reverse_dns.pcap

MD5	c0c9092fe60d2834c5b9d21a48b3d87d
Submission Date	2018-10-21 06:23:22
Tags	(not set)

Alert 0

#		Timestamp	Src Ip	Dest Ip	Alert Signature	P
No results found.

DNS 2052

Showing 1-20 of 2,052 items.

Timestamp

Src Ip

Dest Ip

Dns Type

Resource Record Name

Resource Record Type

Resource Data

2018-03-29T07:13:16.171698-0700

46.101.212.38

8.8.8.8

query

akamaihd.net

(not set)

2018-03-29T07:13:16.179802-0700

8.8.8.8

46.101.212.38

answer

akamaihd.net

(not set)

2018-03-29T07:13:17.342772-0700

46.101.212.38

8.8.8.8

query

youtube.com

(not set)

2018-03-29T07:13:17.352646-0700

8.8.8.8

46.101.212.38

answer

youtube.com

(not set)

2018-03-29T07:13:15.493005-0700

46.101.212.38

8.8.8.8

query

facebook.com

(not set)

2018-03-29T07:13:15.493799-0700

8.8.8.8

46.101.212.38

answer

facebook.com

(not set)

2018-03-29T07:13:15.709662-0700

46.101.212.38

8.8.8.8

query

doubleclick.net

(not set)

2018-03-29T07:13:15.726251-0700

8.8.8.8

46.101.212.38

answer

doubleclick.net

(not set)

2018-03-29T07:13:15.945689-0700

46.101.212.38

8.8.8.8

query

google-analytics.com

(not set)

2018-03-29T07:13:15.956143-0700

8.8.8.8

46.101.212.38

answer

google-analytics.com

(not set)

2018-03-29T07:13:16.623254-0700

46.101.212.38

8.8.8.8

query

googleapis.com

(not set)

2018-03-29T07:13:16.652407-0700

8.8.8.8

46.101.212.38

answer

googleapis.com

(not set)

2018-03-29T07:13:17.106228-0700

46.101.212.38

8.8.8.8

query

facebook.net

(not set)

2018-03-29T07:13:17.126940-0700

8.8.8.8

46.101.212.38

answer

facebook.net

(not set)

2018-03-29T07:13:17.263408-0700

46.101.212.38

8.8.8.8

query

google.com

(not set)

2018-03-29T07:13:17.263425-0700

46.101.212.38

8.8.8.8

query

google.com

AAAA

(not set)

2018-03-29T07:13:17.264189-0700

8.8.8.8

46.101.212.38

answer

google.com

(not set)

2018-03-29T07:13:17.264219-0700

8.8.8.8

46.101.212.38

answer

google.com

AAAA

(not set)

2018-03-29T07:13:18.010086-0700

46.101.212.38

8.8.8.8

query

microsoft.com

(not set)

2018-03-29T07:13:18.010797-0700

8.8.8.8

46.101.212.38

answer

microsoft.com

(not set)

TLS 40

Showing 1-20 of 40 items.

Timestamp

Source IP

Destination IP

TLS Version

Server Name Indication

2018-03-29T07:13:18.752533-0700

46.101.212.38

185.60.216.35

TLS 1.2

facebook.com

2018-03-29T07:13:18.853435-0700

46.101.212.38

185.60.216.35

TLS 1.2

www.facebook.com

2018-03-29T07:13:19.532140-0700

46.101.212.38

64.233.167.121

TLS 1.2

www.doubleclickbygoogle.com

2018-03-29T07:13:20.433972-0700

46.101.212.38

74.125.200.106

TLS 1.2

www.google.com

2018-03-29T07:13:23.881918-0700

46.101.212.38

64.233.166.136

TLS 1.2

youtube.com

2018-03-29T07:13:29.272206-0700

46.101.212.38

23.211.9.92

TLS 1.2

www.microsoft.com

2018-03-29T07:13:27.854727-0700

46.101.212.38

104.244.42.129

TLS 1.2

twitter.com

2018-03-29T07:13:29.168603-0700

46.101.212.38

191.239.213.197

TLS 1.2

microsoft.com

2018-03-29T07:13:30.248893-0700

46.101.212.38

23.216.202.232

TLS 1.2

www.apple.com

2018-03-29T07:13:31.158172-0700

46.101.212.38

87.248.98.7

TLS 1.2

www.yahoo.com

2018-03-29T07:13:24.518162-0700

46.101.212.38

172.217.194.136

TLS 1.2

www.youtube.com

2018-03-29T07:13:35.919260-0700

46.101.212.38

2.21.160.128

TLS 1.2

www.addthis.com

2018-03-29T07:13:36.522864-0700

46.101.212.38

174.129.221.70

TLS 1.2

crashlytics.com

2018-03-29T07:13:31.292065-0700

46.101.212.38

87.248.98.8

TLS 1.2

de.yahoo.com

2018-03-29T07:13:39.285009-0700

46.101.212.38

13.107.42.11

TLS 1.2

outlook.live.com

2018-03-29T07:13:33.208607-0700

46.101.212.38

104.130.254.187

TLS 1.2

rubiconproject.com

2018-03-29T07:13:34.661825-0700

46.101.212.38

72.13.63.55

TLS 1.2

www.verisign.com

2018-03-29T07:13:32.312267-0700

46.101.212.38

23.8.3.14

TLS 1.2

www.oracle.com

2018-03-29T07:13:37.705965-0700

46.101.212.38

54.239.26.209

TLS 1.2

aws.amazon.com

2018-03-29T07:13:40.065787-0700

46.101.212.38

172.217.194.99

TLS 1.2

www.google.com

TFTP 0

#	Timestamp	Src Ip	Dest Ip	Tftp Packet	Tftp File	Tftp Mode
No results found.

HTTP 84

Showing 1-20 of 84 items.

Timestamp

Source

Hostname

Port

Method

URL

Status

2018-03-29T07:13:17.855356-0700

46.101.212.38

google.com

GET

302

2018-03-29T07:13:18.746757-0700

46.101.212.38

facebook.com

GET

301

2018-03-29T07:13:18.544192-0700

46.101.212.38

www.google.de

GET

/?gfe_rd=cr&dcr=0&ei=ffS8WrWjK4PAuATz-rrgBg

200

2018-03-29T07:13:19.497611-0700

46.101.212.38

doubleclick.net

GET

301

2018-03-29T07:13:19.817038-0700

46.101.212.38

google-analytics.com

GET

301

2018-03-29T07:13:23.585051-0700

46.101.212.38

googleadservices.com

GET

404

2018-03-29T07:13:23.306971-0700

46.101.212.38

www.google.de

GET

/?gfe_rd=cr&dcr=0&ei=gvS8WoWHHcSAogOs_LmYCg

200

2018-03-29T07:13:23.450465-0700

46.101.212.38

googleapis.com

GET

404

2018-03-29T07:13:23.858677-0700

46.101.212.38

youtube.com

GET

301

2018-03-29T07:13:22.026216-0700

46.101.212.38

googlesyndication.com

GET

302

2018-03-29T07:13:29.082185-0700

46.101.212.38

microsoft.com

GET

301

2018-03-29T07:13:27.847758-0700

46.101.212.38

twitter.com

GET

301

2018-03-29T07:13:22.623766-0700

46.101.212.38

www.google.com

GET

302

2018-03-29T07:13:31.094937-0700

46.101.212.38

yahoo.com

GET

301

2018-03-29T07:13:35.892949-0700

46.101.212.38

addthis.com

GET

301

2018-03-29T07:13:28.618567-0700

46.101.212.38

scorecardresearch.com

GET

302

2018-03-29T07:13:37.315497-0700

46.101.212.38

amazonaws.com

GET

301

2018-03-29T07:13:32.176292-0700

46.101.212.38

bluekai.com

GET

301

2018-03-29T07:13:32.306232-0700

46.101.212.38

www.oracle.com

GET

/us/corporate/acquisitions/bluekai/index.html

301

2018-03-29T07:13:37.502372-0700

46.101.212.38

aws.amazon.com

GET

301

SMB 0

#		Timestamp	Src Ip	Dest Ip	SMB Dialect	Command	Session	Tree
No results found.

SMTP 0

#		Timestamp	Source	Destination	Email From	Email To	Subject
No results found.

Flow 1016

Showing 1-20 of 1,016 items.

Timestamp

Flow Id

Event Type

Source

Source Port

Destination

Destination Port

Protocol

Host

2018-03-29T07:14:47.951887-0700

1407666749714640

flow

46.101.212.38

53837

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

563662725121611

flow

46.101.212.38

58945

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1126664223650936

flow

46.101.212.38

57838

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

777201284722

flow

46.101.212.38

52783

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1126737237178626

flow

46.101.212.38

37092

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

283016677809906

flow

46.101.212.38

52176

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1972205843366957

flow

46.101.212.38

35603

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

706483274885411

flow

46.101.212.38

52436

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1129146708987939

flow

46.101.212.38

52640

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1410733358051231

flow

46.101.212.38

35567

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1129309918770151

flow

46.101.212.38

39669

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1129455948749083

flow

46.101.212.38

50109

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1692521866437899

flow

46.101.212.38

53272

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1552707795848517

flow

46.101.212.38

40603

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

708368762948709

flow

46.101.212.38

55716

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

1552999857015056

flow

46.101.212.38

39455

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

568082251897018

flow

46.101.212.38

35487

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

849771971356518

flow

46.101.212.38

41944

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

2117397211807066

flow

46.101.212.38

37597

8.8.8.8

UDP

pcapanalyzer

2018-03-29T07:14:47.951887-0700

570045049496769

flow

46.101.212.38

57135

8.8.8.8

UDP

pcapanalyzer

File 40

Showing 1-20 of 40 items.

Timestamp

Source

Destination

File Name

File Magic

File Size

2018-03-29T07:13:17.855356-0700

74.125.200.138

46.101.212.38

HTML document, ASCII text, with CRLF, LF line terminators

268

2018-03-29T07:13:18.544192-0700

74.125.200.94

46.101.212.38

HTML document, ASCII text, with very long lines, with no line terminators

10510

2018-03-29T07:13:19.497611-0700

64.233.166.113

46.101.212.38

HTML document, ASCII text, with CRLF, LF line terminators

233

2018-03-29T07:13:19.817038-0700

74.125.206.99

46.101.212.38

HTML document, ASCII text, with CRLF, LF line terminators

230

2018-03-29T07:13:23.306971-0700

74.125.200.94

46.101.212.38

HTML document, ASCII text, with very long lines, with no line terminators

10495

2018-03-29T07:13:23.585051-0700

173.194.76.155

46.101.212.38

HTML document, UTF-8 Unicode text, with very long lines

1561

2018-03-29T07:13:23.450465-0700

74.125.206.99

46.101.212.38

HTML document, UTF-8 Unicode text, with very long lines

1561

2018-03-29T07:13:22.026216-0700

74.125.206.147

46.101.212.38

HTML document, ASCII text, with CRLF, LF line terminators

219

2018-03-29T07:13:29.082185-0700

191.239.213.197

46.101.212.38

HTML document, ASCII text

145

2018-03-29T07:13:22.623766-0700

74.125.68.103

46.101.212.38

HTML document, ASCII text, with CRLF, LF line terminators

268

2018-03-29T07:13:31.094937-0700

72.30.35.9

46.101.212.38

ASCII text, with no line terminators

2018-03-29T07:13:32.306232-0700

23.8.3.14

46.101.212.38

/us/corporate/acquisitions/bluekai/index.html

HTML document, ASCII text, with CRLF, LF line terminators

1313

2018-03-29T07:13:37.315497-0700

72.21.210.29

46.101.212.38

HTML document, ASCII text

229

2018-03-29T07:13:28.618567-0700

165.193.78.252

46.101.212.38

HTML document, ASCII text, with CRLF line terminators

159

2018-03-29T07:13:37.502372-0700

54.239.26.209

46.101.212.38

HTML document, ASCII text

231

2018-03-29T07:13:28.920502-0700

165.193.78.252

46.101.212.38

/home.aspx

HTML document, ASCII text, with very long lines, with CRLF line terminators

19787

2018-03-29T07:13:36.342829-0700

174.129.221.70

46.101.212.38

HTML document, ASCII text, with CRLF line terminators

178

2018-03-29T07:13:37.012164-0700

107.22.174.231

46.101.212.38

HTML document, ASCII text

28050

2018-03-29T07:13:39.034838-0700

64.94.107.38

46.101.212.38

HTML document, ASCII text

295

2018-03-29T07:13:39.448755-0700

64.233.166.97

46.101.212.38

HTML document, ASCII text, with CRLF, LF line terminators

231

Comments	(not set)

Update Download PCAP Delete