01-06-18___08-04-2021_raw.pcap

MD5b3387b04f11932e6209e7cb38ef5f182
Submission Date2021-04-08 02:46:35
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2021-04-07T15:07:12.015687-0700192.168.2.100192.168.2.1ET DNS Query for .to TLD*
DNS 35
Showing 1-20 of 35 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2021-04-07T15:06:23.463334-0700192.168.2.104192.168.2.1querybeacons.gcp.gvt2.comA(not set)
2
2021-04-07T15:06:23.494119-0700192.168.2.100192.168.2.1querybeacons.gcp.gvt2.comA(not set)
3
2021-04-07T15:06:23.505707-0700192.168.2.1192.168.2.100answerbeacons.gcp.gvt2.comA(not set)
4
2021-04-07T15:06:23.508150-0700192.168.2.1192.168.2.104answerbeacons.gcp.gvt2.comA(not set)
5
2021-04-07T15:06:43.812262-0700192.168.2.104192.168.2.1querybeacons.gvt2.comA(not set)
6
2021-04-07T15:06:43.840980-0700192.168.2.1192.168.2.104answerbeacons.gvt2.comA(not set)
7
2021-04-07T15:07:12.015687-0700192.168.2.100192.168.2.1queryapp.4pda.toA(not set)
8
2021-04-07T15:06:43.823965-0700192.168.2.100192.168.2.1querybeacons.gvt2.comA(not set)
9
2021-04-07T15:06:43.839036-0700192.168.2.1192.168.2.100answerbeacons.gvt2.comA(not set)
10
2021-04-07T15:10:33.011328-0700192.168.2.100192.168.2.1querydecide.mixpanel.comA(not set)
11
2021-04-07T15:10:33.032313-0700192.168.2.1192.168.2.100answerdecide.mixpanel.comA(not set)
12
2021-04-07T15:10:40.207339-0700192.168.2.101192.168.2.1querylcdn-locator.apple.comA(not set)
13
2021-04-07T15:10:40.296855-0700192.168.2.1192.168.2.101answerlcdn-locator.apple.comA(not set)
14
2021-04-07T15:07:12.048020-0700192.168.2.1192.168.2.100answerapp.4pda.toA(not set)
15
2021-04-07T15:07:29.802819-0700192.168.2.100192.168.2.1queryplay.googleapis.comA(not set)
16
2021-04-07T15:07:29.828476-0700192.168.2.1192.168.2.100answerplay.googleapis.comA(not set)
17
2021-04-07T15:09:58.920940-0700192.168.2.100192.168.2.1queryv1A(not set)
18
2021-04-07T15:09:58.962893-0700192.168.2.1192.168.2.100answerv1A(not set)
19
2021-04-07T15:16:16.491101-0700192.168.2.100192.168.2.1queryapi.mixpanel.comA(not set)
20
2021-04-07T15:16:16.636314-0700192.168.2.1192.168.2.100answerapi.mixpanel.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2021-04-07T15:06:43.917271-0700192.168.2.104172.217.16.131TLS 1.3beacons2.gvt2.com
2
2021-04-07T15:06:43.913596-0700192.168.2.104216.58.207.195TLS 1.3beacons.gvt2.com
3
2021-04-07T15:07:29.887275-0700192.168.2.100216.58.207.202TLS 1.3play.googleapis.com
4
2021-04-07T15:07:41.208506-0700192.168.2.100151.101.84.233TLS 1.2venetia.iad.appboy.com
5
2021-04-07T15:09:03.127676-0700192.168.2.104172.217.21.174TLS 1.3clients4.google.com
6
2021-04-07T15:10:33.101450-0700192.168.2.10035.186.241.51TLS 1.3decide.mixpanel.com
7
2021-04-07T15:15:37.950583-0700192.168.2.10052.0.254.124TLS 1.2(not set)
8
2021-04-07T15:16:16.847410-0700192.168.2.100107.178.240.159TLS 1.3api.mixpanel.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 6
Showing 1-6 of 6 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2021-04-07T15:15:35.014218-0700192.168.2.100api.openweathermap.org80GET/data/2.5/weather?lat=59.324994&lon=27.425824&mode=json&units=metric&lang=ru&appid=bf2e711833265643fa9749dfbc9c2d54200
2
2021-04-07T15:15:35.274600-0700192.168.2.100api.openweathermap.org80GET/data/2.5/forecast/daily?lat=59.324994&lon=27.425824&mode=json&units=metric&lang=ru&cnt=5&appid=bf2e711833265643fa9749dfbc9c2d54200
3
2021-04-07T15:15:41.584781-0700192.168.2.100api.openweathermap.org80GET/data/2.5/weather?lat=59.325153&lon=27.425543&mode=json&units=metric&lang=ru&appid=bf2e711833265643fa9749dfbc9c2d54200
4
2021-04-07T15:15:41.735953-0700192.168.2.100api.openweathermap.org80GET/data/2.5/forecast/daily?lat=59.325153&lon=27.425543&mode=json&units=metric&lang=ru&cnt=5&appid=bf2e711833265643fa9749dfbc9c2d54200
5
2021-04-07T15:16:31.138671-0700192.168.2.101ocsp.apple.com80GET/ocsp03-apevsrsa2g101/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFM7gyLf%2F7y54iXh4HLpRmcJ2wP77BBRQVatDoa%2BpSCtawaKHiQTkeg7K2gIQHT70ddn1FE3aGWnFAfZOyg%3D%3D(not set)
6
2021-04-07T15:16:31.138671-0700192.168.2.100ocsp.apple.com80GET/ocsp03-apevsrsa2g101/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFM7gyLf%2F7y54iXh4HLpRmcJ2wP77BBRQVatDoa%2BpSCtawaKHiQTkeg7K2gIQHT70ddn1FE3aGWnFAfZOyg%3D%3D200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 64
Showing 1-20 of 64 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2021-04-07T15:16:31.138671-07002111191927147834flow192.168.2.10453446216.58.211.5443TCPpcapanalyzer
2
2021-04-07T15:16:31.138671-0700563109622871834flow192.168.2.10435863142.250.74.4443UDPpcapanalyzer
3
2021-04-07T15:16:31.138671-0700367973214880flow192.168.2.10435694172.217.21.174443UDPpcapanalyzer
4
2021-04-07T15:16:31.138671-07001551029411856387flow192.168.2.10048897192.168.2.153UDPpcapanalyzer
5
2021-04-07T15:16:31.138671-07001270774202646222flow192.168.2.1004092835.186.241.51443TCPpcapanalyzer
6
2021-04-07T15:16:31.138671-0700146514977435974flow192.168.2.10451091216.58.211.131443UDPpcapanalyzer
7
2021-04-07T15:16:31.138671-0700293645536161073flow192.168.2.1015353224.0.0.2515353UDPpcapanalyzer
8
2021-04-07T15:16:31.138671-07001420183228877351flow192.168.2.10012526192.168.2.153UDPpcapanalyzer
9
2021-04-07T15:16:31.138671-07002123945849282736flow17.57.146.215223192.168.2.10149913TCPpcapanalyzer
10
2021-04-07T15:16:31.138671-07002126836362382783flow192.168.2.10054904192.168.2.153UDPpcapanalyzer
11
2021-04-07T15:16:31.138671-07001144274540235268flow192.168.2.10456471172.217.21.174443UDPpcapanalyzer
12
2021-04-07T15:16:31.138671-07001567507051755824flow192.168.2.104500213.161.47.20500UDPpcapanalyzer
13
2021-04-07T15:16:31.138671-0700863907671405452flowfe80:0000:0000:0000:0c62:3411:0c2c:ac9a5353ff02:0000:0000:0000:0000:0000:0000:00fb5353UDPpcapanalyzer
14
2021-04-07T15:16:31.138671-0700868548384716961flow192.168.2.153888239.255.255.2501900UDPpcapanalyzer
15
2021-04-07T15:16:31.138671-07002135452066782139flow192.168.2.10149299192.168.2.153UDPpcapanalyzer
16
2021-04-07T15:16:31.138671-0700728289767305995flow192.168.2.10442026142.250.74.4443UDPpcapanalyzer
17
2021-04-07T15:16:31.138671-0700869130336167921flow192.168.2.10451702172.217.21.174443TCPpcapanalyzer
18
2021-04-07T15:16:31.138671-07001014989578768297flow192.168.2.1045837869.171.250.34443TCPpcapanalyzer
19
2021-04-07T15:16:31.138671-0700875023032628597flow142.250.74.131443192.168.2.10041120TCPpcapanalyzer
20
2021-04-07T15:16:31.138671-07002004981683077365flow192.168.2.1044500213.161.47.204500UDPpcapanalyzer
File 6
Showing 1-6 of 6 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2021-04-07T15:15:35.014218-070082.196.7.246192.168.2.100/data/2.5/weatherUTF-8 Unicode text, with very long lines, with no line terminators523
2
2021-04-07T15:15:35.274600-070082.196.7.246192.168.2.100/data/2.5/forecast/dailyUTF-8 Unicode text, with very long lines, with no line terminators2102
3
2021-04-07T15:15:41.584781-070082.196.7.246192.168.2.100/data/2.5/weatherUTF-8 Unicode text, with very long lines, with no line terminators524
4
2021-04-07T15:15:41.735953-070082.196.7.246192.168.2.100/data/2.5/forecast/dailyUTF-8 Unicode text, with very long lines, with no line terminators2100
5
2021-04-07T15:16:31.138671-070017.253.39.204192.168.2.101/ocsp03-apevsrsa2g101/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFM7gyLf/7y54iXh4HLpRmcJ2wP77BBRQVatDoa+pSCtawaKHiQTkeg7K2gIQHT70ddn1FE3aGWnFAfZOyg==data2793
6
2021-04-07T15:16:31.138671-070017.253.39.204192.168.2.100/ocsp03-apevsrsa2g101/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFM7gyLf/7y54iXh4HLpRmcJ2wP77BBRQVatDoa+pSCtawaKHiQTkeg7K2gIQHT70ddn1FE3aGWnFAfZOyg==data2150

Comments(not set)

Update Download PCAP Delete