capture-21.pcap

MD5ac18f863ecf017e4747011421da387e8
Submission Date2018-10-05 20:59:08
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 38
Showing 1-20 of 38 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2018-10-05T20:57:25.915669-070092.208.144.158176.95.16.251queryimpression-europe.liftoff.ioA(not set)
2
2018-10-05T20:57:25.942483-0700176.95.16.25192.208.144.158answerimpression-europe.liftoff.ioA(not set)
3
2018-10-05T20:57:35.957172-070092.208.144.158176.95.16.251queryaccounts.google.comAAAA(not set)
4
2018-10-05T20:57:35.984391-0700176.95.16.25192.208.144.158answeraccounts.google.comAAAA(not set)
5
2018-10-05T20:57:37.027832-070092.208.144.158176.95.16.251querywww.google.comAAAA(not set)
6
2018-10-05T20:57:37.053086-0700176.95.16.25192.208.144.158answerwww.google.comAAAA(not set)
7
2018-10-05T20:57:43.493350-070092.208.144.158176.95.16.251queryplay.googleapis.comAAAA(not set)
8
2018-10-05T20:57:37.683392-070092.208.144.158176.95.16.251queryplay.google.comAAAA(not set)
9
2018-10-05T20:57:37.708343-0700176.95.16.25192.208.144.158answerplay.google.comAAAA(not set)
10
2018-10-05T20:57:43.518403-0700176.95.16.25192.208.144.158answerplay.googleapis.comAAAA(not set)
11
2018-10-05T20:57:48.760981-070092.208.144.158176.95.16.251querylog.adywind.comAAAA(not set)
12
2018-10-05T20:57:48.787805-0700176.95.16.25192.208.144.158answerlog.adywind.comAAAA(not set)
13
2018-10-05T20:57:49.832775-070092.208.144.158176.95.16.251querywww.google.comA(not set)
14
2018-10-05T20:57:48.798613-070092.208.144.158176.95.16.251querylog.adywind.comA(not set)
15
2018-10-05T20:57:49.859799-0700176.95.16.25192.208.144.158answerwww.google.comA(not set)
16
2018-10-05T20:57:48.823778-0700176.95.16.25192.208.144.158answerlog.adywind.comA(not set)
17
2018-10-05T20:57:57.344550-070092.208.144.158176.95.16.251querycfg.cml.ksmobile.comAAAA(not set)
18
2018-10-05T20:57:57.370347-0700176.95.16.25192.208.144.158answercfg.cml.ksmobile.comAAAA(not set)
19
2018-10-05T20:57:35.994705-070092.208.144.158176.95.16.251queryaccounts.google.comA(not set)
20
2018-10-05T20:57:36.021133-0700176.95.16.25192.208.144.158answeraccounts.google.comA(not set)
TLS 9
Showing 1-9 of 9 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2018-10-05T20:57:26.049392-070092.208.144.15852.59.7.99TLS 1.2impression-europe.liftoff.io
2
2018-10-05T20:57:37.205956-070092.208.144.158216.58.213.228TLS 1.2www.google.com
3
2018-10-05T20:57:37.512872-070092.208.144.158216.58.213.228TLS 1.2www.google.com
4
2018-10-05T20:57:26.267899-070092.208.144.15852.59.7.99TLS 1.2impression-europe.liftoff.io
5
2018-10-05T20:57:36.148744-070092.208.144.158172.217.21.13TLS 1.2accounts.google.com
6
2018-10-05T20:57:36.605541-070092.208.144.158172.217.21.13TLS 1.2accounts.google.com
7
2018-10-05T20:57:38.134998-070092.208.144.158172.217.21.110TLS 1.2play.google.com
8
2018-10-05T20:57:37.851892-070092.208.144.158172.217.21.110TLS 1.2play.google.com
9
2018-10-05T20:57:43.710658-070092.208.144.158172.217.17.234TLS 1.2play.googleapis.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 2
Showing 1-2 of 2 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2018-10-05T20:57:57.682869-070092.208.144.158cfg.cml.ksmobile.com80POST/post200
2
2018-10-05T20:57:49.103168-070092.208.144.158log.adywind.com80POST/200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 60
Showing 1-20 of 60 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2018-10-05T20:57:58.154447-0700710407769331211flow92.208.144.1584211992.123.42.12443TCPpcapanalyzer
2
2018-10-05T20:57:58.154447-07001558182775428982flow5.188.206.6808092.208.144.15814346TCPpcapanalyzer
3
2018-10-05T20:57:58.154447-07001701488652101867flow92.208.144.15835770172.217.21.110443TCPpcapanalyzer
4
2018-10-05T20:57:58.154447-07001846370783066325flow92.208.144.15863046176.95.16.25153UDPpcapanalyzer
5
2018-10-05T20:57:58.154447-070018187890236565flow92.208.144.15817869176.95.16.25153UDPpcapanalyzer
6
2018-10-05T20:57:58.154447-07001989028122553728flow92.208.144.15813763176.95.16.25153UDPpcapanalyzer
7
2018-10-05T20:57:58.154447-07001567848598012850flow172.217.21.1044392.208.144.15836004TCPpcapanalyzer
8
2018-10-05T20:57:58.154447-07001145711294354230flow92.208.144.15838367176.95.16.25153UDPpcapanalyzer
9
2018-10-05T20:57:58.154447-07001429280068587090flow92.208.144.15843557176.95.16.25153UDPpcapanalyzer
10
2018-10-05T20:57:58.154447-07001147826565366449flow92.208.144.15859901216.58.213.228443TCPpcapanalyzer
11
2018-10-05T20:57:58.154447-07001996692492822512flow172.217.21.4044392.208.144.15846142TCPpcapanalyzer
12
2018-10-05T20:57:58.154447-07001018232370313064flow92.208.144.158(not set)52.222.167.23(not set)ICMPpcapanalyzer
13
2018-10-05T20:57:58.154447-07001586849532476806flow92.208.144.15818723176.95.16.25153UDPpcapanalyzer
14
2018-10-05T20:57:58.154447-07001446472822142215flow92.208.144.15817527176.95.16.25153UDPpcapanalyzer
15
2018-10-05T20:57:58.154447-0700746296517867362flow92.208.144.15827736176.95.16.25153UDPpcapanalyzer
16
2018-10-05T20:57:58.154447-07001597327105963409flow92.208.144.1583638154.194.105.234443TCPpcapanalyzer
17
2018-10-05T20:57:58.154447-07001457671948568830flow92.208.144.15832824216.58.213.228443TCPpcapanalyzer
18
2018-10-05T20:57:58.154447-070050992850420292flow5.188.86.364039092.208.144.15815268TCPpcapanalyzer
19
2018-10-05T20:57:58.154447-0700896160809184440flow92.208.144.1589485176.95.16.25153UDPpcapanalyzer
20
2018-10-05T20:57:58.154447-07002023632674853908flow92.208.144.1587751176.95.16.25153UDPpcapanalyzer
File 3
Showing 1-3 of 3 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2018-10-05T20:57:49.095354-070092.208.144.15823.22.25.245/ASCII text, with very long lines, with no line terminators827
2
2018-10-05T20:57:57.682869-070052.72.232.21592.208.144.158/postASCII text, with no line terminators33
3
2018-10-05T20:57:49.103168-070023.22.25.24592.208.144.158/ASCII text2

Comments(not set)

Update Download PCAP Delete