01-44-42___04-06-2016.pcap

MD58369117599c285afcaaf4b8987a55174
Submission Date2019-11-28 20:51:49
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 300
Showing 1-20 of 300 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2016-06-04T01:45:36.825601-0700192.168.1.115192.168.1.1querypush.airdroid.comAAAA(not set)
2
2016-06-04T01:45:36.841075-0700192.168.1.1192.168.1.115answerpush.airdroid.comAAAA(not set)
3
2016-06-04T01:46:01.038664-0700192.168.1.124192.168.1.1querygraph.facebook.comA(not set)
4
2016-06-04T01:46:01.038786-0700192.168.1.124192.168.1.1querygraph.facebook.comA(not set)
5
2016-06-04T01:46:01.049346-0700192.168.1.1192.168.1.124answergraph.facebook.comA(not set)
6
2016-06-04T01:46:01.049529-0700192.168.1.1192.168.1.124answergraph.facebook.comA(not set)
7
2016-06-04T01:46:01.782201-0700192.168.1.115192.168.1.1queryapi.dewmobile.netA(not set)
8
2016-06-04T01:46:01.791449-0700192.168.1.1192.168.1.115answerapi.dewmobile.netA(not set)
9
2016-06-04T01:45:36.844066-0700192.168.1.115192.168.1.1querypush.airdroid.comA(not set)
10
2016-06-04T01:45:36.852307-0700192.168.1.1192.168.1.115answerpush.airdroid.comA(not set)
11
2016-06-04T01:46:00.970390-0700192.168.1.124192.168.1.1querygraph.facebook.comAAAA(not set)
12
2016-06-04T01:46:00.970573-0700192.168.1.124192.168.1.1querygraph.facebook.comAAAA(not set)
13
2016-06-04T01:46:00.981408-0700192.168.1.1192.168.1.124answergraph.facebook.comAAAA(not set)
14
2016-06-04T01:46:01.035581-0700192.168.1.1192.168.1.124answergraph.facebook.comAAAA(not set)
15
2016-06-04T01:47:08.054962-0700192.168.1.115192.168.1.1queryapi.dropbox.comAAAA(not set)
16
2016-06-04T01:47:08.063477-0700192.168.1.1192.168.1.115answerapi.dropbox.comAAAA(not set)
17
2016-06-04T01:48:23.819589-0700192.168.1.115192.168.1.1queryi.haloapps.comA(not set)
18
2016-06-04T01:48:23.835337-0700192.168.1.1192.168.1.115answeri.haloapps.comA(not set)
19
2016-06-04T01:48:45.528021-0700192.168.1.124192.168.1.1queryaccounts.google.comA(not set)
20
2016-06-04T01:48:45.528112-0700192.168.1.124192.168.1.1queryaccounts.google.comA(not set)
TLS 140
Showing 1-20 of 140 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2016-06-04T01:44:50.093570-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
2
2016-06-04T01:45:27.185711-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
3
2016-06-04T01:45:35.435948-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
4
2016-06-04T01:45:35.057709-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
5
2016-06-04T01:45:50.166361-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
6
2016-06-04T01:45:05.164103-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
7
2016-06-04T01:45:20.031980-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
8
2016-06-04T01:46:35.059998-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
9
2016-06-04T01:46:35.690274-0700192.168.1.115216.58.217.206TLS 1.2android.clients.google.com
10
2016-06-04T01:47:09.093021-0700192.168.1.115108.160.172.237TLS 1.2(not set)
11
2016-06-04T01:47:35.069581-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
12
2016-06-04T01:47:42.858746-0700192.168.1.115216.58.217.206TLSv1android.clients.google.com
13
2016-06-04T01:47:50.312157-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
14
2016-06-04T01:48:05.518414-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
15
2016-06-04T01:48:50.261859-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
16
2016-06-04T01:49:12.690488-07002600:8801:0600:06a8:6052:5581:24b3:b9462607:f8b0:4007:0804:0000:0000:0000:200aTLSv1(not set)
17
2016-06-04T01:46:05.273762-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
18
2016-06-04T01:47:04.972343-07002600:8801:0600:06a8:6052:5581:24b3:b9462a03:2880:f022:0006:face:b00c:0000:0002TLSv1graph.facebook.com
19
2016-06-04T01:49:12.799048-07002600:8801:0600:06a8:6052:5581:24b3:b9462607:f8b0:4007:0804:0000:0000:0000:200aTLSv1(not set)
20
2016-06-04T01:49:16.246019-0700192.168.1.11554.197.249.37TLSv1(not set)
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 32
Showing 1-20 of 32 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2016-06-04T01:45:37.015224-0700192.168.1.115push.airdroid.com80GET/msg/get?k=p-100-4399d099a769eaca8535373a8bdad8b9&m=14648594992631030&token=15d519760c7325e8e39be995ca58401c&ver=20155200
2
2016-06-04T01:48:23.939747-0700192.168.1.115i.haloapps.com80GET/adscfg?a=400105&v=2281&s=32400&gp=1&gs=1&fb=0&uid=&hash=1464859300304
3
2016-06-04T01:46:02.215713-0700192.168.1.115api.dewmobile.net80POST/v3/appaction200
4
2016-06-04T01:47:18.458502-0700192.168.1.115api.dewmobile.net80POST/v2/user/uninstall200
5
2016-06-04T01:48:46.954192-0700192.168.1.124pubads.g.doubleclick.net80GET/301
6
2016-06-04T01:48:47.046668-0700192.168.1.124pubads.g.doubleclick.net80GET/301
7
2016-06-04T01:48:48.504680-0700192.168.1.124172.217.2.23880GET/generate_204204
8
2016-06-04T01:49:33.026822-0700192.168.1.115piwik.darken.eu80POST/piwik.php200
9
2016-06-04T01:49:28.317406-07002600:8801:0600:06a8:6052:5581:24b3:b946lh3.ggpht.com80GET/D_77AFGtEzwejgYsHpmJEVR0HJ4g7-JptlFQinY71psWYxroFUKEXaiVhR35TPXFLpQfbZGFSEO0xma4=w81-h81-v1200
10
2016-06-04T01:48:55.448247-07002600:8801:0600:06a8:6052:5581:24b3:b946rt.applovin.com80POST/pix?event=landing&ts=1465030132774&platform=Android&model=SCH-I415&package_name=my.googlemusic.play&sdk_key=U2noLIxMnAso29VWJNNmyw6qPOh3mkbFmN15fySQ7JD9Sifm52W1ydsL0XOnF-00M160zTR5teEJMu4RxaTtDJ&idfa=5cd1a3c5-45f2-48e6-922f-788a4e98bcd3&dnt=false&ia=1464826825000&api_did=&brand=samsung&model=SCH-I415&revision=aegis2vzw&sdk_version=6.1.4&os=4.1.2&postback_ts=1465030134912200
11
2016-06-04T01:52:10.089847-0700192.168.1.115push.airdroid.com80GET/msg/get?k=p-100-4399d099a769eaca8535373a8bdad8b9&m=14648594992631030&token=15d519760c7325e8e39be995ca58401c&ver=20155200
12
2016-06-04T01:51:40.390777-0700192.168.1.115piwik.darken.eu80POST/piwik.php200
13
2016-06-04T01:49:20.421908-0700192.168.1.115push.airdroid.com80GET/msg/get?k=p-100-4399d099a769eaca8535373a8bdad8b9&m=14648594992631030&token=15d519760c7325e8e39be995ca58401c&ver=20155200
14
2016-06-04T01:53:04.708586-07002600:8801:0600:06a8:6052:5581:24b3:b946rt.applovin.com80POST/pix?event=landing&ts=1465030381923&platform=Android&model=SCH-I415&package_name=my.googlemusic.play&sdk_key=U2noLIxMnAso29VWJNNmyw6qPOh3mkbFmN15fySQ7JD9Sifm52W1ydsL0XOnF-00M160zTR5teEJMu4RxaTtDJ&idfa=5cd1a3c5-45f2-48e6-922f-788a4e98bcd3&dnt=false&ia=1464826825000&api_did=&brand=samsung&model=SCH-I415&revision=aegis2vzw&sdk_version=6.1.4&os=4.1.2&postback_ts=1465030384030200
15
2016-06-04T01:56:36.807960-0700192.168.1.115piwik.darken.eu80GET/piwik.php?apiv=1&uid=ade7ffac-9a37-4a62-9198-ee9e2b8b248d&idsite=1&_cvar=%7B%223%22%3A%5B%22SecondaryStorage%22%2C%22%5C%2Fstorage%5C%2FextSdCard%22%5D%2C%222%22%3A%5B%22Unlocker%22%2C%224.0.6%22%5D%2C%221%22%3A%5B%22Root%22%2C%222.73%3ASUPERSU%22%5D%2C%224%22%3A%5B%22SD%20Maid%22%2C%224.2.3%22%5D%7D&send_image=0&cdt=2016-06-04%2001%3A55%3A57-0700&url=http%3A%2F%2Feu.thedarken.sdm%2Fmainapp%2Fbiggest%2F&cvar=%7B%225%22%3A%5B%22ScreenOrientation%22%2C%22landscape%22%5D%7D&rec=1&_id=aac34d38498148f3&action_name=Biggest%2FMain&rand=88361204
16
2016-06-04T01:57:10.729004-0700192.168.1.115push.airdroid.com80GET/msg/get?k=p-100-4399d099a769eaca8535373a8bdad8b9&m=14648594992631030&token=15d519760c7325e8e39be995ca58401c&ver=20155200
17
2016-06-04T01:53:18.714110-0700192.168.1.115piwik.darken.eu80POST/piwik.php200
18
2016-06-04T01:49:28.532484-07002600:8801:0600:06a8:6052:5581:24b3:b946lh4.ggpht.com80GET/OI2OIJlSTYTfYAB2JEMx5zcrOGEBvB6mZLFCBLFpUC5qDJoqpIU77PI5rclgitg60gbUZH_oU3y-3m4AVlI=w81-h81-v1200
19
2016-06-04T01:53:38.007136-0700192.168.1.115push.airdroid.com80GET/msg/get?k=p-100-4399d099a769eaca8535373a8bdad8b9&m=14648594992631030&token=15d519760c7325e8e39be995ca58401c&ver=20155200
20
2016-06-04T01:53:55.079714-0700192.168.1.115piwik.darken.eu80GET/piwik.php?apiv=1&uid=ade7ffac-9a37-4a62-9198-ee9e2b8b248d&idsite=1&_cvar=%7B%223%22%3A%5B%22SecondaryStorage%22%2C%22%5C%2Fstorage%5C%2FextSdCard%22%5D%2C%222%22%3A%5B%22Unlocker%22%2C%224.0.6%22%5D%2C%221%22%3A%5B%22Root%22%2C%222.73%3ASUPERSU%22%5D%2C%224%22%3A%5B%22SD%20Maid%22%2C%224.2.3%22%5D%7D&send_image=0&cdt=2016-06-04%2001%3A53%3A39-0700&url=http%3A%2F%2Feu.thedarken.sdm%2Fmainapp%2Fexplorer%2F&cvar=%7B%225%22%3A%5B%22ScreenOrientation%22%2C%22landscape%22%5D%7D&rec=1&_id=aac34d38498148f3&action_name=Explorer%2FMain&rand=70526204
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 418
Showing 1-20 of 418 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2016-06-04T01:45:37.015224-07001842762512846696flow192.168.1.11535247192.168.1.25520012UDPpcapanalyzer
2
2016-06-04T01:45:37.015224-07001150886232290120flow192.168.1.11550675192.168.1.25520012UDPpcapanalyzer
3
2016-06-04T01:45:37.015224-07001714991531122772flow192.168.1.11535691192.168.1.25520012UDPpcapanalyzer
4
2016-06-04T01:45:37.015224-07001299891532949401flow192.168.1.11549226192.168.1.25520012UDPpcapanalyzer
5
2016-06-04T01:45:37.015224-07001326614818937743flow192.168.1.11537668192.168.1.25520012UDPpcapanalyzer
6
2016-06-04T01:45:37.015224-0700535198374694896flow192.168.1.11536271192.168.1.25520012UDPpcapanalyzer
7
2016-06-04T01:45:37.015224-0700836327122538999flow192.168.1.11540678192.168.1.25520012UDPpcapanalyzer
8
2016-06-04T01:45:37.015224-07001121182237155320flow192.168.1.11557607192.168.1.25520012UDPpcapanalyzer
9
2016-06-04T01:46:02.215713-07001869249576575747flow108.160.172.237443192.168.1.11538190TCPpcapanalyzer
10
2016-06-04T01:46:02.215713-0700884130109314528flow192.168.1.11555508192.168.1.25520012UDPpcapanalyzer
11
2016-06-04T01:46:02.215713-07001330531829913169flow192.168.1.11558715192.168.1.25520012UDPpcapanalyzer
12
2016-06-04T01:46:02.215713-07001654484032366754flow52.10.146.80443192.168.1.11559059TCPpcapanalyzer
13
2016-06-04T02:01:16.902665-07001824307040052992flow192.168.1.11558656192.168.1.25520012UDPpcapanalyzer
14
2016-06-04T02:01:16.902665-0700994515064554031flow192.168.1.180192.168.1.1151024TCPpcapanalyzer
15
2016-06-04T02:01:16.902665-07001706487497623800flow192.168.1.1154694154.163.253.10443TCPpcapanalyzer
16
2016-06-04T02:01:16.902665-07001012270460710042flow192.168.1.11535337209.59.180.54443TCPpcapanalyzer
17
2016-06-04T02:01:16.902665-07001594191284861758flow192.168.1.11900239.255.255.2501900UDPpcapanalyzer
18
2016-06-04T02:01:16.902665-0700204168067710192flow192.168.1.1445192.168.1.1151024TCPpcapanalyzer
19
2016-06-04T02:01:16.902665-0700980848480979313flowfe80:0000:0000:0000:4af8:b3ff:fed8:668a(not set)ff02:0000:0000:0000:0000:0001:fff2:1dd2(not set)IPv6-ICMPpcapanalyzer
20
2016-06-04T02:01:16.902665-07001690922542948533flow192.168.1.158406239.255.255.2501900UDPpcapanalyzer
File 31
Showing 1-20 of 31 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2016-06-04T01:46:02.214461-0700192.168.1.115210.73.213.198/v3/appactionzlib compressed data103
2
2016-06-04T01:45:37.015224-070050.19.248.225192.168.1.115/msg/getASCII text, with no line terminators9
3
2016-06-04T01:46:02.215713-0700210.73.213.198192.168.1.115/v3/appactionASCII text, with no line terminators28
4
2016-06-04T01:47:18.456305-0700192.168.1.115210.73.213.200/v2/user/uninstallASCII text, with no line terminators242
5
2016-06-04T01:47:18.458502-0700210.73.213.200192.168.1.115/v2/user/uninstallASCII text, with no line terminators28
6
2016-06-04T01:48:47.046668-0700216.58.193.194192.168.1.124/HTML document, ASCII text, with CRLF, LF line terminators232
7
2016-06-04T01:48:46.954192-0700216.58.193.194192.168.1.124/HTML document, ASCII text, with CRLF, LF line terminators232
8
2016-06-04T01:49:33.002314-0700192.168.1.115141.0.20.11/piwik.phpASCII text, with very long lines, with no line terminators1016
9
2016-06-04T01:49:33.026822-0700141.0.20.11192.168.1.115/piwik.phpGIF image data, version 89a, 1 x 143
10
2016-06-04T01:48:55.430057-07002600:8801:0600:06a8:6052:5581:24b3:b9462600:1406:001f:0390:0000:0000:0000:1d77/pixASCII text, with no line terminators2
11
2016-06-04T01:49:28.317406-07002607:f8b0:4007:0808:0000:0000:0000:20012600:8801:0600:06a8:6052:5581:24b3:b946unnamed.pngPNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced628
12
2016-06-04T01:51:40.344448-0700192.168.1.115141.0.20.11/piwik.phpASCII text, with very long lines, with no line terminators3934
13
2016-06-04T01:48:55.448247-07002600:1406:001f:0390:0000:0000:0000:1d772600:8801:0600:06a8:6052:5581:24b3:b946/pixGIF image data, version 89a, 1 x 143
14
2016-06-04T01:51:40.390777-0700141.0.20.11192.168.1.115/piwik.phpGIF image data, version 89a, 1 x 143
15
2016-06-04T01:52:10.089847-070050.19.218.211192.168.1.115/msg/getASCII text, with no line terminators9
16
2016-06-04T01:53:04.696714-07002600:8801:0600:06a8:6052:5581:24b3:b9462600:1406:001f:0390:0000:0000:0000:1d77/pixASCII text, with no line terminators2
17
2016-06-04T01:49:20.421908-070050.19.218.211192.168.1.115/msg/getASCII text, with no line terminators9
18
2016-06-04T01:53:04.708586-07002600:1406:001f:0390:0000:0000:0000:1d772600:8801:0600:06a8:6052:5581:24b3:b946/pixGIF image data, version 89a, 1 x 143
19
2016-06-04T01:53:18.692166-0700192.168.1.115141.0.20.11/piwik.phpASCII text, with very long lines, with no line terminators1010
20
2016-06-04T01:53:18.714110-0700141.0.20.11192.168.1.115/piwik.phpGIF image data, version 89a, 1 x 143

Comments(not set)

Update Download PCAP Delete