file 5.pcap

MD5671eaa07450f6d6546104e43df7897da
Submission Date2020-11-21 03:50:23
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 8
Showing 1-8 of 8 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2020-11-21T03:36:51.436000-080010.8.0.28.8.8.8querygraph.facebook.comA(not set)
2
2020-11-21T03:36:51.437000-080010.8.0.28.8.8.8querye12.whatsapp.netA(not set)
3
2020-11-21T03:36:51.439000-08008.8.8.810.8.0.2answere12.whatsapp.netA(not set)
4
2020-11-21T03:36:51.440000-08008.8.8.810.8.0.2answergraph.facebook.comA(not set)
5
2020-11-21T03:36:51.437000-080010.8.0.28.8.8.8querymqtt-mini.facebook.comA(not set)
6
2020-11-21T03:36:51.440000-08008.8.8.810.8.0.2answermqtt-mini.facebook.comA(not set)
7
2020-11-21T03:36:51.463000-080010.8.0.28.8.8.8queryg.whatsapp.netA(not set)
8
2020-11-21T03:36:51.463000-08008.8.8.810.8.0.2answerg.whatsapp.netA(not set)
TLS 6
Showing 1-6 of 6 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2020-11-21T03:36:51.448000-080010.8.0.269.171.250.34TLS 1.3mqtt-mini.facebook.com
2
2020-11-21T03:36:51.448000-080069.171.250.3410.8.0.2TLS 1.3mqtt-mini.facebook.com
3
2020-11-21T03:36:51.468000-080069.171.250.1510.8.0.2UNDETERMINEDgraph.facebook.com
4
2020-11-21T03:36:51.468000-080010.8.0.269.171.250.15UNDETERMINEDgraph.facebook.com
5
2020-11-21T03:36:51.468000-080074.125.24.15510.8.0.2UNDETERMINEDgoogleads.g.doubleclick.net
6
2020-11-21T03:36:51.468000-080010.8.0.274.125.24.155UNDETERMINEDgoogleads.g.doubleclick.net
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 4
Showing 1-4 of 4 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-11-21T03:36:51.468000-080034.192.181.12c.whatsapp.net39017POST/chat(not set)
2
2020-11-21T03:36:51.468000-080010.8.0.2c.whatsapp.net80POST/chat302
3
2020-11-21T03:36:51.468000-0800202.152.240.50ip.ml.youngjoygame.com39017GET62.216.90.138:80(not set)
4
2020-11-21T03:36:51.468000-080010.8.0.2ip.ml.youngjoygame.com80GET62.216.90.138:80(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 45
Showing 1-20 of 45 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-11-21T03:36:51.468000-08001407842964976344flow74.125.24.1564338610.8.0.239017TCPpcapanalyzer
2
2020-11-21T03:36:51.468000-08001132028755159816flow10.8.0.24454847.74.170.1555222TCPpcapanalyzer
3
2020-11-21T03:36:51.468000-08001980254731348744flow10.8.0.24533269.171.250.34443TCPpcapanalyzer
4
2020-11-21T03:36:51.468000-0800714364660460296flow69.171.250.344533210.8.0.239017TCPpcapanalyzer
5
2020-11-21T03:36:51.468000-08001840900222428192flow202.152.240.503910210.8.0.239017TCPpcapanalyzer
6
2020-11-21T03:36:51.468000-0800156487063417560flow10.76.9.1624338674.125.24.156443TCPpcapanalyzer
7
2020-11-21T03:36:51.468000-0800722404839238408flow74.125.24.1553889610.8.0.239017TCPpcapanalyzer
8
2020-11-21T03:36:51.468000-0800302335562863128flow69.171.250.154195410.8.0.239017TCPpcapanalyzer
9
2020-11-21T03:36:51.468000-08001851452957108000flow10.8.0.2615528.8.8.853UDPpcapanalyzer
10
2020-11-21T03:36:51.468000-0800313094455938608flow161.117.97.8344310.8.0.243036TCPpcapanalyzer
11
2020-11-21T03:36:51.468000-080037215821607640flow10.76.9.16247100161.117.9.4443TCPpcapanalyzer
12
2020-11-21T03:36:51.468000-08002150408450723376flow161.117.84.8944310.8.0.244314TCPpcapanalyzer
13
2020-11-21T03:36:51.468000-08001730764376101400flow10.8.0.24074834.192.181.1280TCPpcapanalyzer
14
2020-11-21T03:36:51.468000-0800886708813148888flow10.76.9.16247108161.117.9.4443TCPpcapanalyzer
15
2020-11-21T03:36:51.468000-08001590744147276504flow10.76.9.16241034161.117.71.92443TCPpcapanalyzer
16
2020-11-21T03:36:51.468000-0800466506392777432flow10.76.9.1624192874.125.24.155443TCPpcapanalyzer
17
2020-11-21T03:36:51.468000-080061216098855688flow10.8.0.23889674.125.24.155443TCPpcapanalyzer
18
2020-11-21T03:36:51.468000-08001753789695773256flow161.117.9.444310.8.0.247100TCPpcapanalyzer
19
2020-11-21T03:36:51.468000-08001474573871854296flow161.117.71.924103410.8.0.239017TCPpcapanalyzer
20
2020-11-21T03:36:51.468000-0800209370995733208flow10.76.9.16244314161.117.84.89443TCPpcapanalyzer
File 5
Showing 1-5 of 5 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2020-11-21T03:36:51.463000-080034.192.181.1210.8.0.2/chatHTML document, ASCII text, with no line terminators154
2
2020-11-21T03:36:51.468000-080034.192.181.1210.8.0.2/chatdata280
3
2020-11-21T03:36:51.468000-080010.8.0.234.192.181.12/chatHTML document, ASCII text, with no line terminators154
4
2020-11-21T03:36:51.468000-080010.8.0.234.192.181.12/chatdata280
5
2020-11-21T03:36:51.468000-080010.8.0.2202.152.240.5080HTML document, ASCII text, with no line terminators178

Comments(not set)

Update Download PCAP Delete