csploit-sniff-1619945648137.pcap

MD5b733282d0dd045444a1fe4e28843f231
Submission Date2021-05-02 20:15:44
Tags(not set)
Alert 5
Showing 1-5 of 5 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2021-05-02T18:52:14.668006-070010.0.0.15952.23.111.175ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
2
2021-05-02T18:52:16.031299-070010.0.0.15952.23.111.175ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
3
2021-05-02T18:52:16.839059-070010.0.0.15952.23.111.175ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
4
2021-05-02T18:52:19.191621-070010.0.0.15952.23.111.175ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
5
2021-05-02T18:52:22.436071-070010.0.0.15952.23.111.175ET INFO Session Traversal Utilities for NAT (STUN Binding Request)*
DNS 882
Showing 1-20 of 882 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2021-05-02T01:54:31.150522-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querymobilecrashreporting.googleapis.comAAAA(not set)
2
2021-05-02T01:54:31.240487-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querymobilecrashreporting.googleapis.comA(not set)
3
2021-05-02T02:06:35.703128-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querystats.lineageos.orgA(not set)
4
2021-05-02T02:06:35.799438-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answerstats.lineageos.orgA(not set)
5
2021-05-02T02:23:37.325324-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002queryandroid.googleapis.comA(not set)
6
2021-05-02T02:23:37.385413-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answerandroid.googleapis.comA(not set)
7
2021-05-02T02:23:38.139931-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querygeller-pa.googleapis.comAAAA(not set)
8
2021-05-02T02:23:38.185037-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answergeller-pa.googleapis.comAAAA(not set)
9
2021-05-02T02:23:40.157933-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querytelephonyspamprotect-pa.googleapis.comA(not set)
10
2021-05-02T02:23:40.205275-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answertelephonyspamprotect-pa.googleapis.comA(not set)
11
2021-05-02T02:23:38.187664-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querygeller-pa.googleapis.comA(not set)
12
2021-05-02T02:23:38.224793-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answergeller-pa.googleapis.comA(not set)
13
2021-05-02T02:23:40.100897-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002querytelephonyspamprotect-pa.googleapis.comAAAA(not set)
14
2021-05-02T02:23:40.157370-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answertelephonyspamprotect-pa.googleapis.comAAAA(not set)
15
2021-05-02T01:59:04.082919-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002query159.0.0.10.in-addr.arpaPTR(not set)
16
2021-05-02T01:59:04.122819-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answer159.0.0.10.in-addr.arpaPTR(not set)
17
2021-05-02T01:59:46.147083-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002query1.0.0.10.in-addr.arpaPTR(not set)
18
2021-05-02T01:59:46.159592-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answer1.0.0.10.in-addr.arpaPTR(not set)
19
2021-05-02T02:05:55.075383-07002601:0647:837f:28b0:70c6:b9ee:f177:66562001:0558:feed:0000:0000:0000:0000:0002query159.0.0.10.in-addr.arpaPTR(not set)
20
2021-05-02T02:05:55.104061-07002001:0558:feed:0000:0000:0000:0000:00022601:0647:837f:28b0:70c6:b9ee:f177:6656answer159.0.0.10.in-addr.arpaPTR(not set)
TLS 224
Showing 1-20 of 224 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2021-05-02T01:54:32.332963-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0804:0000:0000:0000:200fTLS 1.3mobilecrashreporting.googleapis.com
2
2021-05-02T02:06:36.021021-070010.0.0.6209.97.157.92TLS 1.3stats.lineageos.org
3
2021-05-02T02:23:38.308874-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2geller-pa.googleapis.com
4
2021-05-02T02:23:38.557504-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2geller-pa.googleapis.com
5
2021-05-02T02:23:38.633109-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2geller-pa.googleapis.com
6
2021-05-02T02:23:38.319625-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2geller-pa.googleapis.com
7
2021-05-02T02:23:38.507363-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2geller-pa.googleapis.com
8
2021-05-02T02:23:37.450112-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:080b:0000:0000:0000:200aTLS 1.3android.googleapis.com
9
2021-05-02T02:23:38.427906-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2geller-pa.googleapis.com
10
2021-05-02T02:23:40.276191-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2telephonyspamprotect-pa.googleapis.com
11
2021-05-02T02:23:40.449950-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:080b:0000:0000:0000:200aTLS 1.3growth-pa.googleapis.com
12
2021-05-02T02:39:24.285994-070010.0.0.6172.217.6.42TLS 1.3play.googleapis.com
13
2021-05-02T02:41:59.934914-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:080b:0000:0000:0000:200aTLS 1.3android.googleapis.com
14
2021-05-02T02:41:57.099241-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.2www.googleapis.com
15
2021-05-02T02:46:28.429342-070010.0.0.6216.58.194.195TLS 1.3connectivitycheck.gstatic.com
16
2021-05-02T02:41:57.951996-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.3www.googleapis.com
17
2021-05-02T02:41:58.609751-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0807:0000:0000:0000:2003TLS 1.3connectivitycheck.gstatic.com
18
2021-05-02T02:41:59.326274-070010.0.0.6216.58.194.174TLS 1.3android.clients.google.com
19
2021-05-02T02:41:59.712231-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:0809:0000:0000:0000:200aTLS 1.3play.googleapis.com
20
2021-05-02T02:42:00.696305-07002601:0647:837f:28b0:70c6:b9ee:f177:66562607:f8b0:4005:080b:0000:0000:0000:200aTLS 1.3playatoms-pa.googleapis.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 2
Showing 1-2 of 2 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2021-05-02T03:04:34.071469-070010.0.0.6gllto.glpals.com80GET/rtistatus3.dat200
2
2021-05-02T03:04:45.036936-07002601:0647:837f:28b0:70c6:b9ee:f177:6656maps.googleapis.com80GET/maps/api/elevation/xml?locations=34.945577,-120.447818&sensor=false403
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 1921
Showing 1-20 of 1,921 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2021-05-02T02:46:37.783662-070092998537268218flow2601:0647:837f:28b0:70c6:b9ee:f177:6656120112001:0558:feed:0000:0000:0000:0000:000253UDPpcapanalyzer
2
2021-05-02T02:46:37.783662-0700233892790617614flowfe80:0000:0000:0000:5eb0:66ff:fe12:e560(not set)ff02:0000:0000:0000:0000:0000:0000:0001(not set)IPv6-ICMPpcapanalyzer
3
2021-05-02T02:46:37.783662-07001363162100640615flow2601:0647:837f:28b0:70c6:b9ee:f177:6656655222001:0558:feed:0000:0000:0000:0000:000253UDPpcapanalyzer
4
2021-05-02T02:46:37.783662-07001788954419569303flow10.0.0.15953488172.217.5.99443TCPpcapanalyzer
5
2021-05-02T02:46:37.783662-07001745235947534774flow10.0.0.15953489172.217.5.99443TCPpcapanalyzer
6
2021-05-02T02:46:37.783662-07002046289532704831flow2601:0647:837f:28b0:70c6:b9ee:f177:6656344682607:f8b0:4005:0805:0000:0000:0000:2004443TCPpcapanalyzer
7
2021-05-02T02:46:37.783662-070092998537290373flow2001:0558:feed:0000:0000:0000:0000:0002532601:0647:837f:28b0:70c6:b9ee:f177:665612011UDPpcapanalyzer
8
2021-05-02T02:46:37.783662-07001363162100684673flow2001:0558:feed:0000:0000:0000:0000:0002532601:0647:837f:28b0:70c6:b9ee:f177:665665522UDPpcapanalyzer
9
2021-05-02T02:46:37.783662-0700801672437730301flow192.30.255.11644310.0.0.654854TCPpcapanalyzer
10
2021-05-02T02:46:37.783662-07001689850207925865flow10.0.0.1(not set)224.0.0.1(not set)ICMPpcapanalyzer
11
2021-05-02T02:46:37.783662-070024805201704450flow10.0.0.1593413135.207.208.21443TCPpcapanalyzer
12
2021-05-02T02:46:37.783662-07001047250082362841flow216.239.36.14544310.0.0.643604TCPpcapanalyzer
13
2021-05-02T02:46:37.783662-0700542310106167128flow10.0.0.1593413235.207.208.21443TCPpcapanalyzer
14
2021-05-02T02:46:37.783662-0700440336841152185flow2601:0647:837f:28b0:70c6:b9ee:f177:6656481942607:f8b0:4005:0808:0000:0000:0000:2003443TCPpcapanalyzer
15
2021-05-02T02:46:37.783662-07001572805941215494flow10.0.0.1594480452.188.217.24280TCPpcapanalyzer
16
2021-05-02T02:46:37.783662-0700192040527546137flow10.0.0.1594406052.188.217.242443TCPpcapanalyzer
17
2021-05-02T02:46:37.783662-0700757442908595635flow10.0.0.1594406752.188.217.242443TCPpcapanalyzer
18
2021-05-02T02:46:37.783662-07001498964715994063flow10.0.0.1594405852.188.217.242443TCPpcapanalyzer
19
2021-05-02T02:46:37.783662-07002081205515025055flow10.0.0.1594480252.188.217.24280TCPpcapanalyzer
20
2021-05-02T02:46:37.783662-0700957775215698256flow10.0.0.1594481152.188.217.24280TCPpcapanalyzer
File 2
Showing 1-2 of 2 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2021-05-02T03:04:34.071469-0700192.229.210.410.0.0.6/rtistatus3.datdata209
2
2021-05-02T03:04:45.036936-07002607:f8b0:4005:080b:0000:0000:0000:200a2601:0647:837f:28b0:70c6:b9ee:f177:6656/maps/api/elevation/xmlHTML document, ASCII text, with very long lines, with no line terminators1103

Comments(not set)

Update Download PCAP Delete