2019_08_20_141729.pcap

MD57d31be2589a92af8c589aa17a85e4f17
Submission Date2019-08-23 03:28:16
Tags(not set)
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-20T14:18:29.500417-070010.8.0.113.33.25.12ET INFO HTTP Request to a *.top domain*
2
2019-08-20T14:20:12.188381-070010.8.0.147.254.204.168ET INFO HTTP Request to a *.top domain*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 112
Showing 1-20 of 112 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-08-20T14:17:35.560624-070010.8.0.1172.217.11.163TLS 1.3beacons.gcp.gvt2.com
2
2019-08-20T14:17:29.677300-070010.8.0.1205.251.243.55TLS 1.2dp-gw-na.amazon.com
3
2019-08-20T14:17:36.031270-070010.8.0.174.125.197.188TLS 1.2mtalk.google.com
4
2019-08-20T14:17:59.931229-070010.8.0.1172.217.5.65TLS 1.3lh3.googleusercontent.com
5
2019-08-20T14:17:59.932275-070010.8.0.1172.217.5.65TLS 1.3lh3.googleusercontent.com
6
2019-08-20T14:17:59.999791-070010.8.0.1172.217.5.65UNDETERMINEDlh3.googleusercontent.com
7
2019-08-20T14:18:10.428319-070010.8.0.1216.58.217.195TLS 1.2connectivitycheck.gstatic.com
8
2019-08-20T14:18:18.826487-070010.8.0.1174.129.230.233TLS 1.2settings.crashlytics.com
9
2019-08-20T14:18:18.711568-070010.8.0.131.13.70.1TLS 1.2graph.facebook.com
10
2019-08-20T14:18:19.230952-070010.8.0.1172.217.11.174TLS 1.2www.google-analytics.com
11
2019-08-20T14:18:19.827284-070010.8.0.131.13.70.1TLS 1.3 draft-26-fbgraph.facebook.com
12
2019-08-20T14:18:23.805953-070010.8.0.154.70.184.92TLS 1.2sdk.adtiming.com
13
2019-08-20T14:18:19.827310-070010.8.0.131.13.70.36TLS 1.3 draft-26-fbb-graph.facebook.com
14
2019-08-20T14:18:22.082884-070010.8.0.1104.25.68.113TLS 1.2api.pureapk.com
15
2019-08-20T14:18:18.774713-070010.8.0.131.13.70.1TLS 1.2graph.facebook.com
16
2019-08-20T14:18:23.495816-070010.8.0.131.13.70.34TLS 1.2mqtt-mini.facebook.com
17
2019-08-20T14:18:19.774966-070010.8.0.131.13.70.1TLS 1.3 draft-26-fbapi.facebook.com
18
2019-08-20T14:18:20.186561-070010.8.0.131.13.70.36TLS 1.3 draft-26-fbb-api.facebook.com
19
2019-08-20T14:18:22.082130-070010.8.0.1104.25.68.113TLS 1.2api.pureapk.com
20
2019-08-20T14:18:26.536972-070010.8.0.1172.217.5.206TLS 1.2android.clients.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 22
Showing 1-20 of 22 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-20T14:18:26.458877-070010.8.0.1192.168.0.51831GET/200
2
2019-08-20T14:18:26.534425-070010.8.0.1192.168.0.2460000GET/upnp/dev/3e5ed8be-9cab-2902-0000-000064a837ea/desc200
3
2019-08-20T14:18:26.614996-070010.8.0.1192.168.0.15431POST/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1200
4
2019-08-20T14:18:28.874559-070010.8.0.1192.168.0.15431POST/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1200
5
2019-08-20T14:18:26.456880-070010.8.0.1192.168.0.51269GET/200
6
2019-08-20T14:18:26.457634-070010.8.0.1192.168.0.51235GET/200
7
2019-08-20T14:18:26.458235-070010.8.0.1192.168.0.11990GET/WFADevice.xml200
8
2019-08-20T14:18:29.832036-070010.8.0.1192.168.0.15431POST/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1200
9
2019-08-20T14:18:29.500417-070010.8.0.1game.happygame.top80GET/app/g064/game.html304
10
2019-08-20T14:20:08.044779-070010.8.0.1images-public.flurv.com80GET/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpg200
11
2019-08-20T14:20:08.180305-070010.8.0.1images-public.flurv.com80GET/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpg200
12
2019-08-20T14:20:08.325500-070010.8.0.1images-public.flurv.com80GET/84580ab5e74746f8851ef2036633c96b_20151001_bg.jpg200
13
2019-08-20T14:20:12.188381-070010.8.0.1baidu.clickurl.top80GET/click/?adgroup_id=3198501&user_id=699999&timeflag=201908201840&mid=2157&android_id={android_id}&bundle={bundle}&tid=RSB_328A79B9EBBD4E7A917FBB2225AE1067FAAAB196E6FE4B3E6EDC2775856304C257A768D8220C4CEFD8B1BA6061AB187518AC2C28B1E455C69F0C1ED341332CCE1C9618B9E8D45F2B_MOBILEPARTNER&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&pub_id=208818302
14
2019-08-20T14:20:12.191822-070010.8.0.1baidu.clickurl.top80GET/click/?adgroup_id=3463654&user_id=699999&timeflag=201908202120&mid=2157&android_id={android_id}&bundle={bundle}&tid=RSB_328A79B9EBBD4E7A917FBB2225AE1067FAAAB196E6FE4B3E6EDC2775856304C28B0634DA6563EA767D6227B5E34DE576F2B33A248203A151365B120BC3A6D3ED63FFA92D80D82AA7_MOBILEPARTNER&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&pub_id=208818302
15
2019-08-20T14:20:12.191861-070010.8.0.1baidu.clickurl.top80GET/click/?adgroup_id=3198436&user_id=699999&timeflag=201908201840&mid=2157&android_id={android_id}&bundle={bundle}&tid=RSB_328A79B9EBBD4E7A917FBB2225AE1067FAAAB196E6FE4B3E6EDC2775856304C23A72A6FD9B412908603E824BBC5293CC96865A326510A3D517B6FEE3A4BCE4E25675DB10A5FF802B_MOBILEPARTNER&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&pub_id=208818302
16
2019-08-20T14:20:12.687751-070010.8.0.1novabeyond.offerstrack.net80GET/index.php?offer_id=28948&aff_id=162&source_id=2157_23703214&aff_sub1=20190820212012_6b0c6d70ad6ce4c2b91f5475d7a90f077915911_v2&google_aid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&ios_idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&aff_sub5=302
17
2019-08-20T14:20:12.744922-070010.8.0.1click.amgepic.com80GET/index.php?m=advert&p=click&app_id=26&offer_id=2113312&aff_sub=20190820212012_a3ab9ef60f4eb7171a566f4ce4d323ba2072110_v2&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&android={android_id}&idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&channel=2157_23703214302
18
2019-08-20T14:20:12.752297-070010.8.0.1novabeyond.offerstrack.net80GET/index.php?offer_id=17722&aff_id=162&source_id=2157_23703214&aff_sub1=20190820212012_825bc90301f5e8de49724cabbe241df32662195_v2&google_aid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&ios_idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&aff_sub5=302
19
2019-08-20T14:20:13.426350-070010.8.0.1click.metalex.io80GET/click?action=ck&mod=server&app_id=139&offer_id=7115297&aff_sub=AWBuHeNLQySYDifY7bymMUUSkiqQDH5DlOKwM5C9rPAvuo&gaid=7936bea2-66eb-4993-b26f-8f9f7b692d3d&android=&idfa=7936bea2-66eb-4993-b26f-8f9f7b692d3d&channel=26_2157_23703214302
20
2019-08-20T14:22:57.294308-070010.8.0.1cdn-creatives-highwinds-prd.unityads.unity3d.com80GET/assets/5aa00278bb174703102afe65/m31-1000.mp4(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 163
Showing 1-20 of 163 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-20T14:23:00.666594-07001167025890192751flow10.8.0.138660192.3.31.11625401UDPpcapanalyzer
2
2019-08-20T14:23:00.666594-07001865479916433027flow10.8.0.137864239.192.152.1436771UDPpcapanalyzer
3
2019-08-20T14:23:00.666594-0700372411845457434flow10.8.0.16771239.192.152.1436771UDPpcapanalyzer
4
2019-08-20T14:23:00.666594-07001512609692602876flow10.8.0.149051205.251.243.55443TCPpcapanalyzer
5
2019-08-20T14:23:00.666594-07001555832097507186flow10.8.0.138800172.217.5.65443TCPpcapanalyzer
6
2019-08-20T14:23:00.666594-0700474294907249163flow192.168.0.5951535198.154.111.218443TCPpcapanalyzer
7
2019-08-20T14:23:00.666594-07001618334609078137flow10.8.0.138799172.217.5.65443TCPpcapanalyzer
8
2019-08-20T14:23:00.666594-07002222726700819582flow10.8.0.136375172.217.11.163443TCPpcapanalyzer
9
2019-08-20T14:23:00.666594-07001537645059204525flow10.8.0.15530631.13.70.36443TCPpcapanalyzer
10
2019-08-20T14:23:00.666594-07001297101120820862flow10.8.0.14096631.13.70.1443TCPpcapanalyzer
11
2019-08-20T14:23:00.666594-0700885488635036734flow10.8.0.15530231.13.70.36443TCPpcapanalyzer
12
2019-08-20T14:23:00.666594-0700384927376551652flow10.8.0.14096231.13.70.1443TCPpcapanalyzer
13
2019-08-20T14:23:00.666594-0700567332498596441flow10.8.0.1396883.0.229.8180TCPpcapanalyzer
14
2019-08-20T14:23:00.666594-07001553343173437500flow192.168.0.593743552.76.223.2280TCPpcapanalyzer
15
2019-08-20T14:23:00.666594-0700286984943985387flow10.8.0.15423254.70.184.92443TCPpcapanalyzer
16
2019-08-20T14:23:00.666594-0700161397952200521flow10.8.0.15532531.13.70.36443TCPpcapanalyzer
17
2019-08-20T14:23:00.666594-0700724427369833455flow10.8.0.14711947.254.204.16880TCPpcapanalyzer
18
2019-08-20T14:23:00.666594-07002133333402513544flow10.8.0.15423054.70.184.92443TCPpcapanalyzer
19
2019-08-20T14:23:00.666594-0700447713361849210flow10.8.0.133157104.25.68.113443TCPpcapanalyzer
20
2019-08-20T14:23:00.666594-07001013586035819386flow10.8.0.146336172.217.14.10080TCPpcapanalyzer
File 15
Showing 1-15 of 15 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-20T14:18:26.463986-070010.8.0.1192.168.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text282
2
2019-08-20T14:18:26.458877-0700192.168.0.510.8.0.1/XML 1.0 document, ASCII text, with CRLF line terminators3587
3
2019-08-20T14:18:26.534425-0700192.168.0.2410.8.0.1/upnp/dev/3e5ed8be-9cab-2902-0000-000064a837ea/descXML 1.0 document, ASCII text, with very long lines, with no line terminators908
4
2019-08-20T14:18:26.614996-0700192.168.0.110.8.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators357
5
2019-08-20T14:18:26.624753-070010.8.0.1192.168.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with very long lines616
6
2019-08-20T14:18:26.456880-0700192.168.0.510.8.0.1/XML 1.0 document, ASCII text, with CRLF line terminators1230
7
2019-08-20T14:18:28.874559-0700192.168.0.110.8.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with CRLF line terminators289
8
2019-08-20T14:18:26.457634-0700192.168.0.510.8.0.1/XML 1.0 document, ASCII text, with CRLF line terminators1234
9
2019-08-20T14:18:28.881523-070010.8.0.1192.168.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with very long lines616
10
2019-08-20T14:18:26.458235-0700192.168.0.110.8.0.1/WFADevice.xmlXML 1.0 document, ASCII text, with CRLF line terminators1000
11
2019-08-20T14:18:29.832036-0700192.168.0.110.8.0.1/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0002/WANIPConnection:1XML 1.0 document, ASCII text, with CRLF line terminators289
12
2019-08-20T14:20:08.044779-07008.247.71.18410.8.0.1/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, frames 34583
13
2019-08-20T14:20:08.180305-07008.247.71.18410.8.0.1/84580ab5e74746f8851ef2036633c96b_20151001_tn.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, frames 34583
14
2019-08-20T14:20:08.325500-07008.247.71.18410.8.0.1/84580ab5e74746f8851ef2036633c96b_20151001_bg.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x800, frames 361729
15
2019-08-20T14:23:00.666594-0700192.168.0.110.8.0.1/dyndev/uuid:e0b9e50a-4427-2744-0ae5-b9e0b90a0000XML 1.0 document, ASCII text, with CRLF line terminators3124

Comments(not set)

Update Download PCAP Delete