API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 18th, 2015
474
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.78 KB | None | 0 0
raw download clone embed print report
  1. Script started on Tue Aug 18 13:58:38 2015
  2. sh -c tcpdump -s0 -i em1 -lenxp host mail.stadium-live.ru and port 25 | tcpshow -cooked -noHostNames
  3. tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  4. listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
  5. ---------------------------------------------------------------------------
  6. Packet 1
  7. TIME: 13:58:54.102627
  8. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  9. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=60 id=8B82
  10. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=187C
  11. TCP: port 55192 -> smtp seq=2017905657 ack=0000000000
  12. hlen=40 (data=0) UAPRSF=000010 wnd=65535 cksum=96EC urg=0
  13. DATA: <No data>
  14.  
  15. ---------------------------------------------------------------------------
  16. Packet 2
  17. TIME: 13:58:54.204787 (0.102160)
  18. LINK: CC:CC:81:70:54:39 -> 00:25:90:34:97:DB type=IPv4
  19. IP: 78.24.157.10 -> 78.111.93.44 hlen=20 TOS=00 dgramlen=60 id=2040
  20. MF/DF=0/1 frag=0 TTL=121 proto=TCP cksum=4ABE
  21. TCP: port smtp -> 55192 seq=2994491985 ack=2017905658
  22. hlen=40 (data=0) UAPRSF=010010 wnd=8192 cksum=F5A3 urg=0
  23. DATA: <No data>
  24.  
  25. ---------------------------------------------------------------------------
  26. Packet 3
  27. TIME: 13:58:54.204826 (0.000039)
  28. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  29. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=52 id=8B97
  30. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=186F
  31. TCP: port 55192 -> smtp seq=2017905658 ack=2994491986
  32. hlen=32 (data=0) UAPRSF=010000 wnd=8208 cksum=96E4 urg=0
  33. DATA: <No data>
  34.  
  35. ---------------------------------------------------------------------------
  36. Packet 4
  37. TIME: 13:58:54.409257 (0.204431)
  38. LINK: CC:CC:81:70:54:39 -> 00:25:90:34:97:DB type=IPv4
  39. IP: 78.24.157.10 -> 78.111.93.44 hlen=20 TOS=00 dgramlen=146 id=2046
  40. MF/DF=0/1 frag=0 TTL=121 proto=TCP cksum=4A62
  41. TCP: port smtp -> 55192 seq=2994491986 ack=2017905658
  42. hlen=32 (data=94) UAPRSF=011000 wnd=513 cksum=92AF urg=0
  43. DATA: 220 ********************************************************
  44. ********************************.
  45.  
  46.  
  47. ---------------------------------------------------------------------------
  48. Packet 5
  49. TIME: 13:58:54.409328 (0.000071)
  50. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  51. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=70 id=8BCB
  52. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=1829
  53. TCP: port 55192 -> smtp seq=2017905658 ack=2994492080
  54. hlen=32 (data=18) UAPRSF=011000 wnd=8208 cksum=96F6 urg=0
  55. DATA: EHLO mail.nca.ru.
  56.  
  57.  
  58. ---------------------------------------------------------------------------
  59. Packet 6
  60. TIME: 13:58:54.611831 (0.202503)
  61. LINK: CC:CC:81:70:54:39 -> 00:25:90:34:97:DB type=IPv4
  62. IP: 78.24.157.10 -> 78.111.93.44 hlen=20 TOS=00 dgramlen=311 id=204A
  63. MF/DF=0/1 frag=0 TTL=121 proto=TCP cksum=49B9
  64. TCP: port smtp -> 55192 seq=2994492080 ack=2017905676
  65. hlen=32 (data=259) UAPRSF=011000 wnd=512 cksum=2979 urg=0
  66. DATA: 250-srv-ex1.stadium.ru Hello [78.111.93.44].
  67. 250-SIZE.
  68. 250-PIPELINING.
  69. 250-DSN.
  70. 250-ENHANCEDSTATUSCODES.
  71. 250-XXXXXXXA.
  72. 250-XXXXXXXXXXXXXB.
  73. 250-AUTH NTLM.
  74. 250-XXXXXXXXXXXXXXXXXC.
  75. 250-8BITMIME.
  76. 250-BINARYMIME.
  77. 250-XXXXXXXD.
  78. 250-XXXXXXE.
  79. 250-XXXXF.
  80. 250 XXXXXXG.
  81.  
  82.  
  83. ---------------------------------------------------------------------------
  84. Packet 7
  85. TIME: 13:58:54.611937 (0.000106)
  86. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  87. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=179 id=8BDB
  88. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=17AC
  89. TCP: port 55192 -> smtp seq=2017905676 ack=2994492339
  90. hlen=32 (data=127) UAPRSF=011000 wnd=8208 cksum=9763 urg=0
  91. DATA: MAIL FROM:<it@nca.ru> SIZE=1867 BODY=7BIT.
  92. RCPT TO:<a.balashov@stadium-live.ru> ORCPT=rfc822;a.balashov
  93. @stadium-live.ru.
  94. DATA.
  95.  
  96.  
  97. ---------------------------------------------------------------------------
  98. Packet 8
  99. TIME: 13:58:54.824575 (0.212638)
  100. LINK: CC:CC:81:70:54:39 -> 00:25:90:34:97:DB type=IPv4
  101. IP: 78.24.157.10 -> 78.111.93.44 hlen=20 TOS=00 dgramlen=143 id=204E
  102. MF/DF=0/1 frag=0 TTL=121 proto=TCP cksum=4A5D
  103. TCP: port smtp -> 55192 seq=2994492339 ack=2017905803
  104. hlen=32 (data=91) UAPRSF=011000 wnd=512 cksum=E8AE urg=0
  105. DATA: 250 2.1.0 Sender OK.
  106. 250 2.1.5 Recipient OK.
  107. 354 Start mail input; end with <CRLF>.<CRLF>.
  108.  
  109.  
  110. ---------------------------------------------------------------------------
  111. Packet 9
  112. TIME: 13:58:54.824663 (0.000088)
  113. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  114. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=0 id=8BF9
  115. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=0000
  116. TCP: port 55192 -> smtp seq=2017905803 ack=2994492430
  117. hlen=32 (data=4294967244) UAPRSF=011000 wnd=8208 cksum=96C4 urg=0
  118. DATA:
  119.  
  120. ---------------------------------------------------------------------------
  121. Packet 10
  122. TIME: 13:58:55.499307 (0.674644)
  123. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  124. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=1420 id=8C3C
  125. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=1272
  126. TCP: port 55192 -> smtp seq=2017905803 ack=2994492430
  127. hlen=32 (data=1368) UAPRSF=010000 wnd=8208 cksum=9C3C urg=0
  128. DATA: Received: from ncamail.office.local (localhost [127.0.0.1]).
  129. by mail.nca.ru (Postfix) with ESMTP id 166013F4F5.
  130. for <a.balashov@stadium-live.ru>; Tue, 18 Aug 2015 13:58:54
  131. +0300 (MSK).
  132. Authentication-Results: ncamail.office.local (amavisd-new);.
  133. dkim=pass (1024-bit key) reason="pass (just generated, assu
  134. med good)".
  135. header.d=nca.ru.
  136. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nca.r
  137. u; h=.
  138. content-transfer-encoding:content-type:content-type:subject
  139. .
  140. :subject:mime-version:user-agent:from:from:date:date:messag
  141. e-id.
  142. :received:received; s=nca; t=1439895533; bh=maYKk1uz/pALYBi
  143. HmbV+.
  144. 6ft+9tfykShPzwVQlktOUB8=; b=XEO85ShFhyehOSnNC1f167CuYmk59B8
  145. /0P94.
  146. cmBVUxqcXpBqdcJ3SphkUHoYM/IhdveIjev/yasnsVJJs8XyC60RPrvCbzA
  147. 3sHgi.
  148. zzut7jDTsHK/YcIEqKFKXt5JI4UGhiy9aAGkRLtmUQMrjUNYd4xX6pTHxJC
  149. dl925.
  150. NDcIScs=.
  151. X-Virus-Scanned: amavisd-new at office.local.
  152. Received: from mail.nca.ru ([127.0.0.1]).
  153. by ncamail.office.local (ncamail.office.local [127.0.0.1])
  154. (amavisd-new, port 10026).
  155. with ESMTP id cGJeuawqZRsz for <a.balashov@stadium-live.ru>
  156. ;.
  157. Tue, 18 Aug 2015 13:58:53 +0300 (MSK).
  158. Received: from backupsrv.office.local (backupsrv.office.loca
  159. l [192.168.253.15]).
  160. (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 b
  161. its)).
  162. (No client certificate requested).
  163. by mail.nca.ru (Postfix) with ESMTPSA id E106C3F4F4.
  164. for <a.balashov@stadium-live.ru>; Tue,
  165.  
  166. ---------------------------------------------------------------------------
  167. Packet 11
  168. TIME: 13:58:56.648752 (1.149445)
  169. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  170. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=1420 id=8C90
  171. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=121E
  172. TCP: port 55192 -> smtp seq=2017905803 ack=2994492430
  173. hlen=32 (data=1368) UAPRSF=010000 wnd=8208 cksum=9C3C urg=0
  174. DATA: Received: from ncamail.office.local (localhost [127.0.0.1]).
  175. by mail.nca.ru (Postfix) with ESMTP id 166013F4F5.
  176. for <a.balashov@stadium-live.ru>; Tue, 18 Aug 2015 13:58:54
  177. +0300 (MSK).
  178. Authentication-Results: ncamail.office.local (amavisd-new);.
  179. dkim=pass (1024-bit key) reason="pass (just generated, assu
  180. med good)".
  181. header.d=nca.ru.
  182. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nca.r
  183. u; h=.
  184. content-transfer-encoding:content-type:content-type:subject
  185. .
  186. :subject:mime-version:user-agent:from:from:date:date:messag
  187. e-id.
  188. :received:received; s=nca; t=1439895533; bh=maYKk1uz/pALYBi
  189. HmbV+.
  190. 6ft+9tfykShPzwVQlktOUB8=; b=XEO85ShFhyehOSnNC1f167CuYmk59B8
  191. /0P94.
  192. cmBVUxqcXpBqdcJ3SphkUHoYM/IhdveIjev/yasnsVJJs8XyC60RPrvCbzA
  193. 3sHgi.
  194. zzut7jDTsHK/YcIEqKFKXt5JI4UGhiy9aAGkRLtmUQMrjUNYd4xX6pTHxJC
  195. dl925.
  196. NDcIScs=.
  197. X-Virus-Scanned: amavisd-new at office.local.
  198. Received: from mail.nca.ru ([127.0.0.1]).
  199. by ncamail.office.local (ncamail.office.local [127.0.0.1])
  200. (amavisd-new, port 10026).
  201. with ESMTP id cGJeuawqZRsz for <a.balashov@stadium-live.ru>
  202. ;.
  203. Tue, 18 Aug 2015 13:58:53 +0300 (MSK).
  204. Received: from backupsrv.office.local (backupsrv.office.loca
  205. l [192.168.253.15]).
  206. (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 b
  207. its)).
  208. (No client certificate requested).
  209. by mail.nca.ru (Postfix) with ESMTPSA id E106C3F4F4.
  210. for <a.balashov@stadium-live.ru>; Tue,
  211.  
  212. ---------------------------------------------------------------------------
  213. Packet 12
  214. TIME: 13:58:58.745974 (2.097222)
  215. LINK: 00:25:90:34:97:DB -> CC:CC:81:70:54:39 type=IPv4
  216. IP: 78.111.93.44 -> 78.24.157.10 hlen=20 TOS=00 dgramlen=1420 id=8CBA
  217. MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=11F4
  218. TCP: port 55192 -> smtp seq=2017905803 ack=2994492430
  219. hlen=32 (data=1368) UAPRSF=010000 wnd=8208 cksum=9C3C urg=0
  220. DATA: Received: from ncamail.office.local (localhost [127.0.0.1]).
  221. by mail.nca.ru (Postfix) with ESMTP id 166013F4F5.
  222. for <a.balashov@stadium-live.ru>; Tue, 18 Aug 2015 13:58:54
  223. +0300 (MSK).
  224. Authentication-Results: ncamail.office.local (amavisd-new);.
  225. dkim=pass (1024-bit key) reason="pass (just generated, assu
  226. med good)".
  227. header.d=nca.ru.
  228. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nca.r
  229. u; h=.
  230. content-transfer-encoding:content-type:content-type:subject
  231. .
  232. :subject:mime-version:user-agent:from:from:date:date:messag
  233. e-id.
  234. :received:received; s=nca; t=1439895533; bh=maYKk1uz/pALYBi
  235. HmbV+.
  236. 6ft+9tfykShPzwVQlktOUB8=; b=XEO85ShFhyehOSnNC1f167CuYmk59B8
  237. /0P94.
  238. cmBVUxqcXpBqdcJ3SphkUHoYM/IhdveIjev/yasnsVJJs8XyC60RPrvCbzA
  239. 3sHgi.
  240. zzut7jDTsHK/YcIEqKFKXt5JI4UGhiy9aAGkRLtmUQMrjUNYd4xX6pTHxJC
  241. dl925.
  242. NDcIScs=.
  243. X-Virus-Scanned: amavisd-new at office.local.
  244. Received: from mail.nca.ru ([127.0.0.1]).
  245. by ncamail.office.local (ncamail.office.local [127.0.0.1])
  246. (amavisd-new, port 10026).
  247. with ESMTP id cGJeuawqZRsz for <a.balashov@stadium-live.ru>
  248. ;.
  249. Tue, 18 Aug 2015 13:58:53 +0300 (MSK).
  250. Received: from backupsrv.office.local (backupsrv.office.loca
  251. l [192.168.253.15]).
  252. (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 b
  253. its)).
  254. (No client certificate requested).
  255. by mail.nca.ru (Postfix) with ESMTPSA id E106C3F4F4.
  256. for <a.balashov@stadium-live.ru>; Tue,
  257.  
  258. ---------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!