2019_12_03_080002.pcap

MD5954e546fd31b901d66186bd69f810190
Submission Date2019-12-02 17:09:58
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 48
Showing 1-20 of 48 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-12-02T17:00:04.747727-080010.8.0.174.125.24.211TLS 1.3proxy.googlezip.net
2
2019-12-02T17:00:06.550017-080010.8.0.174.125.24.211TLS 1.3proxy.googlezip.net
3
2019-12-02T17:00:08.221036-080010.8.0.174.125.68.188TLS 1.3mtalk.google.com
4
2019-12-02T17:00:19.291889-080010.8.0.1157.240.24.20TLS 1.2graph.facebook.com
5
2019-12-02T17:00:28.993660-080010.8.0.134.96.83.58TLS 1.2api.knightstory.io
6
2019-12-02T17:00:58.248526-080010.8.0.135.190.88.234TLS 1.2cdp.cloud.unity3d.com
7
2019-12-02T17:01:03.856500-080010.8.0.131.13.70.34TLS 1.2mqtt-mini.facebook.com
8
2019-12-02T17:02:36.196036-080010.8.0.134.96.83.58UNDETERMINEDapi.knightstory.io
9
2019-12-02T17:02:49.157470-080010.8.0.1161.117.94.82TLS 1.2data.mistat.intl.xiaomi.com
10
2019-12-02T17:00:04.747817-080010.8.0.135.154.206.224TLS 1.2openapi.webull.com
11
2019-12-02T17:00:06.550330-080010.8.0.174.125.24.211TLS 1.3proxy.googlezip.net
12
2019-12-02T17:00:24.808182-080010.8.0.1161.117.97.83UNDETERMINEDdata.mistat.intl.xiaomi.com
13
2019-12-02T17:00:06.757186-080010.8.0.113.235.208.26TLS 1.2openapi.webull.com
14
2019-12-02T17:00:29.474190-080010.8.0.134.96.83.58TLS 1.2api.knightstory.io
15
2019-12-02T17:00:18.576349-080010.8.0.1161.117.97.83TLS 1.2data.mistat.intl.xiaomi.com
16
2019-12-02T17:00:19.291917-080010.8.0.1185.199.111.153TLS 1.2knightstory.io
17
2019-12-02T17:00:58.197678-080010.8.0.1161.117.97.84TLS 1.2data.mistat.intl.xiaomi.com
18
2019-12-02T17:00:19.291940-080010.8.0.1157.240.24.20TLS 1.2graph.facebook.com
19
2019-12-02T17:01:35.563882-080010.8.0.1185.199.111.153TLS 1.2knightstory.io
20
2019-12-02T17:06:57.023490-080010.8.0.135.190.88.234TLS 1.2cdp.cloud.unity3d.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 9
Showing 1-9 of 9 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-12-02T17:00:03.453730-080010.8.0.1check.googlezip.net80GET/connect200
2
2019-12-02T17:00:03.319272-080010.8.0.1resolver.msg.global.xiaomi.net80GET/gslb/?ver=4.0&type=wifi&uuid=0&list=app.chat.global.xiaomi.net%2Cresolver.msg.global.xiaomi.net&countrycode=ID&sdkver=38&osver=28&os=Redmi%20Note%205%3AV11.0.3.0.PEIMIXM&mi=3&key=41b6d0939d6961b49e8328e78479e4fb200
3
2019-12-02T17:02:51.153407-080010.8.0.1t5.market.xiaomi.com80GET/thumcrop/webp/h120/MiPass/01915f47775774d800c5c1bd62320602c139c60b6/icon.webp?crop=l267r717200
4
2019-12-02T17:01:19.514641-080010.8.0.1data.mistat.intl.xiaomi.com80POST/mistats/v2200
5
2019-12-02T17:01:19.821008-080010.8.0.1data.mistat.intl.xiaomi.com80POST/mistats/v2200
6
2019-12-02T17:08:13.107957-080010.8.0.1qzidfzykte80HEAD/(not set)
7
2019-12-02T17:08:13.107957-080010.8.0.1rdgwdqnung80HEAD/(not set)
8
2019-12-02T17:08:13.107957-080010.8.0.1f7.market.xiaomi.com80GET/download/MiPass/01915f47775774d800c5c1bd62320602c139c60b6/6c0aa24e9386ba88523160b988aa55a859b28277.png(not set)
9
2019-12-02T17:08:13.107957-080010.8.0.1wnhoqqexl80HEAD/(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 86
Showing 1-20 of 86 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-12-02T17:08:13.107957-08001844923394658641flow172.20.10.241827172.217.194.11480TCPpcapanalyzer
2
2019-12-02T17:08:13.107957-0800144988223818728flow10.8.0.14306474.125.24.211443TCPpcapanalyzer
3
2019-12-02T17:08:13.107957-08001834280492721419flow10.8.0.13840734.96.83.58443TCPpcapanalyzer
4
2019-12-02T17:08:13.107957-0800427768870757737flow10.8.0.137916202.3.219.21180TCPpcapanalyzer
5
2019-12-02T17:08:13.107957-0800991191270365410flow10.8.0.144681161.117.97.1480TCPpcapanalyzer
6
2019-12-02T17:08:13.107957-08001695007561388990flow10.8.0.137922202.3.219.21180TCPpcapanalyzer
7
2019-12-02T17:08:13.107957-0800851999974164857flow10.8.0.13868931.13.70.34443TCPpcapanalyzer
8
2019-12-02T17:08:13.107957-08001981808326614731flow10.8.0.137041103.117.83.35443TCPpcapanalyzer
9
2019-12-02T17:08:13.107957-0800857063737250774flow10.8.0.138569157.240.24.20443TCPpcapanalyzer
10
2019-12-02T17:08:13.107957-08001285207562185534flow10.8.0.14209152.199.183.2553001TCPpcapanalyzer
11
2019-12-02T17:08:13.107957-0800585501546205942flow10.8.0.146194149.154.175.51443TCPpcapanalyzer
12
2019-12-02T17:08:13.107957-0800868295079696845flow10.8.0.14070335.190.88.234443TCPpcapanalyzer
13
2019-12-02T17:08:13.107957-0800730070172963733flow10.8.0.137039103.117.83.35443TCPpcapanalyzer
14
2019-12-02T17:08:13.107957-0800451747702297143flow10.8.0.148914161.117.94.82443TCPpcapanalyzer
15
2019-12-02T17:08:13.107957-08001156839570146649flow10.8.0.13830734.96.83.58443TCPpcapanalyzer
16
2019-12-02T17:08:13.107957-08002003738405454398flow10.8.0.1394803.115.216.683001TCPpcapanalyzer
17
2019-12-02T17:08:13.107957-08001581886718568045flow10.8.0.148507185.199.111.153443TCPpcapanalyzer
18
2019-12-02T17:08:13.107957-0800457554481667691flow172.20.10.248746161.117.97.169443TCPpcapanalyzer
19
2019-12-02T17:08:13.107957-08001021977595937072flow10.8.0.13776174.125.68.95443TCPpcapanalyzer
20
2019-12-02T17:08:13.107957-080037760099142029flow10.8.0.141301161.117.190.13443TCPpcapanalyzer
File 7
Showing 1-7 of 7 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-12-02T17:00:03.453730-080074.125.24.11410.8.0.1/connectASCII text3
2
2019-12-02T17:00:03.319272-0800161.117.97.1410.8.0.1/gslb/ASCII text, with very long lines, with no line terminators1340
3
2019-12-02T17:02:51.153407-080047.246.14.22510.8.0.1/thumcrop/webp/h120/MiPass/01915f47775774d800c5c1bd62320602c139c60b6/icon.webpRIFF (little-endian) data, Web/P image, VP8 encoding, 128x128, Scaling: [none]x[none], YUV color, decoders should clamp6804
4
2019-12-02T17:01:16.687040-080010.8.0.1161.117.97.83/mistats/v2ASCII text, with very long lines, with no line terminators2109
5
2019-12-02T17:01:19.514641-0800161.117.97.8310.8.0.1/mistats/v2ASCII text, with no line terminators94
6
2019-12-02T17:01:19.667768-080010.8.0.1161.117.97.83/mistats/v2ASCII text, with very long lines, with no line terminators1825
7
2019-12-02T17:01:19.821008-0800161.117.97.8310.8.0.1/mistats/v2ASCII text, with no line terminators94

Comments(not set)

Update Download PCAP Delete