CaptureAdapters_2021-04-07-12-31-53.112341.pcap

MD528e23013ae28d745deaac86beda348c8
Submission Date2021-04-07 05:40:35
Tags(not set)
Alert 32
Showing 1-20 of 32 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2021-04-07T05:32:03.064669-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
2
2021-04-07T05:32:03.559215-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
3
2021-04-07T05:32:05.240431-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
4
2021-04-07T05:32:07.310883-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
5
2021-04-07T05:32:03.589232-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
6
2021-04-07T05:32:03.602842-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
7
2021-04-07T05:32:03.593035-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
8
2021-04-07T05:32:04.272058-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
9
2021-04-07T05:32:04.277697-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
10
2021-04-07T05:32:04.937221-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
11
2021-04-07T05:32:17.368221-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
12
2021-04-07T05:32:30.840285-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
13
2021-04-07T05:32:07.654912-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
14
2021-04-07T05:32:19.275669-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
15
2021-04-07T05:32:34.971962-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
16
2021-04-07T05:32:30.538319-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
17
2021-04-07T05:32:36.028987-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
18
2021-04-07T05:32:42.117728-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
19
2021-04-07T05:32:42.929686-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
20
2021-04-07T05:32:36.776925-0700192.168.1.93165.225.12.35ET POLICY HTTP traffic on port 443 (CONNECT)*
DNS 68
Showing 1-20 of 68 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2021-04-07T05:32:01.607000-0700192.168.1.93195.130.130.4queryapi.smartscreen.microsoft.comA(not set)
2
2021-04-07T05:32:01.639132-0700192.168.1.93195.130.131.4queryapi.smartscreen.microsoft.comA(not set)
3
2021-04-07T05:32:02.802316-0700192.168.1.93195.130.130.4querydefault.exp-tas.comA(not set)
4
2021-04-07T05:32:02.973201-0700192.168.1.93195.130.130.4queryupdate.code.visualstudio.comA(not set)
5
2021-04-07T05:32:01.649578-0700195.130.130.4192.168.1.93answerapi.smartscreen.microsoft.comA(not set)
6
2021-04-07T05:32:01.706794-0700195.130.131.4192.168.1.93answerapi.smartscreen.microsoft.comA(not set)
7
2021-04-07T05:32:03.002557-0700195.130.130.4192.168.1.93answerupdate.code.visualstudio.comA(not set)
8
2021-04-07T05:32:02.328653-0700192.168.1.93195.130.130.4query1-674-1670666089-033.rt.yammer.comA(not set)
9
2021-04-07T05:32:02.360209-0700192.168.1.93195.130.131.4query1-674-1670666089-033.rt.yammer.comA(not set)
10
2021-04-07T05:32:02.383094-0700195.130.130.4192.168.1.93answer1-674-1670666089-033.rt.yammer.comA(not set)
11
2021-04-07T05:32:02.394207-0700195.130.131.4192.168.1.93answer1-674-1670666089-033.rt.yammer.comA(not set)
12
2021-04-07T05:32:05.180015-0700192.168.1.93195.130.130.4queryvscodeexperiments.azureedge.netA(not set)
13
2021-04-07T05:32:05.196287-0700195.130.130.4192.168.1.93answervscodeexperiments.azureedge.netA(not set)
14
2021-04-07T05:32:02.834203-0700192.168.1.93195.130.131.4querydefault.exp-tas.comA(not set)
15
2021-04-07T05:32:02.849952-0700195.130.131.4192.168.1.93answerdefault.exp-tas.comA(not set)
16
2021-04-07T05:32:03.359798-0700192.168.1.93195.130.130.4querydc.services.visualstudio.comA(not set)
17
2021-04-07T05:32:03.385164-0700195.130.130.4192.168.1.93answerdc.services.visualstudio.comA(not set)
18
2021-04-07T05:32:03.443150-0700192.168.1.93195.130.130.4querydc.services.visualstudio.comA(not set)
19
2021-04-07T05:32:03.475324-0700192.168.1.93195.130.131.4querydc.services.visualstudio.comA(not set)
20
2021-04-07T05:32:03.510200-0700195.130.130.4192.168.1.93answerdc.services.visualstudio.comA(not set)
TLS 52
Showing 1-20 of 52 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2021-04-07T05:32:01.931191-0700192.168.1.9352.164.226.245TLS 1.2api.smartscreen.microsoft.com
2
2021-04-07T05:32:02.945434-0700192.168.1.9313.107.13.93TLS 1.2default.exp-tas.com
3
2021-04-07T05:32:01.734126-0700192.168.1.9352.164.226.245TLS 1.2api.smartscreen.microsoft.com
4
2021-04-07T05:32:02.455947-0700192.168.1.9313.107.6.159TLS 1.21-674-1670666089-033.rt.yammer.com
5
2021-04-07T05:32:03.089622-0700192.168.1.93165.225.12.35TLS 1.2update.code.visualstudio.com
6
2021-04-07T05:32:05.281283-0700192.168.1.93165.225.12.35TLS 1.3vscodeexperiments.azureedge.net
7
2021-04-07T05:32:07.408089-0700192.168.1.93165.225.12.35TLS 1.2api.registry.platformio.org
8
2021-04-07T05:32:03.603385-0700192.168.1.93165.225.12.35TLS 1.2dc.services.visualstudio.com
9
2021-04-07T05:32:03.635017-0700192.168.1.93165.225.12.35TLS 1.2dc.services.visualstudio.com
10
2021-04-07T05:32:03.771948-0700192.168.1.93165.225.12.35TLS 1.2dc.services.visualstudio.com
11
2021-04-07T05:32:03.585851-0700192.168.1.9352.164.226.245TLS 1.2api.smartscreen.microsoft.com
12
2021-04-07T05:32:03.623310-0700192.168.1.93165.225.12.35TLS 1.2dc.services.visualstudio.com
13
2021-04-07T05:32:03.858413-0700192.168.1.9313.107.42.18TLS 1.2marketplace.visualstudio.com
14
2021-04-07T05:32:04.312920-0700192.168.1.93165.225.12.35TLS 1.2dc.services.visualstudio.com
15
2021-04-07T05:32:04.344470-0700192.168.1.93165.225.12.35TLS 1.2dc.services.visualstudio.com
16
2021-04-07T05:32:04.352833-0700192.168.1.9313.107.13.93TLS 1.2default.exp-tas.com
17
2021-04-07T05:32:17.384224-0700192.168.1.93165.225.12.35TLS 1.3mail.telenet.be
18
2021-04-07T05:32:09.872400-0700192.168.1.9340.79.154.83TLS 1.286ec0aee-6f7d-4205-8e0e-e44177bf30cc.ods.opinsights.azure.com
19
2021-04-07T05:32:07.760699-0700192.168.1.93165.225.12.35TLS 1.2dl.registry.platformio.org
20
2021-04-07T05:32:30.878639-0700192.168.1.93165.225.12.35TLS 1.2outlook.office365.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 44
Showing 1-20 of 44 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2021-04-07T05:31:54.922954-0700192.168.1.93gateway.zscalerthree.net80GET/generate_204204
2
2021-04-07T05:31:58.115084-0700192.168.1.93gateway.zscalerthree.net80GET/generate_204204
3
2021-04-07T05:32:01.247388-0700192.168.1.93gateway.zscalerthree.net80GET/generate_204204
4
2021-04-07T05:31:54.922221-0700127.0.0.1gateway.zscalerthree.net9000GEThttp://gateway.zscalerthree.net:80/generate_204204
5
2021-04-07T05:32:00.826145-0700192.168.1.93192.168.1.1937678GET/nservice/200
6
2021-04-07T05:31:58.115024-0700127.0.0.1gateway.zscalerthree.net9000GEThttp://gateway.zscalerthree.net:80/generate_204204
7
2021-04-07T05:32:01.247276-0700127.0.0.1gateway.zscalerthree.net9000GEThttp://gateway.zscalerthree.net:80/generate_204204
8
2021-04-07T05:32:03.064669-0700192.168.1.93update.code.visualstudio.com443CONNECTupdate.code.visualstudio.com:443200
9
2021-04-07T05:32:03.559215-0700192.168.1.93dc.services.visualstudio.com443CONNECTdc.services.visualstudio.com:443200
10
2021-04-07T05:32:05.240431-0700192.168.1.93vscodeexperiments.azureedge.net443CONNECTvscodeexperiments.azureedge.net:443200
11
2021-04-07T05:32:07.310883-0700192.168.1.93api.registry.platformio.org443CONNECTapi.registry.platformio.org:443200
12
2021-04-07T05:32:03.589232-0700192.168.1.93dc.services.visualstudio.com443CONNECTdc.services.visualstudio.com:443200
13
2021-04-07T05:32:03.602842-0700192.168.1.93dc.services.visualstudio.com443CONNECTdc.services.visualstudio.com:443200
14
2021-04-07T05:32:03.593035-0700192.168.1.93dc.services.visualstudio.com443CONNECTdc.services.visualstudio.com:443200
15
2021-04-07T05:32:04.272058-0700192.168.1.93dc.services.visualstudio.com443CONNECTdc.services.visualstudio.com:443200
16
2021-04-07T05:32:04.277697-0700192.168.1.93dc.services.visualstudio.com443CONNECTdc.services.visualstudio.com:443200
17
2021-04-07T05:32:04.417394-0700192.168.1.93gateway.zscalerthree.net80GET/generate_204204
18
2021-04-07T05:32:04.417040-0700127.0.0.1gateway.zscalerthree.net9000GEThttp://gateway.zscalerthree.net:80/generate_204204
19
2021-04-07T05:32:07.608233-0700192.168.1.93gateway.zscalerthree.net80GET/generate_204204
20
2021-04-07T05:32:07.607525-0700127.0.0.1gateway.zscalerthree.net9000GEThttp://gateway.zscalerthree.net:80/generate_204204
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 415
Showing 1-20 of 415 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2021-04-07T05:32:53.642680-07001548454463440070flowfe80:0000:0000:0000:7c68:6bea:6321:ab5455496ff02:0000:0000:0000:0000:0000:0001:00035355UDPpcapanalyzer
2
2021-04-07T05:32:53.642680-07001267164170679770flow192.168.1.9364111165.225.12.35443TCPpcapanalyzer
3
2021-04-07T05:32:53.642680-07001267288724126905flow192.168.17.161566239.255.255.2501900UDPpcapanalyzer
4
2021-04-07T05:32:53.642680-07001690196974057179flow192.168.157.158673224.0.0.2525355UDPpcapanalyzer
5
2021-04-07T05:32:53.642680-0700564335721794701flowfe80:0000:0000:0000:7c68:6bea:6321:ab54546ff02:0000:0000:0000:0000:0000:0001:0002547UDPpcapanalyzer
6
2021-04-07T05:32:53.642680-07001268396826710309flow127.0.0.164241127.0.0.18031TCPpcapanalyzer
7
2021-04-07T05:32:53.642680-07002113264137443134flow192.168.157.15353224.0.0.2515353UDPpcapanalyzer
8
2021-04-07T05:32:53.642680-07001129080972328647flow127.0.0.164213127.0.0.18048TCPpcapanalyzer
9
2021-04-07T05:32:53.642680-0700988502397594362flow192.168.1.9364129165.225.12.35443TCPpcapanalyzer
10
2021-04-07T05:32:53.642680-07001833374005998635flow192.168.1.9351077255.255.255.255161UDPpcapanalyzer
11
2021-04-07T05:32:53.642680-0700707637309150742flow192.168.1.19356848239.255.255.25015600UDPpcapanalyzer
12
2021-04-07T05:32:53.642680-07001833940941539442flow192.168.1.19352434192.168.1.25515600UDPpcapanalyzer
13
2021-04-07T05:32:53.642680-0700145615065335052flowfe80:0000:0000:0000:7c68:6bea:6321:ab54(not set)ff02:0000:0000:0000:0000:0000:0000:0016(not set)IPv6-ICMPpcapanalyzer
14
2021-04-07T05:32:53.642680-0700286721921179581flow192.168.1.936410413.107.6.159443TCPpcapanalyzer
15
2021-04-07T05:32:53.642680-07001272369671283829flow127.0.0.164195127.0.0.18013TCPpcapanalyzer
16
2021-04-07T05:32:53.642680-07002116944925461190flow127.0.0.164260127.0.0.18044TCPpcapanalyzer
17
2021-04-07T05:32:53.642680-0700428211028268684flow192.168.1.935353224.0.0.2515353UDPpcapanalyzer
18
2021-04-07T05:32:53.642680-0700146882081178404flow127.0.0.164170127.0.0.18046TCPpcapanalyzer
19
2021-04-07T05:32:53.642680-07001835972460863626flow127.0.0.164285127.0.0.18016TCPpcapanalyzer
20
2021-04-07T05:32:53.642680-07001414159426637842flow127.0.0.164199127.0.0.18034TCPpcapanalyzer
File 2
Showing 1-2 of 2 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2021-04-07T05:32:00.826145-0700192.168.1.193192.168.1.93/nservice/XML 1.0 document, ASCII text, with CRLF line terminators1424
2
2021-04-07T05:32:35.695795-0700127.0.0.1127.0.0.1/conntestASCII text, with no line terminators226

Comments(not set)

Update Download PCAP Delete