2019_08_20_141729.pcap

MD57d31be2589a92af8c589aa17a85e4f17
Submission Date2019-08-23 03:28:16
Tags(not set)
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-20T14:18:29.500417-070010.8.0.113.33.25.12ET INFO HTTP Request to a *.top domain*
2
2019-08-20T14:20:12.191822-070010.8.0.147.254.204.168ET INFO HTTP Request to a *.top domain*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 112
Showing 1-20 of 112 items.
#
TimestampSource IPDestination IPTLS VersionIssuer
1
2019-08-20T14:17:36.031270-070010.8.0.174.125.197.188TLS 1.2(not set)
2
2019-08-20T14:17:59.931229-070010.8.0.1172.217.5.65TLS 1.3(not set)
3
2019-08-20T14:17:59.932275-070010.8.0.1172.217.5.65TLS 1.3(not set)
4
2019-08-20T14:17:59.999791-070010.8.0.1172.217.5.65UNDETERMINED(not set)
5
2019-08-20T14:17:29.677300-070010.8.0.1205.251.243.55TLS 1.2C=US, O=DigiCert Inc, CN=DigiCert Global CA G2
6
2019-08-20T14:17:35.560624-070010.8.0.1172.217.11.163TLS 1.3(not set)
7
2019-08-20T14:18:10.428319-070010.8.0.1216.58.217.195TLS 1.2(not set)
8
2019-08-20T14:18:18.711568-070010.8.0.131.13.70.1TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
9
2019-08-20T14:18:18.826487-070010.8.0.1174.129.230.233TLS 1.2C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
10
2019-08-20T14:18:18.774713-070010.8.0.131.13.70.1TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
11
2019-08-20T14:18:23.495816-070010.8.0.131.13.70.34TLS 1.2C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
12
2019-08-20T14:18:19.827284-070010.8.0.131.13.70.1TLS 1.3 draft-26-fb(not set)
13
2019-08-20T14:18:19.827310-070010.8.0.131.13.70.36TLS 1.3 draft-26-fb(not set)
14
2019-08-20T14:18:20.186561-070010.8.0.131.13.70.36TLS 1.3 draft-26-fb(not set)
15
2019-08-20T14:18:23.805953-070010.8.0.154.70.184.92TLS 1.2C=CN, O=WoTrus CA Limited, CN=WoTrus DV SSL CA
16
2019-08-20T14:18:22.082884-070010.8.0.1104.25.68.113TLS 1.2C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Domain Validation Secure Server CA 2
17
2019-08-20T14:18:19.230952-070010.8.0.1172.217.11.174TLS 1.2C=US, O=Google Trust Services, CN=Google Internet Authority G3
18
2019-08-20T14:18:26.536972-070010.8.0.1172.217.5.206TLS 1.2(not set)
19
2019-08-20T14:18:26.813940-070010.8.0.154.70.184.92TLS 1.2C=CN, O=WoTrus CA Limited, CN=WoTrus DV SSL CA
20
2019-08-20T14:18:26.874583-070010.8.0.154.70.184.92TLS 1.2C=CN, O=WoTrus CA Limited, CN=WoTrus DV SSL CA
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 22
Showing 1-20 of 22 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-20T14:18:26.458235-070010.8.0.1192.168.0.11990GET/WFADevice.xml200
2
2019-08-20T14:18:26.458877-070010.8.0.1192.168.0.51831GET/200
3
2019-08-20T14:18:26.534425-070010.8.0.1192.168.0.2460000GET/upnp/dev/3e5ed8be-9cab-2902-0000-000064a837ea/desc200
4
2019-08-20T14:18:26.456880-070010.8.0.1192.168.0.51269GET/200
5
2019-08-20T14:18:26.457634-070010.8.0.1192.168.0.51235GET/200
6
2019-08-20T14:18:26.614996-070010.8.0.1192.168.0.15431POST/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1200
7
2019-08-20T14:18:28.874559-070010.8.0.1192.168.0.15431POST/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1200
8
2019-08-20T14:18:29.832036-070010.8.0.1192.168.0.15431POST/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1200
9
2019-08-20T14:18:29.500417-070010.8.0.1game.happygame.top80GET/app/g064/game.html304
10
2019-08-20T14:20:12.191822-070010.8.0.1baidu.clickurl.top80GET/click/?adgroup_id=3463654&user_id=699999&timeflag=201908202120&mid=2157&android_id={android_id}&bundle={bundle}&tid=RSB_328A79B9EBBD4E7A917FBB2225AE1067FAAAB196E6FE4B3E6EDC2775856304C28B0634DA6563EA767D6227B5E34DE576F2B33A248203A151365B120BC3A6D3ED63FFA92D80D82AA7_MOBILEPARTNER&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&pub_id=208818302
11
2019-08-20T14:20:12.191861-070010.8.0.1baidu.clickurl.top80GET/click/?adgroup_id=3198436&user_id=699999&timeflag=201908201840&mid=2157&android_id={android_id}&bundle={bundle}&tid=RSB_328A79B9EBBD4E7A917FBB2225AE1067FAAAB196E6FE4B3E6EDC2775856304C23A72A6FD9B412908603E824BBC5293CC96865A326510A3D517B6FEE3A4BCE4E25675DB10A5FF802B_MOBILEPARTNER&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&pub_id=208818302
12
2019-08-20T14:20:12.687751-070010.8.0.1novabeyond.offerstrack.net80GET/index.php?offer_id=28948&aff_id=162&source_id=2157_23703214&aff_sub1=20190820212012_6b0c6d70ad6ce4c2b91f5475d7a90f077915911_v2&google_aid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&ios_idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&aff_sub5=302
13
2019-08-20T14:20:12.752297-070010.8.0.1novabeyond.offerstrack.net80GET/index.php?offer_id=17722&aff_id=162&source_id=2157_23703214&aff_sub1=20190820212012_825bc90301f5e8de49724cabbe241df32662195_v2&google_aid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&ios_idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&aff_sub5=302
14
2019-08-20T14:20:13.426350-070010.8.0.1click.metalex.io80GET/click?action=ck&mod=server&app_id=139&offer_id=7115297&aff_sub=AWBuHeNLQySYDifY7bymMUUSkiqQDH5DlOKwM5C9rPAvuo&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&android=&idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&channel=26_2157_23703214302
15
2019-08-20T14:20:08.044779-070010.8.0.1images-public.flurv.com80GET/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpg200
16
2019-08-20T14:20:08.180305-070010.8.0.1images-public.flurv.com80GET/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpg200
17
2019-08-20T14:20:12.188381-070010.8.0.1baidu.clickurl.top80GET/click/?adgroup_id=3198501&user_id=699999&timeflag=201908201840&mid=2157&android_id={android_id}&bundle={bundle}&tid=RSB_328A79B9EBBD4E7A917FBB2225AE1067FAAAB196E6FE4B3E6EDC2775856304C257A768D8220C4CEFD8B1BA6061AB187518AC2C28B1E455C69F0C1ED341332CCE1C9618B9E8D45F2B_MOBILEPARTNER&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&pub_id=208818302
18
2019-08-20T14:20:08.325500-070010.8.0.1images-public.flurv.com80GET/84580ab5e74746f8851ef2036633c96b_20151001_bg.jpg200
19
2019-08-20T14:20:12.744922-070010.8.0.1click.amgepic.com80GET/index.php?m=advert&p=click&app_id=26&offer_id=2113312&aff_sub=20190820212012_a3ab9ef60f4eb7171a566f4ce4d323ba2072110_v2&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&android={android_id}&idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&channel=2157_23703214302
20
2019-08-20T14:22:58.708330-070010.8.0.1192.168.0.15431GET/dyndev/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0000200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 162
Showing 1-20 of 162 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-20T14:18:22.082130-07001959795247086320flow10.8.0.154638172.217.11.78443UDPpcapanalyzer
2
2019-08-20T14:19:12.094845-070062109046074735flow10.8.0.138660192.3.31.11625401UDPpcapanalyzer
3
2019-08-20T14:22:58.708330-07002111759795588935flow10.8.0.152320198.154.111.218443TCPpcapanalyzer
4
2019-08-20T14:22:58.708330-0700931543580456flow192.168.0.5951550198.154.111.218443TCPpcapanalyzer
5
2019-08-20T14:22:58.708330-07001409601350094205flow10.8.0.14361151.75.147.145443TCPpcapanalyzer
6
2019-08-20T14:22:58.708330-07001832116605117566flow10.8.0.136375172.217.11.163443TCPpcapanalyzer
7
2019-08-20T14:22:58.708330-0700847933456607610flow10.8.0.14121231.13.70.1443TCPpcapanalyzer
8
2019-08-20T14:22:58.708330-07002115019664028974flow10.8.0.14832851.75.147.153443TCPpcapanalyzer
9
2019-08-20T14:22:58.708330-07001692933896744676flow10.8.0.14096231.13.70.1443TCPpcapanalyzer
10
2019-08-20T14:22:58.708330-07001270878199485117flow10.8.0.15421754.70.184.92443TCPpcapanalyzer
11
2019-08-20T14:22:58.708330-07001555336039479933flow10.8.0.152953172.217.11.67443UDPpcapanalyzer
12
2019-08-20T14:22:58.708330-07002119608833916745flow10.8.0.15532531.13.70.36443TCPpcapanalyzer
13
2019-08-20T14:22:58.708330-0700853390205075471flow10.8.0.14772323.21.211.229443TCPpcapanalyzer
14
2019-08-20T14:22:58.708330-07001838745904579139flow10.8.0.14121331.13.70.1443TCPpcapanalyzer
15
2019-08-20T14:22:58.708330-0700150286871802293flow10.8.0.14098531.13.70.1443TCPpcapanalyzer
16
2019-08-20T14:22:58.708330-07001839478182284259flow10.8.0.144704239.255.255.2501900UDPpcapanalyzer
17
2019-08-20T14:22:58.708330-0700432605810192520flow10.8.0.15423054.70.184.92443TCPpcapanalyzer
18
2019-08-20T14:22:58.708330-0700855791085218266flow10.8.0.133056104.25.68.113443TCPpcapanalyzer
19
2019-08-20T14:22:58.708330-0700575269598472252flow192.168.0.593743552.76.223.2280TCPpcapanalyzer
20
2019-08-20T14:22:58.708330-07001843176155057769flow10.8.0.14776535.244.205.3443TCPpcapanalyzer
File 15
Showing 1-15 of 15 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-20T14:18:26.458235-0700192.168.0.110.8.0.1/WFADevice.xmlXML 1.0 document, ASCII text, with CRLF line terminators1000
2
2019-08-20T14:18:26.458877-0700192.168.0.510.8.0.1/XML 1.0 document, ASCII text, with CRLF line terminators3587
3
2019-08-20T14:18:26.456880-0700192.168.0.510.8.0.1/XML 1.0 document, ASCII text, with CRLF line terminators1230
4
2019-08-20T14:18:26.457634-0700192.168.0.510.8.0.1/XML 1.0 document, ASCII text, with CRLF line terminators1234
5
2019-08-20T14:18:26.534425-0700192.168.0.2410.8.0.1/upnp/dev/3e5ed8be-9cab-2902-0000-000064a837ea/descXML 1.0 document, ASCII text, with very long lines, with no line terminators908
6
2019-08-20T14:18:26.624753-070010.8.0.1192.168.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with very long lines616
7
2019-08-20T14:18:26.463986-070010.8.0.1192.168.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text282
8
2019-08-20T14:18:26.614996-0700192.168.0.110.8.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators357
9
2019-08-20T14:18:28.874559-0700192.168.0.110.8.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with CRLF line terminators289
10
2019-08-20T14:18:28.881523-070010.8.0.1192.168.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with very long lines616
11
2019-08-20T14:18:29.832036-0700192.168.0.110.8.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with CRLF line terminators289
12
2019-08-20T14:20:08.044779-07008.247.71.18410.8.0.1/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, frames 34583
13
2019-08-20T14:20:08.180305-07008.247.71.18410.8.0.1/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, frames 34583
14
2019-08-20T14:20:08.325500-07008.247.71.18410.8.0.1/84580ab5e74746f8851ef2036633c96b_20151001_bg.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x800, frames 361729
15
2019-08-20T14:22:58.708330-0700192.168.0.110.8.0.1/dyndev/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0000XML 1.0 document, ASCII text, with CRLF line terminators3124

Comments(not set)

Update Download PCAP Delete