2020_09_16_105231.pcap

MD5e1b9da6980d01872c575dfca687ec3e4
Submission Date2020-09-16 08:50:48
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 30
Showing 1-20 of 30 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2020-09-16T05:33:45.332436-070010.8.0.110.206.64.1querymplus.ims.vodafone.comNAPTR(not set)
2
2020-09-16T05:10:42.980240-070010.8.0.110.206.128.1querymplus.ims.vodafone.comNAPTR(not set)
3
2020-09-16T04:26:43.122630-070010.8.0.110.206.64.1querymplus.ims.vodafone.comNAPTR(not set)
4
2020-09-16T05:10:43.029724-070010.206.128.110.8.0.1answermplus.ims.vodafone.comNAPTR(not set)
5
2020-09-16T05:10:43.080247-070010.8.0.110.206.128.1query_sips._tcp.mplus.ims.vodafone.comSRV(not set)
6
2020-09-16T05:10:43.124955-070010.206.128.110.8.0.1answer_sips._tcp.mplus.ims.vodafone.comSRV(not set)
7
2020-09-16T05:10:43.175937-070010.8.0.110.206.128.1querympluswf.ims.vodafone.comA(not set)
8
2020-09-16T05:33:45.387549-070010.206.64.110.8.0.1answermplus.ims.vodafone.comNAPTR(not set)
9
2020-09-16T05:33:45.388270-070010.8.0.110.206.64.1query_sips._tcp.mplus.ims.vodafone.comSRV(not set)
10
2020-09-16T05:33:45.435010-070010.206.64.110.8.0.1answer_sips._tcp.mplus.ims.vodafone.comSRV(not set)
11
2020-09-16T05:33:45.436424-070010.8.0.110.206.64.1querympluswf.ims.vodafone.comA(not set)
12
2020-09-16T04:26:43.188909-070010.206.64.110.8.0.1answermplus.ims.vodafone.comNAPTR(not set)
13
2020-09-16T04:26:43.239217-070010.8.0.110.206.64.1query_sips._tcp.mplus.ims.vodafone.comSRV(not set)
14
2020-09-16T04:26:43.308952-070010.206.64.110.8.0.1answer_sips._tcp.mplus.ims.vodafone.comSRV(not set)
15
2020-09-16T04:26:43.359308-070010.8.0.110.206.64.1querympluswf.ims.vodafone.comA(not set)
16
2020-09-16T05:33:45.480536-070010.206.64.110.8.0.1answermpluswf.ims.vodafone.comA(not set)
17
2020-09-16T05:35:43.188495-070010.8.0.110.206.64.1querymplus.ims.vodafone.comNAPTR(not set)
18
2020-09-16T05:35:43.216826-070010.206.64.110.8.0.1answermplus.ims.vodafone.comNAPTR(not set)
19
2020-09-16T05:35:43.217115-070010.8.0.110.206.64.1query_sips._tcp.mplus.ims.vodafone.comSRV(not set)
20
2020-09-16T05:35:43.251277-070010.206.64.110.8.0.1answer_sips._tcp.mplus.ims.vodafone.comSRV(not set)
TLS 617
Showing 1-20 of 617 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2020-09-16T02:52:35.917332-070010.8.0.174.125.206.188TLS 1.3mtalk.google.com
2
2020-09-16T02:52:57.905083-070010.8.0.1216.58.198.163TLS 1.3beacons.gcp.gvt2.com
3
2020-09-16T02:52:58.653567-070010.8.0.1216.58.211.170TLS 1.3mobilemaps-pa.googleapis.com
4
2020-09-16T02:53:12.821635-070010.8.0.1216.58.198.163TLS 1.3beacons.gcp.gvt2.com
5
2020-09-16T02:53:16.878863-070010.8.0.1216.58.210.35TLS 1.3beacons.gvt2.com
6
2020-09-16T02:53:17.311121-070010.8.0.1216.58.210.35UNDETERMINEDbeacons.gvt2.com
7
2020-09-16T02:53:17.311265-070010.8.0.1216.58.210.35UNDETERMINEDbeacons.gvt2.com
8
2020-09-16T02:53:25.534073-070010.8.0.1172.217.166.195UNDETERMINEDbeacons2.gvt2.com
9
2020-09-16T02:53:12.821669-070010.8.0.1216.58.198.163TLS 1.3beacons.gcp.gvt2.com
10
2020-09-16T02:53:12.821507-070010.8.0.1216.58.198.163TLS 1.3beacons.gcp.gvt2.com
11
2020-09-16T02:53:17.225078-070010.8.0.1216.58.210.35TLS 1.3beacons.gvt2.com
12
2020-09-16T02:53:17.311196-070010.8.0.1216.58.210.35UNDETERMINEDbeacons.gvt2.com
13
2020-09-16T02:53:25.181599-070010.8.0.1172.217.166.195TLS 1.3beacons2.gvt2.com
14
2020-09-16T02:53:25.542650-070010.8.0.1172.217.166.195TLS 1.3beacons2.gvt2.com
15
2020-09-16T02:53:30.180394-070010.8.0.1216.58.198.163TLS 1.3beacons3.gvt2.com
16
2020-09-16T02:53:30.188109-070010.8.0.1216.58.198.163TLS 1.3beacons3.gvt2.com
17
2020-09-16T02:53:30.524835-070010.8.0.1216.58.198.163UNDETERMINEDbeacons3.gvt2.com
18
2020-09-16T02:53:34.445701-070010.8.0.1216.58.212.228TLS 1.2www.google.com
19
2020-09-16T02:56:10.214273-070010.8.0.1172.217.169.14UNDETERMINEDclients4.google.com
20
2020-09-16T02:57:05.687793-070010.8.0.1172.217.169.14UNDETERMINEDclients4.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 19
Showing 1-19 of 19 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-09-16T03:34:19.811726-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
2
2020-09-16T03:40:03.301736-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
3
2020-09-16T03:43:04.068011-070010.8.0.1vas.samsungapps.com80GET/stub/stubUpdateCheck.as?appId=com.samsung.android.app.galaxyfinder&versionCode=806000000&deviceId=SM-G930F&mcc=234&mnc=15&csc=VOD&sdkVer=26&pd=0200
4
2020-09-16T03:47:05.681642-070010.8.0.1vas.samsungapps.com80GET/product/getContentCategoryProductListEx.as?contentCategoryID=0000005274&callerId=com.samsung.android.incallui&deviceId=SM-G930F&mcc=234&mnc=15&csc=VOD&sdkVer=26&scVersion=01010000&alignOrder=recent&imgWidth=512&imgHeight=512&startNum=1&endNum=200&status=0200
5
2020-09-16T03:47:05.782196-070010.8.0.1vas.samsungapps.com80GET/stub/stubUpdateCheck.as?appId=com.samsung.android.mobileservice&callerId=com.samsung.android.mobileservice&versionCode=400100073&deviceId=SM-G930F&mcc=234&mnc=15&csc=VOD&sdkVer=26&pd=0200
6
2020-09-16T03:48:18.654497-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
7
2020-09-16T03:47:06.141878-070010.8.0.1vas.samsungapps.com80GET/product/getContentCategoryProductListEx.as?contentCategoryID=0000005274&callerId=com.samsung.android.incallui&deviceId=SM-G930F&mcc=234&mnc=15&csc=VOD&sdkVer=26&scVersion=01010000&alignOrder=recent&imgWidth=512&imgHeight=512&startNum=1&endNum=200&status=0200
8
2020-09-16T03:55:01.667834-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
9
2020-09-16T03:57:52.735508-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
10
2020-09-16T03:49:43.583315-070010.8.0.1vas.samsungapps.com80GET/stub/stubUpdateCheck.as?appId=com.samsung.android.incallui&callerId=com.samsung.android.contacts&versionCode=302004010&deviceId=SM-G930F&mcc=234&mnc=15&csc=VOD&sdkVer=26&pd=0200
11
2020-09-16T04:18:29.552413-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
12
2020-09-16T04:19:42.567067-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
13
2020-09-16T04:20:06.615464-070010.8.0.1clientservices.googleapis.com80GET/chrome-variations/seed?osname=android&channel=stable&milestone=85304
14
2020-09-16T04:09:26.942851-070010.8.0.1gllto.glpals.com80GET/rtistatus3.dat200
15
2020-09-16T05:43:34.885222-070010.8.0.1b.scorecardresearch.com80GET/p2?c1=19&c2=7849854&ns_ap_an=Gumtree&ns_ap_pn=android&ns_ap_pv=8.0.0&c12=ef3017fb8c6e56c9dd05a3ad7bfa0c87-cs31&ns_ak=GcT0Kme1uFltqZIB5XM39rXT8G9kk%2B%2F1HuUR5uf4fVpAzjhtwIECL%2B%2FPLBBCQ7lybvWADd7gf7hOLwlxWDvphhBhO%2Fbvu9E48GRDx6s4duGUYnV8nHAViyJTQzflMEVlSpk17C0DQMujYGijJGDTkb2Ia8L%2Bo%2FQImVb2fVLwE74%3D&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=herolte&ns_ap_id=1600260212945&ns_ap_csf=1&ns_ap_bi=com.gumtree.android&ns_ap_pfm=android&ns_ap_pfv=8.0.0&ns_ap_ver=6.15.0&ns_ap_sv=5.7.3.190611&ns_ap_bv=1.3.7.190611&ns_ap_smv=2.19&ns_type=view&ns_radio=wwan&ns_nc=1&ns_ap_gs=1600237475720&ns_ap_jb=0&ns_ap_res=1080x1920&ns_ap_sd=1080x1920&ns_ap_po=0x0&ns_ap_install=1600237475720&ns_ap_lastrun=1600245569366&ns_ap_cs=2&ns_ap_runs=2&ns_ap_usage=0&ns_ap_fg=8&ns_ap_ft=231221&ns_ap_dft=231221&ns_ap_bt=0&ns_ap_dbt=0&ns_ap_dit=22501001&ns_ap_as=2&ns_ap_das=2020179&ns_ap_it=22501001&ns_ap_ut=60000&ns_ap_lang=pl&ns_ap_ar=aarch64&ns_ts=1600260207939&ns_ap_cfg=0111-000-3C-7D0-64-A-1F-1E-0&ns_ap_env=1-1-111-1-1&ns_ap_ais=com.android.vending&ns_ap_i3=af5ea56edfeba9adc0bcc17bea247490200
16
2020-09-16T04:09:26.942851-070010.8.0.1maps.googleapis.com80GET/maps/api/elevation/xml?locations=52.531412,-1.824997&sensor=false(not set)
17
2020-09-16T05:43:44.221065-070010.8.0.1redirector.gvt1.com80GET/edgedl/release2/chrome_component/Yk99qyFbmDxza7dNkpIfGQ_2113/AOCbuXdLiMaDfzaUSv5v0YI302
18
2020-09-16T07:20:10.845655-070010.8.0.1www.google.com80GET/favicon.ico304
19
2020-09-16T06:28:53.643761-070010.8.0.1r3---sn-8vq54vox03-aige.gvt1.com80GET/edgedl/release2/chrome_component/Yk99qyFbmDxza7dNkpIfGQ_2113/AOCbuXdLiMaDfzaUSv5v0YI?cms_redirect=yes&mh=Nx&mip=85.255.233.180&mm=28&mn=sn-8vq54vox03-aige&ms=nvh&mt=1600260076&mv=m&mvi=3&pl=23&shardbypass=yes(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 1066
Showing 1-20 of 1,066 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-09-16T03:40:01.199210-070010960225926588flow10.3.156.18847553216.58.212.206443TCPpcapanalyzer
2
2020-09-16T03:40:01.199210-07001174960787642150flow10.3.156.18851334172.217.169.10443TCPpcapanalyzer
3
2020-09-16T03:40:01.199210-0700290588368435383flow10.3.156.18850469216.58.211.164443TCPpcapanalyzer
4
2020-09-16T03:40:01.199210-070036240404988225flow10.3.156.18841198172.217.169.74443TCPpcapanalyzer
5
2020-09-16T03:40:01.199210-0700612667965617155flow10.3.156.18841197172.217.169.74443TCPpcapanalyzer
6
2020-09-16T03:40:01.199210-0700577054096980660flow10.8.0.157454216.58.211.170443TCPpcapanalyzer
7
2020-09-16T03:40:01.199210-0700785222572045851flow10.3.156.18851212216.58.206.110443TCPpcapanalyzer
8
2020-09-16T03:40:01.199210-0700508326032498754flow10.8.0.143454216.58.198.163443TCPpcapanalyzer
9
2020-09-16T03:40:01.199210-07002207131626108847flow10.8.0.140030216.58.210.35443TCPpcapanalyzer
10
2020-09-16T03:40:01.199210-07001228987182657481flow10.8.0.147592216.58.212.228443TCPpcapanalyzer
11
2020-09-16T03:40:01.199210-07001824291126031121flow10.8.0.143414216.58.198.163443TCPpcapanalyzer
12
2020-09-16T03:40:01.199210-07001153322745375985flow10.8.0.140032216.58.210.35443TCPpcapanalyzer
13
2020-09-16T03:40:01.199210-07001307645217310426flow10.8.0.160590172.217.169.14443TCPpcapanalyzer
14
2020-09-16T03:40:01.199210-07001471111672662616flow10.8.0.160591172.217.169.14443TCPpcapanalyzer
15
2020-09-16T03:40:01.199210-0700784118766996413flow10.8.0.156160172.217.166.195443TCPpcapanalyzer
16
2020-09-16T03:40:01.199210-0700514820023181376flow10.8.0.160584172.217.169.14443TCPpcapanalyzer
17
2020-09-16T03:40:01.199210-07001519601851672680flow10.8.0.156159172.217.166.195443TCPpcapanalyzer
18
2020-09-16T03:40:01.199210-07001108019428938812flow10.8.0.157455216.58.211.170443TCPpcapanalyzer
19
2020-09-16T03:40:01.199210-0700686292293601377flow10.8.0.150781216.58.212.234443UDPpcapanalyzer
20
2020-09-16T03:40:01.199210-07001975568464402916flow10.8.0.140034216.58.210.35443TCPpcapanalyzer
File 15
Showing 1-15 of 15 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2020-09-16T03:34:19.811726-070068.232.34.910.8.0.1/rtistatus3.datdata192
2
2020-09-16T03:40:03.301736-0700104.18.9.13510.8.0.1/rtistatus3.datdata192
3
2020-09-16T03:43:04.068011-070054.76.87.19810.8.0.1/stub/stubUpdateCheck.asASCII text570
4
2020-09-16T03:47:05.681642-070052.50.196.13310.8.0.1/product/getContentCategoryProductListEx.asASCII text1553
5
2020-09-16T03:47:05.782196-070052.50.196.13310.8.0.1/stub/stubUpdateCheck.asASCII text583
6
2020-09-16T03:48:18.654497-0700104.18.9.13510.8.0.1/rtistatus3.datdata192
7
2020-09-16T03:47:06.141878-070052.50.196.13310.8.0.1/product/getContentCategoryProductListEx.asASCII text1553
8
2020-09-16T03:55:01.667834-0700104.18.9.13510.8.0.1/rtistatus3.datdata192
9
2020-09-16T03:57:52.735508-0700104.18.9.13510.8.0.1/rtistatus3.datdata192
10
2020-09-16T03:49:43.583315-070052.213.180.7510.8.0.1/stub/stubUpdateCheck.asASCII text563
11
2020-09-16T04:18:29.552413-070068.232.34.910.8.0.1/rtistatus3.datdata192
12
2020-09-16T04:19:42.567067-070068.232.34.910.8.0.1/rtistatus3.datdata192
13
2020-09-16T04:09:26.942851-0700104.18.9.13510.8.0.1/rtistatus3.datdata192
14
2020-09-16T05:43:34.885222-070090.244.157.16910.8.0.1/p2GIF image data, version 89a, 1 x 143
15
2020-09-16T05:43:44.221065-0700216.58.210.23810.8.0.1/edgedl/release2/chrome_component/Yk99qyFbmDxza7dNkpIfGQ_2113/AOCbuXdLiMaDfzaUSv5v0YIHTML document, ASCII text, with very long lines, with CRLF, LF line terminators485

Comments(not set)

Update Download PCAP Delete