Win=64000 (scale fac
tor 0x1) = 128000
18:04:09.398
68.178.232.99 10.70.20.116
8081
3442
TCP
TCP:Flag
s=...A.R.., SrcPort=8081, DstPort=3442, PayloadLen=0, Seq=2337639777, Ack=126450
9659, Win=57344
18:04:09.629
68.178.232.99 10.70.20.116
8081
3449
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=3449, PayloadLen=0, Seq=2340715436, Ack=394940
2646, Win=57344 (scale factor 0x0) = 57344
18:04:09.729
68.178.232.99 10.70.20.116
8081
3449
HTTP
HTTP:Res
ponse, HTTP/1.1, Status: Moved temporarily, URL: /Software/SiteStat.xml
18:04:09.729
10.70.20.116
68.178.232.99 3449
8081
TCP
TCP:Flag
s=...A...., SrcPort=3449, DstPort=8081, PayloadLen=0, Seq=3949402646, Ack=234071
5533, Win=63952
18:04:09.729
10.70.20.116
68.178.232.99 3449
8081
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=3449, DstPort=8081, PayloadLen=0, Seq=39494026
46, Ack=2340715533, Win=63952
18:04:09.879
10.225.208.160 10.70.20.116
81
3450
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3450, PayloadLen=0, Seq=2341
228271, Ack=2227861724, Win=57344 (scale factor 0x0) = 57344
18:04:10.478
10.225.208.160 10.70.20.116
81
3450
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3450, PayloadLen=0, Seq=2341
228271, Ack=2227863001, Win=57344 (scale factor 0x0) = 57344
18:04:10.528
68.178.232.99 10.70.20.116
8081
3449
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=3449, PayloadLen=0, Seq=2340715533, Ack=394940
2647, Win=57344
18:04:10.638
10.70.20.116
10.225.208.160 3455
81
TCP
TCP:Flag
s=......S., SrcPort=3455, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2668
32813, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:10.718
68.178.232.99 10.70.20.116
8081
3449
TCP
TCP:Flag
s=...A.R.., SrcPort=8081, DstPort=3449, PayloadLen=0, Seq=2340715533, Ack=394940
2647, Win=57344
18:04:10.758
10.225.208.160 10.70.20.116
81
3455
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3455, PayloadLen=0, Seq=2347
386347, Ack=266832814, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:10.758
10.70.20.116
10.225.208.160 3455
81
TCP
TCP:Flag

s=...A...., SrcPort=3455, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2668

32814, Ack=2347386348, Win=64000 (scale factor 0x1) = 128000
18:04:10.758
10.70.20.116
10.225.208.160 3455
81
TCP
TCP:Flag
s=...A...F, SrcPort=3455, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2668
32814, Ack=2347386348, Win=64000 (scale factor 0x1) = 128000
18:04:10.762
10.70.20.116
10.225.208.160 3456
81
TCP
TCP:Flag
s=......S., SrcPort=3456, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=8111
35253, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:04:10.969
10.225.208.160 10.70.20.116
81
3455
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3455, PayloadLen=0, Seq=2347
386348, Ack=266832815, Win=57344
18:04:10.969
10.225.208.160 10.70.20.116
81
3456
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=3456, PayloadLen=0, Seq=2349
440733, Ack=811135254, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:04:10.969
10.70.20.116
10.225.208.160 3456
81
TCP
TCP:Flag
s=...A...., SrcPort=3456, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=8111
35254, Ack=2349440734, Win=64000 (scale factor 0x1) = 128000
18:04:10.969
10.70.20.116
10.225.208.160 3456
81
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
18:04:11.284
10.70.20.116
239.255.255.250 3439
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:11.289
10.225.208.160 10.70.20.116
81
3456
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=3456, PayloadLen=0, Seq=2349
440734, Ack=811135332, Win=57344 (scale factor 0x0) = 57344
18:04:13.824
10.70.20.116
239.255.255.250 3461
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:16.854
10.70.20.116
239.255.255.250 3461
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:19.860
10.70.20.116
239.255.255.250 3461
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:31.507
10.70.20.116
239.255.255.250 3485
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:34.839
10.70.20.116
239.255.255.250 3485
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:37.839
10.70.20.116
239.255.255.250 3485
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:45.762
10.70.20.116
239.255.255.250 3522
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:48.765
10.70.20.116
239.255.255.250 3522
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:04:51.765
10.70.20.116
239.255.255.250 3522
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:05:07.605
10.70.20.116
239.255.255.250 3574
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:05:10.606
10.70.20.116
239.255.255.250 3574
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:05:13.606
10.70.20.116
239.255.255.250 3574
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:05:25.261
10.225.208.160 10.70.20.116
81
3445
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3445, PayloadLen=0, Seq=2338
408406, Ack=437522352, Win=57344
18:05:25.272
10.225.208.160 10.70.20.116
81
3448
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3448, PayloadLen=0, Seq=2340
459062, Ack=3747139309, Win=57344
18:05:25.272
10.225.208.160 10.70.20.116
81
3450
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3450, PayloadLen=0, Seq=2341
228271, Ack=2227863001, Win=57344
18:05:25.731
10.225.208.160 10.70.20.116
81
3455
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3455, PayloadLen=0, Seq=2347
386348, Ack=266832815, Win=57344

18:05:25.931
10.225.208.160 10.70.20.116
81
3456
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=3456, PayloadLen=0,
440734, Ack=811135332, Win=57344
18:05:45.103
10.70.20.116
239.255.255.250 3723
1900
HTTP
uest, M-SEARCH *
18:05:48.109
10.70.20.116
239.255.255.250 3723
1900
HTTP
uest, M-SEARCH *
18:05:51.115
10.70.20.116
239.255.255.250 3723
1900
HTTP
uest, M-SEARCH *
18:05:55.315
10.70.20.116
239.255.255.250 3746
1900
HTTP
uest, M-SEARCH *
18:05:58.316
10.70.20.116
239.255.255.250 3746
1900
HTTP
uest, M-SEARCH *
18:06:01.316
10.70.20.116
239.255.255.250 3746
1900
HTTP
uest, M-SEARCH *
18:06:17.122
10.70.20.116
239.255.255.250 3785
1900
HTTP
uest, M-SEARCH *
18:06:17.683
10.70.20.116
239.255.255.250 3796
1900
HTTP
uest, M-SEARCH *
18:06:22.657
10.70.20.116
239.255.255.250 3796
1900
HTTP
uest, M-SEARCH *
18:06:27.775
10.70.20.116
239.255.255.250 3796
1900
HTTP
uest, M-SEARCH *
18:06:57.538
10.70.20.116
239.255.255.250 4121
1900
HTTP
uest, M-SEARCH *
18:07:00.539
10.70.20.116
239.255.255.250 4121
1900
HTTP
uest, M-SEARCH *
18:07:03.545
10.70.20.116
239.255.255.250 4121
1900
HTTP
uest, M-SEARCH *
18:07:20.363
10.70.20.116
239.255.255.250 4165
1900
HTTP
uest, M-SEARCH *
18:07:23.363
10.70.20.116
239.255.255.250 4165
1900
HTTP
uest, M-SEARCH *
18:07:26.364
10.70.20.116
239.255.255.250 4165
1900
HTTP
uest, M-SEARCH *
18:07:28.774
10.70.20.116
239.255.255.250 4189
1900
HTTP
uest, M-SEARCH *
18:07:31.779
10.70.20.116
239.255.255.250 4189
1900
HTTP
uest, M-SEARCH *
18:07:34.781
10.70.20.116
239.255.255.250 4189
1900
HTTP
uest, M-SEARCH *
18:07:35.269
10.70.20.116
239.255.255.250 4214
1900
HTTP
uest, M-SEARCH *
18:07:38.269
10.70.20.116
239.255.255.250 4214
1900
HTTP
uest, M-SEARCH *
18:07:41.270
10.70.20.116
239.255.255.250 4214
1900
HTTP
uest, M-SEARCH *
18:08:10.209
10.70.20.116
239.255.255.250 4486
1900
HTTP
uest, M-SEARCH *
18:08:10.916
10.70.20.116
239.255.255.250 4491
1900
HTTP
uest, M-SEARCH *
18:08:17.375
10.70.20.116
239.255.255.250 4491
1900
HTTP
uest, M-SEARCH *
18:08:20.377
10.70.20.116
239.255.255.250 4491
1900
HTTP
uest, M-SEARCH *
18:08:24.943
10.70.20.116
239.255.255.250 4528
1900
HTTP
uest, M-SEARCH *
18:08:27.960
10.70.20.116
239.255.255.250 4528
1900
HTTP
uest, M-SEARCH *
18:08:30.962
10.70.20.116
239.255.255.250 4528
1900
HTTP

TCP:Flag
Seq=2349
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req

uest, M-SEARCH *
18:08:45.672
10.70.20.116
239.255.255.250 4740
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:08:48.738
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:08:48.738
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:09:04.850
10.70.20.116
239.255.255.250 4987
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:09:07.852
10.70.20.116
239.255.255.250 4987
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:09:10.852
10.70.20.116
239.255.255.250 4987
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:09:28.609
10.70.20.116
239.255.255.250 1121
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:09:31.350
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:09:31.350
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:09:31.350
10.70.20.116
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
18:09:31.610
10.70.20.116
239.255.255.250 1121
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:09:34.610
10.70.20.116
239.255.255.250 1121
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:10:02.919
10.70.20.116
239.255.255.250 1181
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:10:04.516
10.70.20.116
239.255.255.250 1188
1900
HTTP
SSDP:Req
uest, M-SEARCH *
18:10:04.589
10.70.20.116
10.225.208.160 1192
81
TCP
TCP:Flag
s=......S., SrcPort=1192, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2892
265712, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:10:04.727
10.225.208.160 10.70.20.116
81
1192
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1192, PayloadLen=0, Seq=4276
153700, Ack=2892265713, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:10:04.727
10.70.20.116
10.225.208.160 1192
81
TCP
TCP:Flag
s=...A...., SrcPort=1192, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2892
265713, Ack=4276153701, Win=64000 (scale factor 0x1) = 128000
18:10:04.728
10.70.20.116
10.225.208.160 1192
81
TCP
TCP:Flag
s=...A...F, SrcPort=1192, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2892
265713, Ack=4276153701, Win=64000 (scale factor 0x1) = 128000
18:10:04.816
10.70.20.116
10.225.208.160 1193
81
TCP
TCP:Flag
s=......S., SrcPort=1193, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3459
877474, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:10:04.927
10.225.208.160 10.70.20.116
81
1192
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=1192, PayloadLen=0, Seq=4276
153701, Ack=2892265714, Win=57344
18:10:04.967
10.225.208.160 10.70.20.116
81
1193
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1193, PayloadLen=0, Seq=4276
409762, Ack=3459877475, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:10:04.967
10.70.20.116
10.225.208.160 1193
81
TCP
TCP:Flag
s=...A...., SrcPort=1193, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3459
877475, Ack=4276409763, Win=64000 (scale factor 0x1) = 128000
18:10:04.967
10.70.20.116
10.225.208.160 1193
81
TCP
TCP:Flag
s=...A...F, SrcPort=1193, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3459
877475, Ack=4276409763, Win=64000 (scale factor 0x1) = 128000
18:10:04.979
10.70.20.116
202.126.40.5
50762 53
DNS
DNS:Quer
yId = 0xC0D4, QUERY (Standard query), Query for mercurysvr.globetel.com of type
Host Addr on class Internet
18:10:04.979
10.70.20.116
222.127.143.5 50762 53
DNS
DNS:Quer

yId = 0xC0D4, QUERY (Standard query), Query for mercurysvr.globetel.com of type

Host Addr on class Internet
18:10:05.047
10.70.20.116
10.225.208.160 1194
81
TCP
TCP:Flag
s=......S., SrcPort=1194, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1039
708053, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
18:10:05.167
10.225.208.160 10.70.20.116
81
1193
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=1193, PayloadLen=0, Seq=4276
409763, Ack=3459877476, Win=57344
18:10:05.227
202.126.40.5
10.70.20.116
53
50762 DNS
DNS:Quer
yId = 0xC0D4, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
18:10:05.229
10.70.20.116
68.178.232.99 1195
8081
TCP
TCP:Flag
s=......S., SrcPort=1195, DstPort=8081, PayloadLen=0, Seq=3907977937, Ack=0, Win
=65535 ( Negotiating scale factor 0x1 ) = 65535
18:10:05.278
222.127.143.5 10.70.20.116
53
50762 DNS
DNS:Quer
yId = 0xC0D4, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
18:10:05.278
10.70.20.116
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.20.116:50762
18:10:05.327
10.225.208.160 10.70.20.116
81
1194
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=1194, PayloadLen=0, Seq=4276
665884, Ack=1039708054, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:10:05.327
10.70.20.116
10.225.208.160 1194
81
TCP
TCP:Flag
s=...A...., SrcPort=1194, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1039
708054, Ack=4276665885, Win=64000 (scale factor 0x1) = 128000
18:10:05.328
10.70.20.116
10.225.208.160 1194
81
HTTP
HTTP:Req
uest, POST /spipe/pkg, Query:AgentGuid={EF8096E1-6DF8-4107-9190-58F9A3090A4F}&So
urce=Agent_3.0.0
18:10:05.329
10.70.20.116
10.225.208.160 1194
81
HTTP
HTTP:HTT
P Payload, URL: /spipe/pkg
18:10:05.329
10.70.20.116
10.225.208.160 1194
81
TCP
TCP:[Con
tinuation to #312]Flags=...AP..., SrcPort=1194, DstPort=HOSTS2 Name Server(81),
PayloadLen=67, Seq=1039709560 - 1039709627, Ack=4276665885, Win=64000 (scale fac
tor 0x1) = 128000
18:10:05.437
68.178.232.99 10.70.20.116
8081
1195
TCP
TCP:Flag
s=...A..S., SrcPort=8081, DstPort=1195, PayloadLen=0, Seq=4276922096, Ack=390797
7938, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:10:05.437
10.70.20.116
68.178.232.99 1195
8081
TCP
TCP:Flag
s=...A...., SrcPort=1195, DstPort=8081, PayloadLen=0, Seq=3907977938, Ack=427692
2097, Win=64000 (scale factor 0x1) = 128000
18:10:05.438
10.70.20.116
68.178.232.99 1195
8081
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
18:10:05.917
10.225.208.160 10.70.20.116
81
1194
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=1194, PayloadLen=0, Seq=4276
665885, Ack=1039708350, Win=57344 (scale factor 0x0) = 57344
18:10:06.448
10.225.208.160 10.70.20.116
81
1194
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=1194, PayloadLen=0, Seq=4276
665885, Ack=1039709627, Win=57344 (scale factor 0x0) = 57344
18:10:06.637
68.178.232.99 10.70.20.116
8081
1195
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=1195, PayloadLen=0, Seq=4276922097, Ack=390797
8027, Win=57344 (scale factor 0x0) = 57344
18:10:06.748
68.178.232.99 10.70.20.116
8081
1195
HTTP
HTTP:Res
ponse, HTTP/1.1, Status: Moved temporarily, URL: /Software/SiteStat.xml
18:10:06.748
10.70.20.116
68.178.232.99 1195
8081
TCP
TCP:Flag
s=...A...., SrcPort=1195, DstPort=8081, PayloadLen=0, Seq=3907978027, Ack=427692
2194, Win=63952
18:10:06.748
10.70.20.116
68.178.232.99 1195
8081
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=1195, DstPort=8081, PayloadLen=0, Seq=39079780
27, Ack=4276922194, Win=63952
18:10:06.753
10.70.20.116
68.178.232.99 1196
8081
TCP
TCP:Flag

s=......S., SrcPort=1196, DstPort=8081, PayloadLen=0, Seq=3479433233,

=65535 ( Negotiating scale factor 0x1 ) = 65535
18:10:06.927
68.178.232.99 10.70.20.116
8081
1195
TCP
s=...A...., SrcPort=8081, DstPort=1195, PayloadLen=0, Seq=4276922194,
8028, Win=57344
18:10:06.967
68.178.232.99 10.70.20.116
8081
1196
TCP
s=...A..S., SrcPort=8081, DstPort=1196, PayloadLen=0, Seq=4282049970,
3234, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
18:10:06.967
10.70.20.116
68.178.232.99 1196
8081
TCP
s=...A...., SrcPort=1196, DstPort=8081, PayloadLen=0, Seq=3479433234,
9971, Win=64000 (scale factor 0x1) = 128000
18:10:06.968
10.70.20.116
68.178.232.99 1196
8081
HTTP
uest, GET /Software/SiteStat.xml
18:10:07.138
68.178.232.99 10.70.20.116
8081
1195
TCP
s=...A.R.., SrcPort=8081, DstPort=1195, PayloadLen=0, Seq=4276922194,
8028, Win=57344

Ack=0, Win
TCP:Flag
Ack=390797
TCP:Flag
Ack=347943
TCP:Flag
Ack=428204
HTTP:Req
TCP:Flag
Ack=390797

/////LOG FILE 13/////

Time
Source IP
Dest. IP
Source port
Description
18:14:51.243
10.50.113.98
239.255.255.250 1879
uest, M-SEARCH *
18:14:53.564
10.50.113.98
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x35D153BF
18:14:56.768
10.50.113.98
239.255.255.250 1879
uest, M-SEARCH *
18:14:59.769
10.50.113.98
239.255.255.250 1879
uest, M-SEARCH *
18:15:06.737
10.50.113.98
239.255.255.250 1953
uest, M-SEARCH *
18:15:14.642
10.50.113.98
239.255.255.250 1953
uest, M-SEARCH *
18:15:17.656
10.50.113.98
239.255.255.250 1953
uest, M-SEARCH *
18:15:30.416
10.50.113.98
239.255.255.250 2040
uest, M-SEARCH *
18:15:33.427
10.50.113.98
239.255.255.250 2040
uest, M-SEARCH *
18:15:35.541
10.50.113.98
239.255.255.250 2074
uest, M-SEARCH *
18:15:42.020
10.50.113.98
239.255.255.250 2074
uest, M-SEARCH *
18:15:45.024
10.50.113.98
239.255.255.250 2074
uest, M-SEARCH *
18:15:58.438
10.50.113.98
239.255.255.250 2148
uest, M-SEARCH *
18:16:01.465
10.50.113.98
239.255.255.250 2148
uest, M-SEARCH *
18:16:04.480
10.50.113.98
239.255.255.250 2148
uest, M-SEARCH *
18:16:36.053
10.50.113.98
239.255.255.250 2283
uest, M-SEARCH *
18:16:39.054
10.50.113.98
239.255.255.250 2283
uest, M-SEARCH *
18:16:42.056
10.50.113.98
239.255.255.250 2283

Dest. port

Protocol

1900

HTTP

SSDP:Req

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

uest, M-SEARCH *
18:17:38.615
10.50.113.98
uest, M-SEARCH *

239.255.255.250 2705

1900

HTTP

SSDP:Req

/////LOG FILE 14/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
19:10:03.708
209.85.175.188 10.60.67.235
5228
46199 TCP
TCP:Flag
s=...A...., SrcPort=5228, DstPort=46199, PayloadLen=0, Seq=4129896276, Ack=42185
28464, Win=57344
19:10:03.708
209.85.175.188 10.60.67.235
5228
46199 TCP
TCP:[Dup
Ack #1]Flags=...A...., SrcPort=5228, DstPort=46199, PayloadLen=0, Seq=412989627
6, Ack=4218528464, Win=57344
19:10:03.709
10.60.67.235
209.85.175.188 46199 5228
TCP
TCP:Flag
s=.....R.., SrcPort=46199, DstPort=5228, PayloadLen=0, Seq=4218528464, Ack=42185
28464, Win=0
19:10:03.709
10.60.67.235
209.85.175.188 46199 5228
TCP
TCP:Flag
s=.....R.., SrcPort=46199, DstPort=5228, PayloadLen=0, Seq=4218528464, Ack=42185
28464, Win=0
19:10:05.637
10.60.67.235
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x36A6E09A
19:10:05.637
10.60.67.235
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x36A6E09A
19:10:09.283
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:09.283
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:09.283
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:09.283
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:10.873
10.60.67.235
239.255.255.250 2239
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:10.873
10.60.67.235
239.255.255.250 2239
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:13.875
10.60.67.235
239.255.255.250 2239
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:13.875
10.60.67.235
239.255.255.250 2239
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:16.875
10.60.67.235
239.255.255.250 2239
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:16.875
10.60.67.235
239.255.255.250 2239
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:20.708
10.60.67.235
239.255.255.250 2274
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:20.708
10.60.67.235
239.255.255.250 2274
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:23.712
10.60.67.235
239.255.255.250 2274
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:23.712
10.60.67.235
239.255.255.250 2274
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:27.625
10.60.67.235
239.255.255.250 2274
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:27.625
10.60.67.235
239.255.255.250 2274
1900
HTTP
SSDP:Req
uest, M-SEARCH *

19:10:28.305
10.60.67.235
239.255.255.250 2299
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:28.305
10.60.67.235
239.255.255.250 2299
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:31.308
10.60.67.235
239.255.255.250 2299
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:31.308
10.60.67.235
239.255.255.250 2299
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:34.321
10.60.67.235
239.255.255.250 2299
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:34.321
10.60.67.235
239.255.255.250 2299
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:52.529
10.60.67.235
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
19:10:57.707
195.124.8.44
10.60.67.235
7735
45821 TCP
TCP:Flag
s=...A...., SrcPort=7735, DstPort=45821, PayloadLen=0, Seq=3968414802, Ack=39202
12425, Win=57344
19:10:57.707
195.124.8.44
10.60.67.235
7735
45821 TCP
TCP:[Dup
Ack #37]Flags=...A...., SrcPort=7735, DstPort=45821, PayloadLen=0, Seq=39684148
02, Ack=3920212425, Win=57344
19:10:57.707
10.60.67.235
195.124.8.44
45821 7735
TCP
TCP:Flag
s=.....R.., SrcPort=45821, DstPort=7735, PayloadLen=0, Seq=3920212425, Ack=39202
12425, Win=0
19:10:57.707
10.60.67.235
195.124.8.44
45821 7735
TCP
TCP:Flag
s=.....R.., SrcPort=45821, DstPort=7735, PayloadLen=0, Seq=3920212425, Ack=39202
12425, Win=0
19:10:59.561
10.60.67.235
239.255.255.250 2433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:10:59.561
10.60.67.235
239.255.255.250 2433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:02.610
10.60.67.235
239.255.255.250 2433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:02.610
10.60.67.235
239.255.255.250 2433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:05.617
10.60.67.235
239.255.255.250 2433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:05.617
10.60.67.235
239.255.255.250 2433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:10.346
107.20.151.142 10.60.67.235
443
34917 TCP
TCP:Flag
s=...A...., SrcPort=HTTPS(443), DstPort=34917, PayloadLen=0, Seq=4055406935, Ack
=4100124296, Win=57344
19:11:10.346
107.20.151.142 10.60.67.235
443
34917 TCP
TCP:[Dup
Ack #47]Flags=...A...., SrcPort=HTTPS(443), DstPort=34917, PayloadLen=0, Seq=40
55406935, Ack=4100124296, Win=57344
19:11:10.346
10.60.67.235
107.20.151.142 34917 443
TCP
TCP:Flag
s=.....R.., SrcPort=34917, DstPort=HTTPS(443), PayloadLen=0, Seq=4100124296, Ack

=4100124296, Win=0
19:11:10.346
10.60.67.235
107.20.151.142 34917 443
TCP
TCP:Flag
s=.....R.., SrcPort=34917, DstPort=HTTPS(443), PayloadLen=0, Seq=4100124296, Ack
=4100124296, Win=0
19:11:14.609
10.60.67.235
239.255.255.250 2452
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:14.609
10.60.67.235
239.255.255.250 2452
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:17.609
10.60.67.235
239.255.255.250 2452
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:17.609
10.60.67.235
239.255.255.250 2452
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:20.030
10.60.67.235
239.255.255.250 2474
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:20.030
10.60.67.235
239.255.255.250 2474
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:20.802
209.85.175.188 10.60.67.235
5228
46199 TCP
TCP:Flag
s=...A...., SrcPort=5228, DstPort=46199, PayloadLen=0, Seq=4129896276, Ack=42185
28464, Win=57344
19:11:20.802
209.85.175.188 10.60.67.235
5228
46199 TCP
TCP:[Dup
Ack #57]Flags=...A...., SrcPort=5228, DstPort=46199, PayloadLen=0, Seq=41298962
76, Ack=4218528464, Win=57344
19:11:20.802
10.60.67.235
209.85.175.188 46199 5228
TCP
TCP:Flag
s=.....R.., SrcPort=46199, DstPort=5228, PayloadLen=0, Seq=4218528464, Ack=42185
28464, Win=0
19:11:20.802
10.60.67.235
209.85.175.188 46199 5228
TCP
TCP:Flag
s=.....R.., SrcPort=46199, DstPort=5228, PayloadLen=0, Seq=4218528464, Ack=42185
28464, Win=0
19:11:23.020
10.60.67.235
239.255.255.250 2474
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:23.020
10.60.67.235
239.255.255.250 2474
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:26.022
10.60.67.235
239.255.255.250 2474
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:26.022
10.60.67.235
239.255.255.250 2474
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:38.829
10.60.67.235
239.255.255.250 2529
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:38.829
10.60.67.235
239.255.255.250 2529
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:41.830
10.60.67.235
239.255.255.250 2529
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:41.830
10.60.67.235
239.255.255.250 2529
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:44.835
10.60.67.235
239.255.255.250 2529
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:11:44.835
10.60.67.235
239.255.255.250 2529
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:03.007
10.60.67.235
239.255.255.250 2588
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:03.007
10.60.67.235
239.255.255.250 2588
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:06.008
10.60.67.235
239.255.255.250 2588
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:06.008
10.60.67.235
239.255.255.250 2588
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:09.009
10.60.67.235
239.255.255.250 2588
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:09.009
10.60.67.235
239.255.255.250 2588
1900
HTTP
SSDP:Req
uest, M-SEARCH *

19:12:12.829
195.124.8.44
10.60.67.235
7735
45821 TCP
TCP:Flag
s=...A.R.., SrcPort=7735, DstPort=45821, PayloadLen=0, Seq=3968414803, Ack=39202
12425, Win=57344
19:12:12.829
195.124.8.44
10.60.67.235
7735
45821 TCP
TCP:Flag
s=...A.R.., SrcPort=7735, DstPort=45821, PayloadLen=0, Seq=3968414803, Ack=39202
12425, Win=57344
19:12:28.246
10.60.67.235
239.255.255.250 2660
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:28.246
10.60.67.235
239.255.255.250 2660
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:29.916
107.20.151.142 10.60.67.235
443
34917 TCP
TCP:Flag
s=...A.R.., SrcPort=HTTPS(443), DstPort=34917, PayloadLen=0, Seq=4055406936, Ack
=4100124296, Win=57344
19:12:29.916
107.20.151.142 10.60.67.235
443
34917 TCP
TCP:Flag
s=...A.R.., SrcPort=HTTPS(443), DstPort=34917, PayloadLen=0, Seq=4055406936, Ack
=4100124296, Win=57344
19:12:31.247
10.60.67.235
239.255.255.250 2660
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:31.247
10.60.67.235
239.255.255.250 2660
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:32.867
209.85.175.188 10.60.67.235
5228
46199 TCP
TCP:Flag
s=...A.R.., SrcPort=5228, DstPort=46199, PayloadLen=0, Seq=4129896277, Ack=42185
28464, Win=57344
19:12:32.867
209.85.175.188 10.60.67.235
5228
46199 TCP
TCP:Flag
s=...A.R.., SrcPort=5228, DstPort=46199, PayloadLen=0, Seq=4129896277, Ack=42185
28464, Win=57344
19:12:34.293
10.60.67.235
239.255.255.250 2660
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:34.293
10.60.67.235
239.255.255.250 2660
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:38.171
10.60.67.235
239.255.255.250 2684
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:38.171
10.60.67.235
239.255.255.250 2684
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:41.631
10.60.67.235
239.255.255.250 2684
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:41.631
10.60.67.235
239.255.255.250 2684
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:41.673
10.60.67.235
239.255.255.250 2707
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:41.673
10.60.67.235
239.255.255.250 2707
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:44.694
10.60.67.235
239.255.255.250 2707
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:44.694
10.60.67.235
239.255.255.250 2707
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:47.695
10.60.67.235
239.255.255.250 2707
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:47.695
10.60.67.235
239.255.255.250 2707
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:59.841
10.60.67.235
239.255.255.250 2768
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:12:59.841
10.60.67.235
239.255.255.250 2768
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:13:02.846
10.60.67.235
239.255.255.250 2768
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:13:02.846
10.60.67.235
239.255.255.250 2768
1900
HTTP
SSDP:Req
uest, M-SEARCH *
19:13:05.550
10.60.67.235
239.255.255.250 2793
1900
HTTP
SSDP:Req
uest, M-SEARCH *

19:13:05.550
10.60.67.235
uest, M-SEARCH *

239.255.255.250 2793

1900

HTTP

SSDP:Req

/////LOG FILE 15/////

Time
Source IP
Dest. IP
Source port
Description
20:15:54.630
10.70.31.239
239.255.255.250 1646
ndefinedValue, Id = 45, Length = 21317
20:15:54.970
10.70.31.239
255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x0EDD431A
20:15:57.649
10.70.31.239
239.255.255.250 1646
ndefinedValue, Id = 45, Length = 21317
20:16:05.505
10.70.31.239
239.255.255.250 1896
uest, M-SEARCH *
20:16:11.394
10.70.31.239
239.255.255.250 1896
uest, M-SEARCH *
20:16:14.405
10.70.31.239
239.255.255.250 1896
uest, M-SEARCH *
20:16:18.573
10.70.31.239
239.255.255.250 2143
uest, M-SEARCH *
20:16:21.574
10.70.31.239
239.255.255.250 2143
uest, M-SEARCH *
20:16:24.583
10.70.31.239
239.255.255.250 2143
uest, M-SEARCH *
20:16:59.159
10.70.31.239
239.255.255.250 2512
uest, M-SEARCH *
20:17:02.208
10.70.31.239
239.255.255.250 2512
uest, M-SEARCH *
20:17:03.643
10.70.31.239
239.255.255.250 2534
uest, M-SEARCH *
20:17:09.358
10.70.31.239
239.255.255.250 2534
uest, M-SEARCH *
20:17:12.362
10.70.31.239
239.255.255.250 2534
uest, M-SEARCH *
20:17:19.560
10.70.31.239
239.255.255.250 2581
uest, M-SEARCH *
20:17:22.563
10.70.31.239
239.255.255.250 2581
uest, M-SEARCH *
20:17:24.468
10.70.31.239
239.255.255.250 2598
uest, M-SEARCH *
20:17:27.470
10.70.31.239
239.255.255.250 2598
uest, M-SEARCH *
20:17:30.470
10.70.31.239
239.255.255.250 2598
uest, M-SEARCH *
20:18:11.897
10.70.31.239
239.255.255.250 2707
uest, M-SEARCH *
20:18:14.917
10.70.31.239
239.255.255.250 2707
uest, M-SEARCH *
20:18:17.923
10.70.31.239
239.255.255.250 2707
uest, M-SEARCH *
20:18:32.397
10.70.31.239
239.255.255.250 2778
uest, M-SEARCH *
20:18:33.732
10.70.31.239
239.255.255.250 2791
uest, M-SEARCH *
20:18:38.419
10.70.31.239
239.255.255.250 2791

Dest. port

Protocol

1900

RADIUS RADIUS:U

67

DHCP

1900

RADIUS RADIUS:U

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

DHCP:Req

uest, M-SEARCH
20:18:41.419
uest, M-SEARCH
20:18:58.425
uest, M-SEARCH
20:18:58.483
uest, M-SEARCH
20:19:01.307
uest, M-SEARCH
20:19:08.855
uest, M-SEARCH
20:19:11.281
uest, M-SEARCH
20:19:14.285
uest, M-SEARCH
20:19:17.285
uest, M-SEARCH
20:19:21.137
uest, M-SEARCH
20:19:24.142
uest, M-SEARCH
20:19:27.144
uest, M-SEARCH
20:19:34.283
uest, M-SEARCH
20:19:37.284
uest, M-SEARCH
20:19:40.288
uest, M-SEARCH
20:20:09.722
uest, M-SEARCH
20:20:12.725
uest, M-SEARCH
20:20:15.725
uest, M-SEARCH
20:20:23.106
uest, M-SEARCH
20:20:26.112
uest, M-SEARCH
20:20:29.115
uest, M-SEARCH
20:20:29.778
uest, M-SEARCH
20:20:33.372
uest, M-SEARCH
20:20:36.398
uest, M-SEARCH
20:20:42.609
uest, M-SEARCH
20:20:45.611
uest, M-SEARCH
20:20:48.662
uest, M-SEARCH
20:21:32.312
uest, M-SEARCH
20:21:35.321
uest, M-SEARCH
20:21:38.071
uest, M-SEARCH
20:21:41.101

*
10.70.31.239

239.255.255.250 2791

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2855

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2863

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2882

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2882

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2921

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2921

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2921

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2950

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2950

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2950

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2993

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2993

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2993

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3083

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3083

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3083

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3277

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3277

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3277

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3355

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3355

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3355

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3516

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3516

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3516

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3638

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3638

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3680

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3680

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
20:21:44.116
uest, M-SEARCH
20:21:54.418
uest, M-SEARCH
20:21:57.421
uest, M-SEARCH
20:21:57.958
uest, M-SEARCH
20:22:00.960
uest, M-SEARCH
20:22:03.964
uest, M-SEARCH
20:22:34.307
uest, M-SEARCH
20:22:37.319
uest, M-SEARCH
20:22:40.057
uest, M-SEARCH
20:22:43.073
uest, M-SEARCH
20:22:46.074
uest, M-SEARCH
20:22:54.462
uest, M-SEARCH
20:22:54.499
uest, M-SEARCH
20:22:57.502
uest, M-SEARCH
20:23:00.513
uest, M-SEARCH
20:23:02.539
uest, M-SEARCH
20:23:05.546
uest, M-SEARCH
20:23:08.549
uest, M-SEARCH
20:23:41.412
uest, M-SEARCH
20:23:41.972
uest, M-SEARCH
20:23:44.985
uest, M-SEARCH
20:23:48.005
uest, M-SEARCH
20:24:01.535
uest, M-SEARCH
20:24:01.896
uest, M-SEARCH
20:24:04.917
uest, M-SEARCH
20:24:07.918
uest, M-SEARCH
20:25:03.047
uest, M-SEARCH
20:25:04.935
uest, M-SEARCH
20:25:08.184
uest, M-SEARCH
20:25:11.187

*
10.70.31.239

239.255.255.250 3680

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3824

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3824

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3841

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3841

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3841

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4035

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4035

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4102

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4102

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4102

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4336

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4342

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4342

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4342

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4485

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4485

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4485

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4816

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4836

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4836

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4836

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4903

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4909

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4909

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4909

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1075

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1093

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1093

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1093

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
20:25:24.197
uest, M-SEARCH
20:25:26.558
uest, M-SEARCH
20:25:29.560
uest, M-SEARCH
20:25:32.565
uest, M-SEARCH
20:25:58.100
uest, M-SEARCH
20:26:01.101
uest, M-SEARCH
20:26:04.115
uest, M-SEARCH
20:26:23.115
uest, M-SEARCH
20:26:26.139
uest, M-SEARCH
20:26:29.140
uest, M-SEARCH
20:26:47.294
uest, M-SEARCH
20:26:50.295
uest, M-SEARCH
20:26:53.297
uest, M-SEARCH
20:26:54.980
uest, M-SEARCH
20:26:57.984
uest, M-SEARCH
20:27:06.398
uest, M-SEARCH
20:27:09.400
uest, M-SEARCH
20:27:12.402
uest, M-SEARCH
20:27:20.232
uest, M-SEARCH
20:27:23.233
uest, M-SEARCH
20:27:26.243
uest, M-SEARCH
20:27:45.837
uest, M-SEARCH
20:27:48.838
uest, M-SEARCH
20:27:51.838
uest, M-SEARCH
20:27:56.367
uest, M-SEARCH
20:27:59.377
uest, M-SEARCH
20:28:02.377
uest, M-SEARCH
20:28:08.376
uest, M-SEARCH
20:28:11.378
uest, M-SEARCH
20:28:14.379

*
10.70.31.239

239.255.255.250 1138

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1151

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1151

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1151

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1257

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1257

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1257

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1469

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1469

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1469

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1689

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1689

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1689

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1721

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1721

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1880

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1880

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1880

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2051

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2051

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2051

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2178

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2178

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2178

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2228

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2228

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2228

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2267

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2267

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2267

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
20:28:19.405
uest, M-SEARCH
20:28:22.420
uest, M-SEARCH
20:28:25.437
uest, M-SEARCH
20:29:28.833
uest, M-SEARCH
20:29:31.833
uest, M-SEARCH
20:29:34.834
uest, M-SEARCH
20:29:56.170
uest, M-SEARCH
20:29:59.175
uest, M-SEARCH
20:30:00.796
uest, M-SEARCH
20:30:03.803
uest, M-SEARCH
20:30:06.852
uest, M-SEARCH
20:30:19.386
uest, M-SEARCH
20:30:19.654
uest, M-SEARCH
20:30:22.656
uest, M-SEARCH
20:30:25.657
uest, M-SEARCH
20:30:42.555
uest, M-SEARCH
20:30:45.555
uest, M-SEARCH
20:30:48.556
uest, M-SEARCH
20:31:12.425
uest, M-SEARCH
20:31:15.426
uest, M-SEARCH
20:31:18.428
uest, M-SEARCH
20:31:20.938
uest, M-SEARCH
20:31:23.939
uest, M-SEARCH
20:31:26.941
uest, M-SEARCH
20:31:34.953
uest, M-SEARCH
20:31:35.042
uest, M-SEARCH
20:31:38.153
uest, M-SEARCH
20:31:41.159
uest, M-SEARCH
20:32:13.432
uest, M-SEARCH
20:32:14.970

*
10.70.31.239

239.255.255.250 2295

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2295

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2295

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2569

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2569

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2569

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2617

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2617

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2685

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2685

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2685

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2776

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2785

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2785

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2785

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2835

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2835

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 2835

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3018

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3018

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3018

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3064

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3064

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3064

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3103

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3112

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3112

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3112

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3287

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3303

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
20:32:18.849
uest, M-SEARCH
20:32:21.850
uest, M-SEARCH
20:32:33.336
uest, M-SEARCH
20:32:36.356
uest, M-SEARCH
20:32:38.002
uest, M-SEARCH
20:32:41.005
uest, M-SEARCH
20:32:44.014
uest, M-SEARCH
20:33:19.087
uest, M-SEARCH
20:33:22.090
uest, M-SEARCH
20:33:25.098
uest, M-SEARCH
20:33:30.217
uest, M-SEARCH
20:33:33.219
uest, M-SEARCH
20:33:36.220
uest, M-SEARCH
20:33:49.086
uest, M-SEARCH
20:33:52.088
uest, M-SEARCH
20:33:55.088
uest, M-SEARCH
20:34:15.975
uest, M-SEARCH
20:34:18.978
uest, M-SEARCH
20:34:20.676
uest, M-SEARCH
20:34:23.677
uest, M-SEARCH
20:34:26.690
uest, M-SEARCH
20:34:46.693
uest, M-SEARCH
20:34:49.693
uest, M-SEARCH
20:34:52.693
uest, M-SEARCH
20:35:51.943
uest, M-SEARCH
20:35:54.945
uest, M-SEARCH
20:35:57.945
uest, M-SEARCH
20:36:07.458
uest, M-SEARCH
20:36:10.460
uest, M-SEARCH
20:36:13.510

*
10.70.31.239

239.255.255.250 3303

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3303

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3387

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3387

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3418

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3418

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3418

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3525

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3525

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3525

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3563

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3563

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3563

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3728

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3728

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3728

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3803

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3803

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3818

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3818

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3818

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3894

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3894

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 3894

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4025

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4025

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4025

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4064

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4064

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4064

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH
20:36:20.766
uest, M-SEARCH
20:36:23.769
uest, M-SEARCH
20:36:26.785
uest, M-SEARCH
20:36:56.347
uest, M-SEARCH
20:36:59.384
uest, M-SEARCH
20:37:01.908
uest, M-SEARCH
20:37:09.707
uest, M-SEARCH
20:37:12.711
uest, M-SEARCH
20:37:16.103
uest, M-SEARCH
20:37:19.118
uest, M-SEARCH
20:37:22.126
uest, M-SEARCH
20:37:46.664
uest, M-SEARCH
20:37:49.131
uest, M-SEARCH
20:37:52.147
uest, M-SEARCH
20:37:55.147
uest, M-SEARCH
20:38:08.520
uest, M-SEARCH
20:38:09.373
uest, M-SEARCH
20:38:12.386
uest, M-SEARCH
20:38:15.389
uest, M-SEARCH
20:38:46.762
uest, M-SEARCH
20:38:49.762
uest, M-SEARCH
20:38:52.782
uest, M-SEARCH
20:38:53.868
uest, M-SEARCH
20:38:58.016
uest, M-SEARCH
20:38:58.130
uest, M-SEARCH
20:39:01.500
uest, M-SEARCH
20:39:04.821
uest, M-SEARCH
20:39:20.790
uest, M-SEARCH
20:39:23.813
uest, M-SEARCH
20:39:26.817

*
10.70.31.239

239.255.255.250 4094

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4094

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4094

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4187

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4187

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4253

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4253

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4253

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4304

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4304

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4304

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4448

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4465

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4465

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4465

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4561

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4585

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4585

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4585

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4886

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4886

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4886

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4944

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4944

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4993

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4993

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 4993

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1084

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1084

1900

HTTP

SSDP:Req

10.70.31.239

239.255.255.250 1084

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

uest, M-SEARCH *
20:39:40.090
10.70.31.239
239.255.255.250 1157
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:39:43.093
10.70.31.239
239.255.255.250 1157
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:39:46.098
10.70.31.239
239.255.255.250 1157
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:39:53.803
10.70.31.239
239.255.255.250 1360
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:39:56.805
10.70.31.239
239.255.255.250 1360
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:39:59.805
10.70.31.239
239.255.255.250 1360
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:40:05.603
10.70.31.239
239.255.255.250 1481
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:40:08.607
10.70.31.239
239.255.255.250 1481
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:40:11.608
10.70.31.239
239.255.255.250 1481
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:40:27.503
10.70.31.239
239.255.255.250 1708
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:40:30.504
10.70.31.239
239.255.255.250 1708
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:40:33.506
10.70.31.239
239.255.255.250 1708
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:41:52.225
10.70.31.239
239.255.255.250 2456
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:41:55.225
10.70.31.239
239.255.255.250 2456
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:41:58.226
10.70.31.239
239.255.255.250 2456
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:06.276
10.70.31.239
239.255.255.250 2491
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:09.277
10.70.31.239
239.255.255.250 2491
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:12.282
10.70.31.239
239.255.255.250 2491
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:17.981
10.70.31.239
202.126.40.5
63554 53
DNS
DNS:Quer
yId = 0x361D, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:18.020
10.70.31.239
239.255.255.250 2515
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:18.065
10.70.31.239
202.126.40.5
63249 53
DNS
DNS:Quer
yId = 0x511C, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:18.981
10.70.31.239
222.127.143.5 63554 53
DNS
DNS:Quer
yId = 0x361D, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:19.065
10.70.31.239
222.127.143.5 63249 53
DNS
DNS:Quer
yId = 0x511C, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:19.989
10.70.31.239
202.126.40.5
63554 53
DNS
DNS:Quer
yId = 0x361D, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:20.120
10.70.31.239
202.126.40.5
63249 53
DNS
DNS:Quer
yId = 0x511C, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:20.962
202.126.40.5
10.70.31.239
53
63554 DNS
DNS:Quer
yId = 0x361D, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]

20:42:20.983
202.126.40.5
10.70.31.239
53
63249 DNS
DNS:Quer
yId = 0x511C, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
20:42:21.005
10.70.31.239
68.178.232.99 2526
81
TCP
TCP:Flag
s=......S., SrcPort=2526, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3872
124863, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
20:42:21.012
222.127.143.5 10.70.31.239
53
63554 DNS
DNS:Quer
yId = 0x361D, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
20:42:21.012
10.70.31.239
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.31.239:63554
20:42:21.030
222.127.143.5 10.70.31.239
53
63249 DNS
DNS:Quer
yId = 0x511C, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
20:42:21.030
10.70.31.239
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.31.239:63249
20:42:21.041
10.70.31.239
239.255.255.250 2515
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:21.052
202.126.40.5
10.70.31.239
53
63554 DNS
DNS:Quer
yId = 0x361D, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
20:42:21.052
10.70.31.239
202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.31.239:63554
20:42:21.060
10.70.31.239
10.225.208.160 2527
81
TCP
TCP:Flag
s=......S., SrcPort=2527, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2020
262078, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
20:42:21.101
202.126.40.5
10.70.31.239
53
63249 DNS
DNS:Quer
yId = 0x511C, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
20:42:21.101
10.70.31.239
202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.31.239:63249
20:42:21.203
68.178.232.99 10.70.31.239
81
2526
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2526, PayloadLen=0, Seq=3715
946853, Ack=3872124864, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
20:42:21.203
10.70.31.239
68.178.232.99 2526
81
TCP
TCP:Flag
s=...A...., SrcPort=2526, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3872
124864, Ack=3715946854, Win=64000 (scale factor 0x1) = 128000
20:42:21.276
10.70.31.239
68.178.232.99 2526
81
HTTP
HTTP:Req
uest, POST /spipe/pkg, Query:AgentGuid={EF8096E1-6DF8-4107-9190-58F9A3090A4F}&So
urce=Agent_3.0.0
20:42:21.276
10.70.31.239
68.178.232.99 2526
81
HTTP
HTTP:HTT
P Payload, URL: /spipe/pkg
20:42:21.276
10.70.31.239
68.178.232.99 2526
81
TCP
TCP:[Con
tinuation to #247]Flags=...AP..., SrcPort=2526, DstPort=HOSTS2 Name Server(81),
PayloadLen=68, Seq=3872126376 - 3872126444, Ack=3715946854, Win=64000 (scale fac
tor 0x1) = 128000
20:42:21.632
10.225.208.160 10.70.31.239
81
2527
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2527, PayloadLen=0, Seq=3718
002524, Ack=2020262079, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
20:42:21.632
10.70.31.239
10.225.208.160 2527
81
TCP
TCP:Flag
s=...A...., SrcPort=2527, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2020
262079, Ack=3718002525, Win=64000 (scale factor 0x1) = 128000
20:42:21.632
10.70.31.239
10.225.208.160 2527
81
TCP
TCP:Flag
s=...A...F, SrcPort=2527, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2020
262079, Ack=3718002525, Win=64000 (scale factor 0x1) = 128000
20:42:21.717
10.70.31.239
10.225.208.160 2528
81
TCP
TCP:Flag
s=......S., SrcPort=2528, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3600
589998, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
20:42:22.082
68.178.232.99 10.70.31.239
81
2526
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2526, PayloadLen=0, Seq=3715

946854, Ack=3872125166, Win=57344 (scale factor 0x0) = 57344

20:42:22.672
68.178.232.99 10.70.31.239
81
2526
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2526, PayloadLen=0, Seq=3715
946854, Ack=3872126444, Win=57344 (scale factor 0x0) = 57344
20:42:22.712
10.225.208.160 10.70.31.239
81
2527
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2527, PayloadLen=0, Seq=3718
002525, Ack=2020262080, Win=57344
20:42:22.752
10.225.208.160 10.70.31.239
81
2528
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2528, PayloadLen=0, Seq=3723
402847, Ack=3600589999, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
20:42:22.752
10.70.31.239
10.225.208.160 2528
81
TCP
TCP:Flag
s=...A...., SrcPort=2528, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3600
589999, Ack=3723402848, Win=64000 (scale factor 0x1) = 128000
20:42:22.754
10.70.31.239
10.225.208.160 2528
81
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
20:42:22.998
10.70.31.239
202.126.40.5
63250 53
DNS
DNS:Quer
yId = 0x237C, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:42:23.132
10.225.208.160 10.70.31.239
81
2528
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2528, PayloadLen=0, Seq=3723
402848, Ack=3600590077, Win=57344 (scale factor 0x0) = 57344
20:42:23.172
202.126.40.5
10.70.31.239
53
63250 DNS
DNS:Quer
yId = 0x237C, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
20:42:24.074
10.70.31.239
239.255.255.250 2515
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:46.837
10.70.31.239
255.255.255.255 1035
1947
UDP
UDP:SrcP
ort = 1035, DstPort = 1947, Length = 48
20:42:48.490
10.70.31.239
239.255.255.250 2659
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:48.760
10.70.31.239
239.255.255.250 2664
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:51.781
10.70.31.239
239.255.255.250 2664
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:54.805
10.70.31.239
239.255.255.250 2664
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:56.279
10.70.31.239
239.255.255.250 2706
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:42:59.319
10.70.31.239
239.255.255.250 2706
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:02.372
10.70.31.239
239.255.255.250 2706
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:27.489
10.70.31.239
239.255.255.250 2799
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:30.497
10.70.31.239
239.255.255.250 2799
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:33.537
10.70.31.239
239.255.255.250 2799
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:36.492
10.70.31.239
239.255.255.250 2827
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:36.666
10.225.208.160 10.70.31.239
81
2527
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2527, PayloadLen=0, Seq=3718
002525, Ack=2020262080, Win=57344
20:43:39.519
10.70.31.239
239.255.255.250 2827
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:42.594
10.70.31.239
239.255.255.250 2827
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:48.846
10.70.31.239
239.255.255.250 2856
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:43:51.846
10.70.31.239
239.255.255.250 2856
1900
HTTP
SSDP:Req

uest, M-SEARCH *
20:43:54.850
10.70.31.239
239.255.255.250 2856
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:44:01.779
10.70.31.239
239.255.255.250 2900
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:44:04.781
10.70.31.239
239.255.255.250 2900
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:44:07.783
10.70.31.239
239.255.255.250 2900
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:09.557
10.70.31.239
239.255.255.250 3376
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:12.558
10.70.31.239
239.255.255.250 3376
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:15.561
10.70.31.239
239.255.255.250 3376
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:29.153
10.70.31.239
239.255.255.250 3428
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:31.436
10.70.31.239
239.255.255.250 3440
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:39.870
10.70.31.239
239.255.255.250 3440
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:42.873
10.70.31.239
239.255.255.250 3440
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:54.301
10.70.31.239
239.255.255.250 3626
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:45:57.301
10.70.31.239
239.255.255.250 3626
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:00.308
10.70.31.239
239.255.255.250 3626
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:10.404
10.70.31.239
239.255.255.250 3682
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:13.404
10.70.31.239
239.255.255.250 3682
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:16.412
10.70.31.239
239.255.255.250 3682
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:22.777
68.178.232.99 10.70.31.239
81
2526
TCP
TCP:[Kee
p alive]Flags=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2526, PayloadLen
=0, Seq=3715946853, Ack=3872126444, Win=57344 (scale factor 0x0) = 57344
20:46:22.777
10.70.31.239
68.178.232.99 2526
81
TCP
TCP:Flag
s=...A...., SrcPort=2526, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3872
126444, Ack=3715946854, Win=64000 (scale factor 0x1) = 128000
20:46:33.812
10.70.31.239
239.255.255.250 3866
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:36.229
10.70.31.239
239.255.255.250 3899
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:39.229
10.70.31.239
239.255.255.250 3899
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:46:42.232
10.70.31.239
239.255.255.250 3899
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:05.755
10.70.31.239
239.255.255.250 4182
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:08.553
10.70.31.239
239.255.255.250 4207
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:11.556
10.70.31.239
239.255.255.250 4207
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:14.562
10.70.31.239
239.255.255.250 4207
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:29.298
10.70.31.239
239.255.255.250 4542
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:29.310
10.70.31.239
239.255.255.250 4548
1900
HTTP
SSDP:Req

uest, M-SEARCH *
20:47:32.311
10.70.31.239
239.255.255.250 4548
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:35.334
10.70.31.239
239.255.255.250 4548
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:37.653
68.178.232.99 10.70.31.239
81
2526
TCP
TCP:[Kee
p alive][Dup Ack #297]Flags=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=25
26, PayloadLen=0, Seq=3715946853, Ack=3872126444, Win=57344 (scale factor 0x0) =
57344
20:47:37.653
10.70.31.239
68.178.232.99 2526
81
TCP
TCP:[Dup
Ack #298]Flags=...A...., SrcPort=2526, DstPort=HOSTS2 Name Server(81), PayloadL
en=0, Seq=3872126444, Ack=3715946854, Win=64000 (scale factor 0x1) = 128000
20:47:46.796
10.70.31.239
239.255.255.250 4629
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:49.796
10.70.31.239
239.255.255.250 4629
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:47:52.796
10.70.31.239
239.255.255.250 4629
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:10.062
10.70.31.239
239.255.255.250 4721
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:13.070
10.70.31.239
239.255.255.250 4721
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:13.614
10.70.31.239
239.255.255.250 4733
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:20.704
10.70.31.239
239.255.255.250 4733
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:23.708
10.70.31.239
239.255.255.250 4733
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:33.922
10.70.31.239
239.255.255.250 4898
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:36.927
10.70.31.239
239.255.255.250 4898
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:39.942
10.70.31.239
239.255.255.250 4898
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:52.172
10.70.31.239
239.255.255.250 1048
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:55.187
10.70.31.239
239.255.255.250 1048
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:48:55.714
68.178.232.99 10.70.31.239
81
2526
TCP
TCP:[Kee
p alive][Request Fast-Retransmit from Seq3872126444]Flags=...A...., SrcPort=HOST
S2 Name Server(81), DstPort=2526, PayloadLen=0, Seq=3715946853, Ack=3872126444,
Win=57344 (scale factor 0x0) = 57344
20:48:55.714
10.70.31.239
68.178.232.99 2526
81
TCP
TCP:[Req
uest Fast-Retransmit from Seq3715946854]Flags=...A...., SrcPort=2526, DstPort=HO
STS2 Name Server(81), PayloadLen=0, Seq=3872126444, Ack=3715946854, Win=64000 (s
cale factor 0x1) = 128000
20:48:58.190
10.70.31.239
239.255.255.250 1048
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:05.104
10.70.31.239
239.255.255.250 1119
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:08.143
10.70.31.239
239.255.255.250 1119
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:09.397
10.70.31.239
202.126.40.5
56839 53
DNS
DNS:Quer
yId = 0x2AA8, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
20:49:09.589
202.126.40.5
10.70.31.239
53
56839 DNS
DNS:Quer
yId = 0x2AA8, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
20:49:10.466
10.70.31.239
202.126.40.5
53753 53
DNS
DNS:Quer
yId = 0xE0C4, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho

st Addr on class Internet

20:49:10.639
202.126.40.5
10.70.31.239
53
53753 DNS
DNS:Quer
yId = 0xE0C4, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
20:49:11.215
10.70.31.239
239.255.255.250 1119
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:16.127
10.70.31.239
239.255.255.250 1253
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:30.567
10.70.31.239
239.255.255.250 1253
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:30.717
10.70.31.239
239.255.255.250 1284
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:33.719
10.70.31.239
239.255.255.250 1284
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:49:36.726
10.70.31.239
239.255.255.250 1284
1900
HTTP
SSDP:Req
uest, M-SEARCH *

/////LOG FILE 16/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
20:50:52.157
202.126.40.5
10.70.17.58
53
59091 DNS
DNS:Quer
yId = 0x489B, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
20:50:54.686
10.70.17.58
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x90DBC983
20:50:58.710
10.70.17.58
239.255.255.250 1732
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:01.717
10.70.17.58
239.255.255.250 1732
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:03.593
10.70.17.58
239.255.255.250 1751
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:06.594
10.70.17.58
239.255.255.250 1751
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:09.607
10.70.17.58
239.255.255.250 1751
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:16.308
10.70.17.58
239.255.255.250 1781
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:19.312
10.70.17.58
239.255.255.250 1781
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:22.316
10.70.17.58
239.255.255.250 1781
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:51.928
10.70.17.58
239.255.255.250 1932
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:54.501
203.177.99.210 10.70.17.58
2000
13384 TCP
TCP:Flag
s=...A...., SrcPort=2000, DstPort=13384, PayloadLen=0, Seq=3464510346, Ack=57091
, Win=57344
20:51:54.501
10.70.17.58
203.177.99.210 13384 2000
TCP
TCP:Flag
s=.....R.., SrcPort=13384, DstPort=2000, PayloadLen=0, Seq=57091, Ack=57091, Win
=0
20:51:54.931
10.70.17.58
239.255.255.250 1932
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:51:57.931
10.70.17.58
239.255.255.250 1932
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:12.071
10.70.17.58
239.255.255.250 2112
1900
HTTP
SSDP:Req

uest, M-SEARCH *
20:52:15.083
10.70.17.58
239.255.255.250 2112
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:17.224
10.70.17.58
239.255.255.250 2161
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:20.231
10.70.17.58
239.255.255.250 2161
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:23.245
10.70.17.58
239.255.255.250 2161
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:35.117
10.70.17.58
239.255.255.250 2213
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:38.119
10.70.17.58
239.255.255.250 2213
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:41.122
10.70.17.58
239.255.255.250 2213
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:53.306
10.70.17.58
239.255.255.250 2329
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:56.319
10.70.17.58
239.255.255.250 2329
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:52:59.337
10.70.17.58
239.255.255.250 2329
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:08.206
203.177.99.210 10.70.17.58
2000
13384 TCP
TCP:Flag
s=...A...., SrcPort=2000, DstPort=13384, PayloadLen=0, Seq=3464510346, Ack=57091
, Win=57344
20:53:08.206
10.70.17.58
203.177.99.210 13384 2000
TCP
TCP:Flag
s=.....R.., SrcPort=13384, DstPort=2000, PayloadLen=0, Seq=57091, Ack=57091, Win
=0
20:53:11.784
10.70.17.58
239.255.255.250 2470
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:14.805
10.70.17.58
239.255.255.250 2470
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:17.146
10.70.17.58
239.255.255.250 2495
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:20.147
10.70.17.58
239.255.255.250 2495
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:23.149
10.70.17.58
239.255.255.250 2495
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:34.892
10.70.17.58
239.255.255.250 2548
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:37.893
10.70.17.58
239.255.255.250 2548
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:53:40.894
10.70.17.58
239.255.255.250 2548
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:54:00.266
10.70.17.58
239.255.255.250 2654
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:54:03.269
10.70.17.58
239.255.255.250 2654
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:54:06.269
10.70.17.58
239.255.255.250 2654
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:54:23.914
203.177.99.210 10.70.17.58
2000
13384 TCP
TCP:[Dup
Ack #12]Flags=...A...., SrcPort=2000, DstPort=13384, PayloadLen=0, Seq=34645103
46, Ack=57091, Win=57344
20:54:23.914
10.70.17.58
203.177.99.210 13384 2000
TCP
TCP:Flag
s=.....R.., SrcPort=13384, DstPort=2000, PayloadLen=0, Seq=57091, Ack=57091, Win
=0
20:54:28.319
10.70.17.58
239.255.255.250 2933
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:54:28.741
10.70.17.58
239.255.255.250 2945
1900
HTTP
SSDP:Req
uest, M-SEARCH *
20:54:33.991
10.70.17.58
239.255.255.250 2945
1900
HTTP
SSDP:Req

uest, M-SEARCH
20:54:36.994
uest, M-SEARCH
20:54:58.734
uest, M-SEARCH
20:54:58.776
uest, M-SEARCH
20:55:01.776
uest, M-SEARCH
20:55:04.781
uest, M-SEARCH
20:56:07.488
uest, M-SEARCH
20:56:10.490
uest, M-SEARCH
20:56:13.492
uest, M-SEARCH
20:56:14.169
uest, M-SEARCH
20:56:17.169
uest, M-SEARCH
20:56:20.170
uest, M-SEARCH

*
10.70.17.58

239.255.255.250 2945

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3011

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3018

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3018

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3018

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3356

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3356

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3356

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3449

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3449

1900

HTTP

SSDP:Req

10.70.17.58

239.255.255.250 3449

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*

/////LOG FILE 17/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
21:06:23.472
10.70.24.195
10.225.208.160 4647
81
TCP
TCP:Flag
s=......S., SrcPort=4647, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3490
941348, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:06:24.185
10.70.24.195
222.127.143.5 64255 53
DNS
DNS:Quer
yId = 0x705E, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:06:24.400
202.126.40.5
10.70.24.195
53
64255 DNS
DNS:Quer
yId = 0x705E, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,208.109.255.49,2607:F208:302:0:0:0:0:31]
21:06:24.409
10.225.208.160 10.70.24.195
81
4647
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4647, PayloadLen=0, Seq=9354
56407, Ack=3490941349, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:06:24.409
10.70.24.195
10.225.208.160 4647
81
TCP
TCP:Flag
s=...A...., SrcPort=4647, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3490
941349, Ack=935456408, Win=64000 (scale factor 0x1) = 128000
21:06:24.423
10.70.24.195
10.225.208.160 4647
81
TCP
TCP:[Seg
ment Lost]Flags=...A...F, SrcPort=4647, DstPort=HOSTS2 Name Server(81), PayloadL
en=0, Seq=3490941349, Ack=935456408, Win=64000 (scale factor 0x1) = 128000
21:06:24.455
10.70.24.195
10.225.208.160 4656
81
TCP
TCP:Flag
s=......S., SrcPort=4656, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=9171
11582, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:06:24.480
222.127.143.5 10.70.24.195
53
64255 DNS
DNS:Quer
yId = 0x705E, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
21:06:24.480
10.70.24.195
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.70.24.195:64255
21:06:24.650
10.225.208.160 10.70.24.195
81
4647
TCP
TCP:Flag

s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4647, PayloadLen=0,

56408, Ack=3490941350, Win=57344
21:06:24.689
10.225.208.160 10.70.24.195
81
4656
TCP
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=4656, PayloadLen=0,
76567, Ack=917111583, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:06:24.689
10.70.24.195
10.225.208.160 4656
81
TCP
s=...A...., SrcPort=4656, DstPort=HOSTS2 Name Server(81), PayloadLen=0,
11583, Ack=937776568, Win=64000 (scale factor 0x1) = 128000
21:06:24.701
10.70.24.195
10.225.208.160 4656
81
TCP
s=...A...F, SrcPort=4656, DstPort=HOSTS2 Name Server(81), PayloadLen=0,
11583, Ack=937776568, Win=64000 (scale factor 0x1) = 128000
21:06:24.930
10.225.208.160 10.70.24.195
81
4656
TCP
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=4656, PayloadLen=0,
76568, Ack=917111584, Win=57344
21:06:26.279
10.70.24.195
239.255.255.250 4642
1900
HTTP
uest, M-SEARCH *
21:06:26.920
10.70.24.195
255.255.255.255 68
67
DHCP
uest, MsgType = INFORM, TransactionID = 0x91942C92
21:06:30.250
10.70.24.195
239.255.255.250 4701
1900
HTTP
uest, M-SEARCH *
21:06:33.271
10.70.24.195
239.255.255.250 4701
1900
HTTP
uest, M-SEARCH *
21:06:46.992
10.70.24.195
239.255.255.250 4778
1900
HTTP
uest, M-SEARCH *
21:06:50.081
10.70.24.195
239.255.255.250 4826
1900
HTTP
uest, M-SEARCH *
21:06:51.109
10.70.24.195
255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:06:51.109
10.70.24.195
255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:06:51.109
10.70.24.195
255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:06:51.110
10.70.24.195
255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:06:53.083
10.70.24.195
239.255.255.250 4826
1900
HTTP
uest, M-SEARCH *
21:06:56.108
10.70.24.195
239.255.255.250 4826
1900
HTTP
uest, M-SEARCH *

Seq=9354
TCP:Flag
Seq=9377
TCP:Flag
Seq=9171
TCP:Flag
Seq=9171
TCP:Flag
Seq=9377
SSDP:Req
DHCP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
UDP:SrcP
UDP:SrcP
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req

/////LOG FILE 18/////

Time
Source IP
Dest. IP
Source port
Description
21:28:42.272
10.50.151.227 255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x858D9C77
21:28:42.287
10.50.151.227 239.255.255.250 4036
uest, M-SEARCH *
21:28:46.274
10.50.151.227 255.255.255.255 68
uest, MsgType = INFORM, TransactionID = 0x858D9C77
21:28:49.364
10.50.151.227 239.255.255.250 4116
uest, M-SEARCH *
21:28:52.365
10.50.151.227 239.255.255.250 4116
uest, M-SEARCH *
21:28:55.374
10.50.151.227 239.255.255.250 4116
uest, M-SEARCH *

Dest. port

Protocol

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

67

DHCP

DHCP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

1900

HTTP

SSDP:Req

21:29:06.318
10.50.151.227 239.255.255.250 4433
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:20.416
10.50.151.227 239.255.255.250 4581
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:23.419
10.50.151.227 239.255.255.250 4581
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:26.424
10.50.151.227 239.255.255.250 4581
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:42.813
10.50.151.227 239.255.255.250 4674
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:45.813
10.50.151.227 239.255.255.250 4674
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:48.704
10.50.151.227 239.255.255.250 4703
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:51.708
10.50.151.227 239.255.255.250 4703
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:29:54.709
10.50.151.227 239.255.255.250 4703
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:30:05.035
10.50.151.227 239.255.255.250 4762
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:30:08.038
10.50.151.227 239.255.255.250 4762
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:30:11.040
10.50.151.227 239.255.255.250 4762
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:30:21.178
10.50.151.227 239.255.255.250 4846
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:30:24.192
10.50.151.227 239.255.255.250 4846
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:30:27.244
10.50.151.227 239.255.255.250 4846
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:07.551
10.50.151.227 239.255.255.250 1105
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:10.553
10.50.151.227 239.255.255.250 1105
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:13.556
10.50.151.227 239.255.255.250 1105
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:26.165
10.50.151.227 239.255.255.250 1220
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:29.209
10.50.151.227 239.255.255.250 1220
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:32.220
10.50.151.227 239.255.255.250 1220
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:48.106
10.50.151.227 239.255.255.250 1638
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:51.106
10.50.151.227 239.255.255.250 1638
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:54.110
10.50.151.227 239.255.255.250 1638
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:31:55.971
10.50.151.227 239.255.255.250 1717
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:00.830
10.50.151.227 239.255.255.250 1717
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:03.346
10.50.151.227 239.255.255.250 1749
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:03.808
10.50.151.227 10.227.12.60
1758
8081
TCP
TCP:Flag
s=......S., SrcPort=1758, DstPort=8081, PayloadLen=0, Seq=1658922462, Ack=0, Win
=65535 ( Negotiating scale factor 0x1 ) = 65535
21:32:05.516
10.227.12.60
10.50.151.227 8081
1758
TCP
TCP:Flag
s=...A..S., SrcPort=8081, DstPort=1758, PayloadLen=0, Seq=549541187, Ack=1658922
463, Win=57344 ( Negotiated scale factor 0x0 ) = 57344

21:32:05.516
10.50.151.227 10.227.12.60
1758
8081
TCP
TCP:Flag
s=...A...., SrcPort=1758, DstPort=8081, PayloadLen=0, Seq=1658922463, Ack=549541
188, Win=64000 (scale factor 0x1) = 128000
21:32:05.517
10.50.151.227 10.227.12.60
1758
8081
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
21:32:05.876
10.227.12.60
10.50.151.227 8081
1758
TCP
TCP:Flag
s=...A...., SrcPort=8081, DstPort=1758, PayloadLen=0, Seq=549541188, Ack=1658922
541, Win=57344 (scale factor 0x0) = 57344
21:32:09.798
10.50.151.227 239.255.255.250 1749
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:16.008
10.50.151.227 239.255.255.250 1862
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:19.010
10.50.151.227 239.255.255.250 1862
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:22.010
10.50.151.227 239.255.255.250 1862
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:28.182
10.50.151.227 239.255.255.250 1942
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:35.243
10.50.151.227 239.255.255.250 1942
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:38.259
10.50.151.227 239.255.255.250 1942
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:52.606
10.50.151.227 239.255.255.250 2184
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:55.620
10.50.151.227 239.255.255.250 2184
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:32:58.625
10.50.151.227 239.255.255.250 2184
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:33:23.354
10.227.12.60
10.50.151.227 8081
1758
TCP
TCP:Flag
s=...A.R.., SrcPort=8081, DstPort=1758, PayloadLen=0, Seq=549541188, Ack=1658922
541, Win=57344
21:33:31.599
10.50.151.227 239.255.255.250 2521
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:33:34.599
10.50.151.227 239.255.255.250 2521
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:33:37.600
10.50.151.227 239.255.255.250 2521
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:33:47.609
10.50.151.227 239.255.255.250 2581
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:33:50.611
10.50.151.227 239.255.255.250 2581
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:33:53.613
10.50.151.227 239.255.255.250 2581
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:34:11.449
10.50.151.227 239.255.255.250 2641
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:34:14.450
10.50.151.227 239.255.255.250 2641
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:34:17.450
10.50.151.227 239.255.255.250 2641
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:10.849
10.50.151.227 239.255.255.250 2814
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:13.849
10.50.151.227 239.255.255.250 2814
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:16.855
10.50.151.227 239.255.255.250 2814
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:23.154
10.50.151.227 239.255.255.250 2947
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:23.199
10.50.151.227 202.126.40.5
65273 53
DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet

21:35:23.241
10.50.151.227 10.225.208.160 2950
81
TCP
TCP:Flag
s=......S., SrcPort=2950, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1219
125848, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:35:24.199
10.50.151.227 222.127.143.5 65273 53
DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:24.750
10.50.151.227 202.126.40.5
50413 53
DNS
DNS:Quer
yId = 0x8634, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:25.199
10.50.151.227 202.126.40.5
65273 53
DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:25.750
10.50.151.227 222.127.143.5 50413 53
DNS
DNS:Quer
yId = 0x8634, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:26.162
10.50.151.227 239.255.255.250 2947
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:26.285
10.50.151.227 10.225.208.160 2950
81
TCP
TCP:[Syn
ReTransmit #64]Flags=......S., SrcPort=2950, DstPort=HOSTS2 Name Server(81), Pay
loadLen=0, Seq=1219125848, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 6
5535
21:35:26.750
10.50.151.227 202.126.40.5
50413 53
DNS
DNS:Quer
yId = 0x8634, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:27.202
10.50.151.227 202.126.40.5
65273 53
DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:27.202
10.50.151.227 222.127.143.5 65273 53
DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Query for epsgt01.globetel.com of type Ho
st Addr on class Internet
21:35:27.321
202.126.40.5
10.50.151.227 53
65273 DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
21:35:27.321
10.225.208.160 10.50.151.227 81
2950
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2950, PayloadLen=0, Seq=8370
54808, Ack=1219125849, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:27.321
10.50.151.227 10.225.208.160 2950
81
TCP
TCP:Flag
s=...A...., SrcPort=2950, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1219
125849, Ack=837054809, Win=64000 (scale factor 0x1) = 128000
21:35:27.321
202.126.40.5
10.50.151.227 53
50413 DNS
DNS:Quer
yId = 0x8634, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
21:35:27.328
10.50.151.227 10.225.208.160 2950
81
TCP
TCP:Flag
s=...A...F, SrcPort=2950, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1219
125849, Ack=837054809, Win=64000 (scale factor 0x1) = 128000
21:35:27.331
222.127.143.5 10.50.151.227 53
65273 DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,208.109.255.49,2607:F208:302:0:0:0:0:31]
21:35:27.331
10.50.151.227 222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.151.227:65273
21:35:27.348
10.50.151.227 10.225.208.160 2968
81
TCP
TCP:Flag
s=......S., SrcPort=2968, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=9023
88249, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:35:27.351
10.50.151.227 10.225.208.160 2969
81
TCP
TCP:Flag
s=......S., SrcPort=2969, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1994
422917, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:35:27.413
202.126.40.5
10.50.151.227 53
65273 DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
21:35:27.413
10.50.151.227 202.126.40.5
n/a
n/a
IPv4
ICMP:Des

tination Unreachable Message, Port Unreachable, 10.50.151.227:65273

21:35:27.440
222.127.143.5 10.50.151.227 53
50413 DNS
DNS:Quer
yId = 0x8634, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,208.109.255.49,2607:F208:302:0:0:0:0:31]
21:35:27.440
10.50.151.227 222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.151.227:50413
21:35:27.541
10.225.208.160 10.50.151.227 81
2950
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2950, PayloadLen=0, Seq=8370
54808, Ack=1219125849, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:27.541
10.50.151.227 10.225.208.160 2950
81
TCP
TCP:Flag
s=...A...., SrcPort=2950, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1219
125850, Ack=837054809, Win=64000 (scale factor 0x1) = 128000
21:35:27.610
202.126.40.5
10.50.151.227 53
50413 DNS
DNS:Quer
yId = 0x8634, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
21:35:27.610
10.50.151.227 202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.151.227:50413
21:35:27.711
202.126.40.5
10.50.151.227 53
65273 DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,208.109.255.49,2607:F208:302:0:0:0:0:31]
21:35:27.711
10.50.151.227 202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.151.227:65273
21:35:27.720
222.127.143.5 10.50.151.227 53
65273 DNS
DNS:Quer
yId = 0xE490, QUERY (Standard query), Response - Success, Array[68.178.232.99,21
6.69.185.49,2607:F208:206:0:0:0:0:31,2607:F208:302:0:0:0:0:31]
21:35:27.720
10.50.151.227 222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.50.151.227:65273
21:35:27.744
10.225.208.160 10.50.151.227 81
2950
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2950, PayloadLen=0, Seq=8370
54809, Ack=1219125850, Win=57344 (scale factor 0x0) = 57344
21:35:27.889
10.225.208.160 10.50.151.227 81
2968
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2968, PayloadLen=0, Seq=8406
42099, Ack=902388250, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:27.890
10.50.151.227 10.225.208.160 2968
81
TCP
TCP:Flag
s=...A...., SrcPort=2968, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=9023
88250, Ack=840642100, Win=64000 (scale factor 0x1) = 128000
21:35:27.890
10.50.151.227 10.225.208.160 2968
81
TCP
TCP:Flag
s=...A...F, SrcPort=2968, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=9023
88250, Ack=840642100, Win=64000 (scale factor 0x1) = 128000
21:35:27.980
10.225.208.160 10.50.151.227 81
2969
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2969, PayloadLen=0, Seq=8408
98396, Ack=1994422918, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:27.980
10.50.151.227 10.225.208.160 2969
81
TCP
TCP:Flag
s=...A...., SrcPort=2969, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1994
422918, Ack=840898397, Win=64000 (scale factor 0x1) = 128000
21:35:27.981
10.50.151.227 10.225.208.160 2969
81
TCP
TCP:Flag
s=...A...F, SrcPort=2969, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1994
422918, Ack=840898397, Win=64000 (scale factor 0x1) = 128000
21:35:28.011
10.50.151.227 10.225.208.160 2970
81
TCP
TCP:Flag
s=......S., SrcPort=2970, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1567
867302, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:35:28.083
10.50.151.227 10.225.208.160 2971
81
TCP
TCP:Flag
s=......S., SrcPort=2971, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3206
000155, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:35:28.490
10.225.208.160 10.50.151.227 81
2968
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2968, PayloadLen=0, Seq=8406
42100, Ack=902388251, Win=57344
21:35:28.530
10.225.208.160 10.50.151.227 81
2969
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2969, PayloadLen=0, Seq=8408
98397, Ack=1994422919, Win=57344

21:35:28.570
10.225.208.160 10.50.151.227 81
2970
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2970, PayloadLen=0, Seq=8460
25755, Ack=1567867303, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:28.570
10.50.151.227 10.225.208.160 2970
81
TCP
TCP:Flag
s=...A...., SrcPort=2970, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=1567
867303, Ack=846025756, Win=64000 (scale factor 0x1) = 128000
21:35:28.570
10.50.151.227 10.225.208.160 2970
81
HTTP
HTTP:Req
uest, HEAD /Software/SiteStat.xml
21:35:28.681
10.225.208.160 10.50.151.227 81
2971
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2971, PayloadLen=0, Seq=8475
64589, Ack=3206000156, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:28.681
10.50.151.227 10.225.208.160 2971
81
TCP
TCP:Flag
s=...A...., SrcPort=2971, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3206
000156, Ack=847564590, Win=64000 (scale factor 0x1) = 128000
21:35:28.682
10.50.151.227 10.225.208.160 2971
81
TCP
TCP:Flag
s=...A...F, SrcPort=2971, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=3206
000156, Ack=847564590, Win=64000 (scale factor 0x1) = 128000
21:35:28.713
10.50.151.227 10.225.208.160 2976
81
TCP
TCP:Flag
s=......S., SrcPort=2976, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2693
03876, Ack=0, Win=65535 ( Negotiating scale factor 0x1 ) = 65535
21:35:29.051
10.225.208.160 10.50.151.227 81
2971
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2971, PayloadLen=0, Seq=8475
64590, Ack=3206000157, Win=57344
21:35:29.051
10.225.208.160 10.50.151.227 81
2976
TCP
TCP:Flag
s=...A..S., SrcPort=HOSTS2 Name Server(81), DstPort=2976, PayloadLen=0, Seq=8519
25390, Ack=269303877, Win=57344 ( Negotiated scale factor 0x0 ) = 57344
21:35:29.051
10.50.151.227 10.225.208.160 2976
81
TCP
TCP:Flag
s=...A...., SrcPort=2976, DstPort=HOSTS2 Name Server(81), PayloadLen=0, Seq=2693
03877, Ack=851925391, Win=64000 (scale factor 0x1) = 128000
21:35:29.051
10.225.208.160 10.50.151.227 81
2970
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2970, PayloadLen=0, Seq=8460
25756, Ack=1567867381, Win=57344 (scale factor 0x0) = 57344
21:35:29.052
10.50.151.227 10.225.208.160 2976
81
HTTP
HTTP:Req
uest, POST /spipe/pkg, Query:AgentGuid={EF8096E1-6DF8-4107-9190-58F9A3090A4F}&So
urce=Agent_3.0.0
21:35:29.052
10.50.151.227 10.225.208.160 2976
81
HTTP
HTTP:HTT
P Payload, URL: /spipe/pkg
21:35:29.053
10.50.151.227 10.225.208.160 2976
81
TCP
TCP:[Con
tinuation to #118]Flags=...AP..., SrcPort=2976, DstPort=HOSTS2 Name Server(81),
PayloadLen=68, Seq=269305383 - 269305451, Ack=851925391, Win=64000 (scale factor
0x1) = 128000
21:35:29.191
10.50.151.227 239.255.255.250 2947
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:35:29.560
10.225.208.160 10.50.151.227 81
2976
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2976, PayloadLen=0, Seq=8519
25391, Ack=269304173, Win=57344 (scale factor 0x0) = 57344
21:35:30.090
10.225.208.160 10.50.151.227 81
2976
TCP
TCP:Flag
s=...A...., SrcPort=HOSTS2 Name Server(81), DstPort=2976, PayloadLen=0, Seq=8519
25391, Ack=269305451, Win=57344 (scale factor 0x0) = 57344
21:35:52.875
10.50.151.227 239.255.255.250 3030
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:36:01.683
10.50.151.227 239.255.255.250 3062
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:36:04.683
10.50.151.227 239.255.255.250 3062
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:36:07.684
10.50.151.227 239.255.255.250 3062
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:36:43.969
10.225.208.160 10.50.151.227 81
2950
TCP
TCP:Flag
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2950, PayloadLen=0, Seq=8370
54809, Ack=1219125850, Win=57344

21:36:43.981
10.225.208.160 10.50.151.227 81
2968
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2968, PayloadLen=0,
42100, Ack=902388251, Win=57344
21:36:43.981
10.225.208.160 10.50.151.227 81
2969
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2969, PayloadLen=0,
98397, Ack=1994422919, Win=57344
21:36:43.990
10.225.208.160 10.50.151.227 81
2970
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2970, PayloadLen=0,
25756, Ack=1567867381, Win=57344
21:36:43.990
10.225.208.160 10.50.151.227 81
2971
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2971, PayloadLen=0,
64590, Ack=3206000157, Win=57344
21:36:44.000
10.225.208.160 10.50.151.227 81
2976
TCP
s=...A.R.., SrcPort=HOSTS2 Name Server(81), DstPort=2976, PayloadLen=0,
25391, Ack=269305451, Win=57344
21:37:01.858
10.50.151.227 239.255.255.250 3787
1900
HTTP
uest, M-SEARCH *
21:37:04.859
10.50.151.227 239.255.255.250 3787
1900
HTTP
uest, M-SEARCH *
21:37:07.859
10.50.151.227 239.255.255.250 3787
1900
HTTP
uest, M-SEARCH *
21:37:24.630
10.50.151.227 239.255.255.250 3893
1900
HTTP
uest, M-SEARCH *
21:37:27.631
10.50.151.227 239.255.255.250 3893
1900
HTTP
uest, M-SEARCH *
21:37:28.764
10.50.151.227 255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:37:28.764
10.50.151.227 255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:37:28.764
10.50.151.227 255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:37:30.647
10.50.151.227 239.255.255.250 3893
1900
HTTP
uest, M-SEARCH *
21:37:56.080
10.50.151.227 239.255.255.250 4084
1900
HTTP
uest, M-SEARCH *
21:37:59.083
10.50.151.227 239.255.255.250 4084
1900
HTTP
uest, M-SEARCH *
21:38:02.086
10.50.151.227 239.255.255.250 4084
1900
HTTP
uest, M-SEARCH *
21:38:14.982
10.50.151.227 255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:38:16.975
10.50.151.227 255.255.255.255 1035
1947
UDP
ort = 1035, DstPort = 1947, Length = 48
21:38:18.399
10.50.151.227 239.255.255.250 4239
1900
HTTP
uest, M-SEARCH *
21:38:21.401
10.50.151.227 239.255.255.250 4239
1900
HTTP
uest, M-SEARCH *
21:38:24.401
10.50.151.227 239.255.255.250 4239
1900
HTTP
uest, M-SEARCH *
21:39:00.343
10.50.151.227 239.255.255.250 4345
1900
HTTP
uest, M-SEARCH *
21:39:03.345
10.50.151.227 239.255.255.250 4345
1900
HTTP
uest, M-SEARCH *
21:39:06.347
10.50.151.227 239.255.255.250 4345
1900
HTTP
uest, M-SEARCH *
21:39:22.575
10.50.151.227 239.255.255.250 4703
1900
HTTP
uest, M-SEARCH *
21:39:25.576
10.50.151.227 239.255.255.250 4703
1900
HTTP
uest, M-SEARCH *
21:39:26.813
10.50.151.227 239.255.255.250 4731
1900
HTTP

TCP:Flag
Seq=8406
TCP:Flag
Seq=8408
TCP:Flag
Seq=8460
TCP:Flag
Seq=8475
TCP:Flag
Seq=8519
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
UDP:SrcP
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
UDP:SrcP
UDP:SrcP
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req
SSDP:Req

uest, M-SEARCH
21:39:29.817
uest, M-SEARCH
21:39:32.837
uest, M-SEARCH
21:39:52.999
uest, M-SEARCH
21:39:56.000
uest, M-SEARCH
21:39:59.000
uest, M-SEARCH
21:40:27.100
uest, M-SEARCH
21:40:30.108
uest, M-SEARCH
21:40:33.109
uest, M-SEARCH
21:40:50.041
uest, M-SEARCH
21:40:53.045
uest, M-SEARCH
21:40:56.051
uest, M-SEARCH
21:41:27.217
uest, M-SEARCH
21:41:30.218
uest, M-SEARCH
21:41:33.220
uest, M-SEARCH
21:41:52.154
uest, M-SEARCH
21:41:55.154
uest, M-SEARCH
21:41:58.158
uest, M-SEARCH
21:42:31.362
uest, M-SEARCH

*
10.50.151.227

239.255.255.250 4731

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 4731

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 4960

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 4960

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 4960

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1157

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1157

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1157

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1220

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1220

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1220

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1321

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1321

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1321

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1385

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1385

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1385

1900

HTTP

SSDP:Req

10.50.151.227

239.255.255.250 1788

1900

HTTP

SSDP:Req

*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*

/////LOG FILE 19/////

Time
Source IP
Dest. IP
Source port
Dest. port
Protocol
Description
21:49:57.286
10.60.4.228
255.255.255.255 68
67
DHCP
DHCP:Req
uest, MsgType = INFORM, TransactionID = 0x860290CB
21:49:57.443
120.28.5.41
10.60.4.228
443
52481 TLS
TLS:TLS
Rec Layer-1 SSL Application Data; TLS Rec Layer-2 Encrypted Alert
21:49:57.443
10.60.4.228
120.28.5.41
52481 443
TCP
TCP:Flag
s=.....R.., SrcPort=52481, DstPort=HTTPS(443), PayloadLen=0, Seq=268601407, Ack=
268601407, Win=0
21:50:07.154
10.60.4.228
239.255.255.250 3921
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:50:09.391
10.60.4.228
239.255.255.250 3945
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:50:12.086
120.28.5.41
10.60.4.228
443
52481 TCP
TCP:Flag
s=...A...., SrcPort=HTTPS(443), DstPort=52481, PayloadLen=0, Seq=500619466, Ack=
268601407, Win=57344

21:50:12.086
10.60.4.228
120.28.5.41
52481 443
TCP
TCP:Flag
s=.....R.., SrcPort=52481, DstPort=HTTPS(443), PayloadLen=0, Seq=268601407, Ack=
268601407, Win=0
21:50:12.401
10.60.4.228
239.255.255.250 3945
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:50:15.405
10.60.4.228
239.255.255.250 3945
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:50:30.092
120.28.5.41
10.60.4.228
443
52481 TLS
TLS:TLS
Rec Layer-1 SSL Application Data; TLS Rec Layer-2 Encrypted Alert
21:50:30.092
10.60.4.228
120.28.5.41
52481 443
TCP
TCP:Flag
s=.....R.., SrcPort=52481, DstPort=HTTPS(443), PayloadLen=0, Seq=268601407, Ack=
268601407, Win=0
21:50:45.667
69.171.227.62 10.60.4.228
443
52402 TCP
TCP:Flag
s=...A...., SrcPort=HTTPS(443), DstPort=52402, PayloadLen=0, Seq=4208373869, Ack
=1104379954, Win=57344
21:50:45.667
10.60.4.228
69.171.227.62 52402 443
TCP
TCP:Flag
s=.....R.., SrcPort=52402, DstPort=HTTPS(443), PayloadLen=0, Seq=1104379954, Ack
=1104379954, Win=0
21:51:01.673
10.60.4.228
239.255.255.250 4521
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:51:03.611
17.149.36.177 10.60.4.228
5223
52252 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=52252, PayloadLen=0, Seq=2944888083, Ack=17513
71300, Win=57344
21:51:03.611
10.60.4.228
17.149.36.177 52252 5223
TCP
TCP:Flag
s=.....R.., SrcPort=52252, DstPort=5223, PayloadLen=0, Seq=1751371300, Ack=17513
71300, Win=0
21:51:04.674
10.60.4.228
239.255.255.250 4521
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:51:07.675
10.60.4.228
239.255.255.250 4521
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:51:22.037
10.60.4.228
239.255.255.250 4695
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:51:25.037
10.60.4.228
239.255.255.250 4695
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:51:27.086
120.28.5.41
10.60.4.228
443
52481 TCP
TCP:Flag
s=...A...., SrcPort=HTTPS(443), DstPort=52481, PayloadLen=0, Seq=500619466, Ack=
268601407, Win=57344
21:51:27.086
10.60.4.228
120.28.5.41
52481 443
TCP
TCP:Flag
s=.....R.., SrcPort=52481, DstPort=HTTPS(443), PayloadLen=0, Seq=268601407, Ack=
268601407, Win=0
21:51:28.048
10.60.4.228
239.255.255.250 4695
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:51:33.488
120.28.5.41
10.60.4.228
443
52481 TLS
TLS:TLS
Rec Layer-1 SSL Application Data; TLS Rec Layer-2 Encrypted Alert
21:51:33.488
10.60.4.228
120.28.5.41
52481 443
TCP
TCP:Flag
s=.....R.., SrcPort=52481, DstPort=HTTPS(443), PayloadLen=0, Seq=268601407, Ack=
268601407, Win=0
21:52:00.085
69.171.227.62 10.60.4.228
443
52402 TCP
TCP:Flag
s=...A...., SrcPort=HTTPS(443), DstPort=52402, PayloadLen=0, Seq=4208373869, Ack
=1104379954, Win=57344
21:52:00.085
10.60.4.228
69.171.227.62 52402 443
TCP
TCP:Flag
s=.....R.., SrcPort=52402, DstPort=HTTPS(443), PayloadLen=0, Seq=1104379954, Ack
=1104379954, Win=0
21:52:18.359
17.149.36.177 10.60.4.228
5223
52252 TCP
TCP:Flag
s=...A...., SrcPort=5223, DstPort=52252, PayloadLen=0, Seq=2944888083, Ack=17513
71300, Win=57344
21:52:18.359
10.60.4.228
17.149.36.177 52252 5223
TCP
TCP:Flag
s=.....R.., SrcPort=52252, DstPort=5223, PayloadLen=0, Seq=1751371300, Ack=17513
71300, Win=0
21:52:27.565
10.60.4.228
239.255.255.250 1099
1900
HTTP
SSDP:Req

uest, M-SEARCH *
21:52:30.566
10.60.4.228
239.255.255.250 1099
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:52:33.567
10.60.4.228
239.255.255.250 1099
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:52:37.529
120.28.5.41
10.60.4.228
443
52481 TCP
TCP:Flag
s=...A.R.., SrcPort=HTTPS(443), DstPort=52481, PayloadLen=0, Seq=500619958, Ack=
268601407, Win=57344
21:52:38.826
10.60.4.228
239.255.255.250 1134
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:52:38.827
10.60.4.228
202.126.40.5
54920 53
DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:39.827
10.60.4.228
222.127.143.5 54920 53
DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:39.827
10.60.4.228
202.126.40.5
54920 53
DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:40.827
10.60.4.228
202.126.40.5
54920 53
DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:40.827
10.60.4.228
222.127.143.5 54920 53
DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:40.990
202.126.40.5
10.60.4.228
53
54920 DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Response - Success, 209.85.175.105, 209.85
.175.106 ...
21:52:41.019
222.127.143.5 10.60.4.228
53
54920 DNS
DNS:Quer
yId = 0x870B, QUERY (Standard query), Response - Success, 74.125.71.99, 74.125.7
1.103 ...
21:52:41.019
10.60.4.228
222.127.143.5 n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.4.228:54920
21:52:41.828
10.60.4.228
239.255.255.250 1134
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:52:44.832
10.60.4.228
239.255.255.250 1134
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:52:46.681
10.60.4.228
202.126.40.5
58725 53
DNS
DNS:Quer
yId = 0xF8B1, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:47.681
10.60.4.228
222.127.143.5 58725 53
DNS
DNS:Quer
yId = 0xF8B1, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:47.681
10.60.4.228
202.126.40.5
58725 53
DNS
DNS:Quer
yId = 0xF8B1, QUERY (Standard query), Query for www.google.com of type Host Add
r on class Internet
21:52:47.758
222.127.143.5 10.60.4.228
53
58725 DNS
DNS:Quer
yId = 0xF8B1, QUERY (Standard query), Response - Success, 74.125.71.99, 74.125.7
1.103 ...
21:52:47.861
202.126.40.5
10.60.4.228
53
58725 DNS
DNS:Quer
yId = 0xF8B1, QUERY (Standard query), Response - Success, 209.85.175.104, 209.85
.175.105 ...
21:52:47.861
10.60.4.228
202.126.40.5
n/a
n/a
IPv4
ICMP:Des
tination Unreachable Message, Port Unreachable, 10.60.4.228:58725
21:52:48.005
10.60.4.228
239.255.255.250 1190
1900
HTTP
SSDP:Req
uest, M-SEARCH *
21:52:51.472
10.60.4.228
239.255.255.250 1190
1900
HTTP
SSDP:Req
uest, M-SEARCH *