asus.pcap

MD5753f46d341d649177a7db86741d655a0
Submission Date2019-08-30 08:18:25
Tags(not set)
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-30T08:07:39.799576-0700192.168.111.13192.168.111.255ET POLICY Spotify P2P Client*
2
2019-08-30T08:08:53.055418-0700192.168.111.13203.205.255.191ET POLICY Http Client Body contains pwd= in cleartext*
DNS 86
Showing 1-20 of 86 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-08-30T08:07:53.354278-0700192.168.111.22192.168.111.1queryoneclient.sfx.msA(not set)
2
2019-08-30T08:07:53.369676-0700192.168.111.1192.168.111.22answeroneclient.sfx.msA(not set)
3
2019-08-30T08:07:53.430246-0700192.168.111.22192.168.111.1queryoutlookmobile-office365-tas.msedge.netA(not set)
4
2019-08-30T08:07:53.431840-0700192.168.111.22192.168.111.1queryprod1-files.acompli.netA(not set)
5
2019-08-30T08:07:53.432384-0700192.168.111.1192.168.111.22answeroutlookmobile-office365-tas.msedge.netA(not set)
6
2019-08-30T08:07:53.432922-0700192.168.111.1192.168.111.22answerprod1-files.acompli.netA(not set)
7
2019-08-30T08:07:53.726778-0700192.168.111.22192.168.111.1querymobile.pipe.aria.microsoft.comA(not set)
8
2019-08-30T08:07:53.742831-0700192.168.111.1192.168.111.22answermobile.pipe.aria.microsoft.comA(not set)
9
2019-08-30T08:07:54.515647-0700192.168.111.13192.168.111.1querydci.sophosupd.netA(not set)
10
2019-08-30T08:07:54.531177-0700192.168.111.1192.168.111.13answerdci.sophosupd.netA(not set)
11
2019-08-30T08:07:54.607797-0700192.168.111.22192.168.111.1queryolmprodpowerlift-cdn.azureedge.netA(not set)
12
2019-08-30T08:07:54.470963-0700192.168.111.13192.168.111.1querydci.sophosupd.comA(not set)
13
2019-08-30T08:07:54.608696-0700192.168.111.1192.168.111.22answerolmprodpowerlift-cdn.azureedge.netA(not set)
14
2019-08-30T08:07:54.490858-0700192.168.111.1192.168.111.13answerdci.sophosupd.comA(not set)
15
2019-08-30T08:07:55.872831-0700192.168.111.13192.168.111.1queryd1.sophosupd.comA(not set)
16
2019-08-30T08:07:55.887841-0700192.168.111.1192.168.111.13answerd1.sophosupd.comA(not set)
17
2019-08-30T08:07:58.619770-0700192.168.111.13192.168.111.1queryd2.sophosupd.comA(not set)
18
2019-08-30T08:07:58.637267-0700192.168.111.1192.168.111.13answerd2.sophosupd.comA(not set)
19
2019-08-30T08:07:59.134790-0700192.168.111.22192.168.111.1querymobile.pipe.aria.microsoft.comA(not set)
20
2019-08-30T08:07:59.150425-0700192.168.111.1192.168.111.22answermobile.pipe.aria.microsoft.comA(not set)
TLS 23
Showing 1-20 of 23 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-08-30T08:07:54.772041-0700192.168.111.1396.7.133.78TLS 1.2dci.sophosupd.com
2
2019-08-30T08:07:55.981026-0700192.168.111.1396.7.133.78TLS 1.2d1.sophosupd.com
3
2019-08-30T08:07:58.731620-0700192.168.111.1396.7.133.78TLS 1.2d2.sophosupd.com
4
2019-08-30T08:07:59.583919-0700192.168.111.1396.7.133.78TLS 1.2d3.sophosupd.com
5
2019-08-30T08:08:12.947248-0700192.168.111.22183.60.93.249TLS 1.2sina.cn
6
2019-08-30T08:08:17.722394-0700192.168.111.2454.148.119.29TLS 1.2api.amplitude.com
7
2019-08-30T08:08:17.526820-0700192.168.111.13117.121.252.224TLS 1.2content.viki.io
8
2019-08-30T08:08:19.044484-0700192.168.111.1352.114.158.53TLS 1.2self.events.data.microsoft.com
9
1969-12-31T16:00:00.072188-0800192.168.111.1354.238.62.235TLS 1.2d.adroll.com
10
2019-08-30T08:08:32.269361-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
11
2019-08-30T08:08:32.598753-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
12
2019-08-30T08:08:33.292871-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
13
2019-08-30T08:08:33.519511-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
14
2019-08-30T08:08:34.439719-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
15
2019-08-30T08:08:34.194678-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
16
2019-08-30T08:08:34.688303-0700192.168.111.2354.71.84.85TLS 1.2api-global.netflix.com
17
2019-08-30T08:08:35.149300-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
18
2019-08-30T08:08:35.368344-0700192.168.111.13157.240.8.18TLS 1.3an.facebook.com
19
2019-08-30T08:08:39.768570-0700192.168.111.2352.94.212.65TLS 1.2aviary.amazon.co.jp
20
2019-08-30T08:08:53.398351-0700192.168.111.13117.121.252.224TLS 1.2content.viki.io
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 14
Showing 1-14 of 14 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-30T08:07:40.525611-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
2
2019-08-30T08:07:41.450218-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
3
2019-08-30T08:08:12.082358-0700192.168.111.22conn2.oppomobile.com80GET/generate_204204
4
2019-08-30T08:08:12.083261-0700192.168.111.22www.google.cn80GET/generate_204204
5
2019-08-30T08:08:16.674033-0700192.168.111.22hkminorshort.weixin.qq.com80POST/mmtls/77ea909e200
6
2019-08-30T08:08:20.057354-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
7
2019-08-30T08:08:20.712051-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
8
2019-08-30T08:08:21.073338-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
9
2019-08-30T08:08:23.533394-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
10
2019-08-30T08:08:41.349050-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
11
2019-08-30T08:08:42.577600-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
12
2019-08-30T08:08:56.608748-0700192.168.111.13192.168.111.121400GET/spotifyzc?action=getInfo200
13
2019-08-30T08:08:53.055418-0700192.168.111.13btrace.qq.com80POST/kvcollect200
14
2019-08-30T08:09:18.940978-0700192.168.111.23spectrum.s3.amazonaws.com80GET/kindle-wifi/wifistub.html200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 196
Showing 1-20 of 196 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-30T08:08:22.923889-0700288655016745355flow192.168.111.135353192.168.111.95353UDPpcapanalyzer
2
2019-08-30T08:08:22.923889-0700858627241705744flow192.168.111.245353192.168.111.95353UDPpcapanalyzer
3
2019-08-30T08:08:22.923889-0700576024836111546flowfe80:0000:0000:0000:0c87:8d90:adba:5d9e5353ff02:0000:0000:0000:0000:0000:0000:00fb5353UDPpcapanalyzer
4
2019-08-30T08:08:22.923889-0700799043160439376flow192.168.111.95353224.0.0.2515353UDPpcapanalyzer
5
2019-08-30T08:08:22.923889-07001672598706330453flow216.58.199.45443192.168.111.1545734UDPpcapanalyzer
6
2019-08-30T08:09:21.804211-0700432025320833735flow192.168.111.1255818239.255.255.2501900UDPpcapanalyzer
7
2019-08-30T08:09:21.804211-07001496286004833055flow192.168.111.147643239.255.255.2501900UDPpcapanalyzer
8
2019-08-30T08:09:21.804211-07001638960523134892flow192.168.111.1255818255.255.255.2551900UDPpcapanalyzer
9
2019-08-30T08:09:21.804211-070027398598346578flow157.240.8.18443192.168.111.1357600TCPpcapanalyzer
10
2019-08-30T08:09:21.804211-07001434923805799666flow54.194.205.220443192.168.111.1255434TCPpcapanalyzer
11
2019-08-30T08:09:21.804211-07001305123451592157flow157.240.8.18443192.168.111.1357602TCPpcapanalyzer
12
2019-08-30T08:09:21.804211-07001661161208085002flow192.168.111.122192.168.111.2450546TCPpcapanalyzer
13
2019-08-30T08:09:21.804211-07001170051025285029flow216.58.199.74443192.168.111.1533292TCPpcapanalyzer
14
2019-08-30T08:09:21.804211-0700328596064974965flow192.168.111.2451364151.101.1.69443TCPpcapanalyzer
15
2019-08-30T08:09:21.804211-07001673504944273543flow216.58.196.138443192.168.111.1555166TCPpcapanalyzer
16
2019-08-30T08:09:21.804211-0700419052371262702flow68.183.148.117443192.168.111.2464565TCPpcapanalyzer
17
2019-08-30T08:09:21.804211-07002179559470379010flow23.40.101.3880192.168.111.2249160TCPpcapanalyzer
18
2019-08-30T08:09:21.804211-0700197401994603685flow74.125.130.1885228192.168.111.2237105TCPpcapanalyzer
19
2019-08-30T08:09:21.804211-07001282811099394516flowfe80:0000:0000:0000:14aa:673b:97d2:4f535353ff02:0000:0000:0000:0000:0000:0000:00fb5353UDPpcapanalyzer
20
2019-08-30T08:09:21.804211-0700407236918948261flow192.168.111.135353224.0.0.2515353UDPpcapanalyzer
File 14
Showing 1-14 of 14 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-30T08:07:40.525611-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
2
2019-08-30T08:07:41.450218-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
3
2019-08-30T08:08:16.659961-0700192.168.111.22203.205.143.153/mmtls/77ea909edata454
4
2019-08-30T08:08:16.674033-0700203.205.143.153192.168.111.22/mmtls/77ea909edata244
5
2019-08-30T08:08:20.057354-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
6
2019-08-30T08:08:20.712051-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
7
2019-08-30T08:08:21.073338-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
8
2019-08-30T08:08:23.533394-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
9
2019-08-30T08:08:41.349050-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
10
2019-08-30T08:08:42.577600-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
11
2019-08-30T08:08:53.051729-0700192.168.111.13203.205.255.191/kvcollectASCII text, with very long lines, with no line terminators470
12
2019-08-30T08:08:56.608748-0700192.168.111.12192.168.111.13/spotifyzcASCII text, with very long lines, with no line terminators572
13
2019-08-30T08:08:53.055418-0700203.205.255.191192.168.111.13/kvcollectASCII text, with no line terminators2
14
2019-08-30T08:09:18.940978-070052.217.37.20192.168.111.23/kindle-wifi/wifistub.htmlHTML document, ASCII text, with CRLF line terminators419

Comments(not set)

Update Download PCAP Delete