capture-16.pcap

MD5ae36a1a3dc6c5f9d843892164af951a3
Submission Date2018-10-03 07:02:52
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 149
Showing 1-20 of 149 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2018-10-03T05:55:49.247765-070092.208.144.158176.95.16.194querylh3.googleusercontent.comA(not set)
2
2018-10-03T05:55:49.273324-0700176.95.16.19492.208.144.158answerlh3.googleusercontent.comA(not set)
3
2018-10-03T05:55:49.854891-070092.208.144.158176.95.16.194querylh4.googleusercontent.comAAAA(not set)
4
2018-10-03T05:55:49.882269-0700176.95.16.19492.208.144.158answerlh4.googleusercontent.comAAAA(not set)
5
2018-10-03T05:55:49.893661-070092.208.144.158176.95.16.194querylh4.googleusercontent.comA(not set)
6
2018-10-03T05:55:49.925400-0700176.95.16.19492.208.144.158answerlh4.googleusercontent.comA(not set)
7
2018-10-03T05:55:50.024155-070092.208.144.158176.95.16.194querylh6.googleusercontent.comAAAA(not set)
8
2018-10-03T05:55:50.049846-0700176.95.16.19492.208.144.158answerlh6.googleusercontent.comAAAA(not set)
9
2018-10-03T05:55:50.061389-070092.208.144.158176.95.16.194querylh6.googleusercontent.comA(not set)
10
2018-10-03T05:55:50.088727-0700176.95.16.19492.208.144.158answerlh6.googleusercontent.comA(not set)
11
2018-10-03T05:55:58.042023-070092.208.144.158176.95.16.194querylh6.ggpht.comAAAA(not set)
12
2018-10-03T05:55:58.068789-0700176.95.16.19492.208.144.158answerlh6.ggpht.comAAAA(not set)
13
2018-10-03T05:55:58.096701-070092.208.144.158176.95.16.194querylh5.ggpht.comA(not set)
14
2018-10-03T05:55:58.121996-0700176.95.16.19492.208.144.158answerlh5.ggpht.comA(not set)
15
2018-10-03T05:55:58.051961-070092.208.144.158176.95.16.194querylh5.ggpht.comAAAA(not set)
16
2018-10-03T05:55:58.077059-0700176.95.16.19492.208.144.158answerlh5.ggpht.comAAAA(not set)
17
2018-10-03T05:55:58.087963-070092.208.144.158176.95.16.194querylh6.ggpht.comA(not set)
18
2018-10-03T05:55:58.113616-0700176.95.16.19492.208.144.158answerlh6.ggpht.comA(not set)
19
2018-10-03T05:56:00.344506-070092.208.144.158176.95.16.194querywww.busplaner.deAAAA(not set)
20
2018-10-03T05:56:00.349799-070092.208.144.158176.95.16.194querysetting.rayjump.comAAAA(not set)
TLS 36
Showing 1-20 of 36 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2018-10-03T05:55:49.378959-070092.208.144.158172.217.21.33TLS 1.2lh3.googleusercontent.com
2
2018-10-03T05:55:49.379039-070092.208.144.158172.217.21.33TLS 1.2lh3.googleusercontent.com
3
2018-10-03T05:55:49.389314-070092.208.144.158172.217.21.33TLS 1.2lh3.googleusercontent.com
4
2018-10-03T05:55:49.388653-070092.208.144.158172.217.21.33TLS 1.2lh3.googleusercontent.com
5
2018-10-03T05:55:58.509024-070092.208.144.158216.58.207.129TLS 1.2lh5.ggpht.com
6
2018-10-03T05:55:58.510741-070092.208.144.158216.58.207.129TLS 1.2lh5.ggpht.com
7
2018-10-03T05:56:00.485966-070092.208.144.15852.48.245.197TLS 1.2unconf.adkmob.com
8
2018-10-03T05:56:00.893484-070092.208.144.15892.123.42.12TLS 1.2a.applovin.com
9
2018-10-03T05:55:59.702945-070092.208.144.158157.240.20.15TLS 1.2graph.facebook.com
10
2018-10-03T05:56:01.442506-070092.208.144.15864.233.184.120TLS 1.2csi.gstatic.com
11
2018-10-03T05:56:01.635671-070092.208.144.15892.123.42.12TLS 1.2d.applovin.com
12
2018-10-03T05:56:01.659930-070092.208.144.15892.123.42.12TLS 1.2rt.applovin.com
13
2018-10-03T05:56:26.651912-070092.208.144.158172.217.17.234TLS 1.2play.googleapis.com
14
2018-10-03T05:56:27.175837-070092.208.144.158173.194.151.124TLS 1.2r6---sn-4g5edn7y.gvt1.com
15
2018-10-03T05:56:27.177260-070092.208.144.158173.194.151.124TLS 1.2r6---sn-4g5edn7y.gvt1.com
16
2018-10-03T05:56:26.713857-070092.208.144.158172.217.17.234TLS 1.2play.googleapis.com
17
2018-10-03T05:56:27.178504-070092.208.144.158173.194.151.124TLS 1.2r6---sn-4g5edn7y.gvt1.com
18
2018-10-03T05:56:26.740137-070092.208.144.158172.217.17.234TLS 1.2play.googleapis.com
19
2018-10-03T05:56:27.127611-070092.208.144.158172.217.17.234TLS 1.2play.googleapis.com
20
2018-10-03T05:56:27.242067-070092.208.144.158173.194.151.124TLS 1.2r6---sn-4g5edn7y.gvt1.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 10
Showing 1-10 of 10 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2018-10-03T05:56:00.546923-070092.208.144.158setting.rayjump.com80GET/appwall/setting?app_id=25163&sign=811e8d229f4e4b544e9a262cb14110fa&channel=&platform=1&os_version=7.1.1&package_name=com.cleanmaster.mguard&app_version_name=6.13.5&app_version_code=61356598&orientation=1&model=SM-J510FN&brand=samsung&gaid=f80322b6-98ec-4743-9d30-a53b29d53547&mnc=&mcc=&network_type=1&network_str=&language=de&timezone=&useragent=Mozilla%2F5.0%20%28Linux%3B%20Android%207.1.1%3B%20SM-J510FN%20Build%2FNMF26X%29%20AppleWebKit%2F535.19%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F18.0.1025.133%20Mobile%20Safari%2F535.19&sdk_version=MAL_8.11.1&gp_version=11.8.09-all%20%5B0%5D%20%5BPR%5D%20213536367&screen_size=720x1280&is_clever=2&dvi=4BzULkN0G0RMRgT%3D200
2
2018-10-03T05:56:01.134793-070092.208.144.158cfg.cml.ksmobile.com80POST/post200
3
2018-10-03T05:56:26.178012-070092.208.144.158push.api.snappea.com80GET/v3/list?status=0&did=fa45f9149c7742e7a89605face5058ac0da39aa1&version=4.49.0.4492910&network=wifi200
4
2018-10-03T05:56:01.800311-070092.208.144.158analytics.rayjump.com80POST/200
5
2018-10-03T05:56:28.072689-070092.208.144.158client.midosoo.com80POST/sat/st200
6
2018-10-03T05:56:27.166278-070092.208.144.158na.hasmobi.net80POST/v4/api?serviceid=1200
7
2018-10-03T05:56:27.987699-070092.208.144.158net.cleverjp.com80POST/clever/setting200
8
2018-10-03T05:56:28.039045-070092.208.144.158app.adywind.com80POST/sat/st200
9
2018-10-03T05:56:28.591504-070092.208.144.158ad.adapter.kaffnet.com80POST/v4/m2.php204
10
2018-10-03T05:56:32.982938-070092.208.144.158api.ad.snappea.com80GET/v1/protect/search?avr=5.0&advertisingID=2af3a7ed-190c-4680-9287-b2f4490337f1&title=Physikalische%20Simulation%20Zerst%C3%B6rung%20von%20Geb%C3%A4uden&imei=358588058507544&androidID=c18414be4713b603&event=CONTENT_GP&imsi=26203&u=9ea1dadd7a584ccf8d38f9099b68a94c419bca01&v=4.44.0.4443710&ch=tube_homepage&networkCountryIso=DE&region=DE&locale=de_DE&lang=de&pn=com.snaptube.premium&f=phoenix2&net=WIFI&random_id=42&vc=4443710200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 255
Showing 1-20 of 255 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2018-10-03T05:56:51.392845-070069693299067632flow92.208.144.15848766216.58.214.46443TCPpcapanalyzer
2
2018-10-03T05:57:32.796494-07001025834623643548flow81.28.228.738092.208.144.15864534TCPpcapanalyzer
3
2018-10-03T05:57:32.796494-07001199527396106226flow92.208.144.1585561417.252.92.785223TCPpcapanalyzer
4
2018-10-03T05:57:32.796494-0700403871819752570flow81.28.228.7344392.208.144.15864535TCPpcapanalyzer
5
2018-10-03T05:57:32.796494-07001184314624285688flow92.208.144.15810973176.95.16.19453UDPpcapanalyzer
6
2018-10-03T05:57:32.796494-07001763508141554917flow81.28.228.7344392.208.144.15864536TCPpcapanalyzer
7
2018-10-03T05:57:32.796494-0700591905488764430flow92.123.40.10744392.208.144.15864530TCPpcapanalyzer
8
2018-10-03T05:57:32.796494-07002082568377029410flow92.208.144.15864533192.168.0.180TCPpcapanalyzer
9
2018-10-03T05:57:32.796494-07002072681362556162flow92.208.144.15853826161.117.71.636868TCPpcapanalyzer
10
2018-10-03T05:57:32.796494-07001837961403492981flow176.95.16.1945392.208.144.15845017UDPpcapanalyzer
11
2018-10-03T05:57:32.796494-07002122859469107785flow92.208.144.15810934176.95.16.19453UDPpcapanalyzer
12
2018-10-03T05:57:32.796494-07001157926346646296flow176.95.16.1945392.208.144.1583976UDPpcapanalyzer
13
2018-10-03T05:57:32.796494-0700181761880910994flow92.208.144.15855622185.60.216.545222TCPpcapanalyzer
14
2018-10-03T05:57:32.796494-07002154324399511309flow92.208.144.15842661176.95.16.19453UDPpcapanalyzer
15
2018-10-03T05:57:32.796494-07001747891644354151flow176.95.16.1945392.208.144.15818145UDPpcapanalyzer
16
2018-10-03T05:57:32.796494-0700504867979247487flow176.95.16.1945392.208.144.15817821UDPpcapanalyzer
17
2018-10-03T05:57:32.796494-0700536680802036483flow92.208.144.15862979176.95.16.19453UDPpcapanalyzer
18
2018-10-03T05:57:32.796494-07002227149864946422flow92.208.144.15826812176.95.16.19453UDPpcapanalyzer
19
2018-10-03T05:57:32.796494-07002101857079061587flow92.208.144.15824165176.95.16.19453UDPpcapanalyzer
20
2018-10-03T05:57:32.796494-0700272982695001902flow92.208.144.15851815176.95.16.19453UDPpcapanalyzer
File 15
Showing 1-15 of 15 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2018-10-03T05:56:00.546923-070035.157.142.10392.208.144.158/appwall/settingASCII text, with very long lines, with no line terminators6153
2
2018-10-03T05:56:01.134793-070052.73.207.4192.208.144.158/postASCII text, with no line terminators33
3
2018-10-03T05:56:01.708996-070092.208.144.15818.196.209.207/ASCII text, with very long lines, with no line terminators715
4
2018-10-03T05:56:01.800311-070018.196.209.20792.208.144.158/ASCII text2
5
2018-10-03T05:56:26.178012-070034.192.125.22992.208.144.158/v3/listASCII text3
6
2018-10-03T05:56:28.057549-070092.208.144.15818.185.208.24/sat/stASCII text, with very long lines, with no line terminators2920
7
2018-10-03T05:56:27.152257-070092.208.144.15852.56.195.35/v4/apiASCII text, with very long lines, with no line terminators3642
8
2018-10-03T05:56:28.072689-070018.185.208.2492.208.144.158/sat/stASCII text, with no line terminators68
9
2018-10-03T05:56:27.166278-070052.56.195.3592.208.144.158/v4/apiUTF-8 Unicode text, with NEL line terminators335
10
2018-10-03T05:56:27.964723-070092.208.144.15818.185.223.77/clever/settingASCII text, with very long lines, with no line terminators3110
11
2018-10-03T05:56:27.987699-070018.185.223.7792.208.144.158/clever/settingASCII text, with no line terminators68
12
2018-10-03T05:56:28.016886-070092.208.144.15835.156.94.232/sat/stASCII text, with very long lines, with no line terminators2910
13
2018-10-03T05:56:28.039045-070035.156.94.23292.208.144.158/sat/stASCII text, with no line terminators68
14
2018-10-03T05:56:28.584602-070092.208.144.15818.136.138.235/v4/m2.phpASCII text, with CRLF line terminators1492
15
2018-10-03T05:56:32.982938-070034.193.16.1492.208.144.158/v1/protect/searchASCII text, with no line terminators30

Comments(not set)

Update Download PCAP Delete