2018_10_19__22_54_05.pcap

MD5	f4abda6a181ff069f3c39691e4369efd
Submission Date	2018-10-19 17:29:00
Tags	(not set)

Alert 8

Showing 1-8 of 8 items.

Timestamp

Src Ip

Dest Ip

Alert Signature

2018-10-19T13:54:12.213765-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:19.644127-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:13.916412-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:22.035211-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:13.916412-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:22.035211-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:12.213765-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

2018-10-19T13:54:19.644127-0700

10.0.0.2

10.0.0.138

ET SCAN Possible Nmap User-Agent Observed

DNS 4

Showing 1-4 of 4 items.

Timestamp

Src Ip

Dest Ip

Dns Type

Resource Record Name

Resource Record Type

Resource Data

2018-10-19T13:54:07.326277-0700

10.0.0.2

10.0.0.138

query

api.amplitude.com

(not set)

2018-10-19T13:54:07.353020-0700

10.0.0.138

10.0.0.2

answer

api.amplitude.com

(not set)

2018-10-19T13:54:07.326277-0700

10.0.0.2

10.0.0.138

query

api.amplitude.com

(not set)

2018-10-19T13:54:07.353020-0700

10.0.0.138

10.0.0.2

answer

api.amplitude.com

(not set)

TLS 12

Showing 1-12 of 12 items.

Timestamp

Source IP

Destination IP

TLS Version

Server Name Indication

2018-10-19T13:54:07.895164-0700

10.0.0.2

54.69.208.72

TLS 1.2

api.amplitude.com

2018-10-19T13:54:12.430196-0700

10.0.0.2

52.19.67.207

TLS 1.2

production.sweatco.in

2018-10-19T13:54:12.328019-0700

10.0.0.2

10.0.0.138

TLS 1.2

(not set)

2018-10-19T13:54:21.061652-0700

10.0.0.2

10.0.0.138

UNDETERMINED

(not set)

2018-10-19T13:54:23.146014-0700

10.0.0.2

10.0.0.138

UNDETERMINED

(not set)

2018-10-19T13:54:21.012079-0700

10.0.0.2

10.0.0.138

UNDETERMINED

(not set)

2018-10-19T13:54:12.328019-0700

10.0.0.2

10.0.0.138

TLS 1.2

(not set)

2018-10-19T13:54:07.895164-0700

10.0.0.2

54.69.208.72

TLS 1.2

api.amplitude.com

2018-10-19T13:54:12.430196-0700

10.0.0.2

52.19.67.207

TLS 1.2

production.sweatco.in

2018-10-19T13:54:21.061652-0700

10.0.0.2

10.0.0.138

UNDETERMINED

(not set)

2018-10-19T13:54:23.146014-0700

10.0.0.2

10.0.0.138

UNDETERMINED

(not set)

2018-10-19T13:54:21.012079-0700

10.0.0.2

10.0.0.138

UNDETERMINED

(not set)

TFTP 0

#	Timestamp	Src Ip	Dest Ip	Tftp Packet	Tftp File	Tftp Mode
No results found.

HTTP 8

Showing 1-8 of 8 items.

Timestamp

Source

Hostname

Port

Method

URL

Status

2018-10-19T13:54:12.213765-0700

10.0.0.2

10.0.0.138

443

OPTIONS

(not set)

2018-10-19T13:54:19.644127-0700

10.0.0.2

10.0.0.138

443

OPTIONS

(not set)

2018-10-19T13:54:22.042750-0700

10.0.0.2

10.0.0.138

OPTIONS

(not set)

2018-10-19T13:54:22.042750-0700

10.0.0.2

10.0.0.138

OPTIONS

(not set)

2018-10-19T13:54:12.213765-0700

10.0.0.2

10.0.0.138

443

OPTIONS

(not set)

2018-10-19T13:54:19.644127-0700

10.0.0.2

10.0.0.138

443

OPTIONS

(not set)

2018-10-19T13:54:21.113627-0700

10.0.0.2

10.0.0.138

OPTIONS

(not set)

2018-10-19T13:54:21.113627-0700

10.0.0.2

10.0.0.138

OPTIONS

(not set)

SMB 0

#		Timestamp	Src Ip	Dest Ip	SMB Dialect	Command	Session	Tree
No results found.

SMTP 0

#		Timestamp	Source	Destination	Email From	Email To	Subject
No results found.

Flow 58

Showing 1-20 of 58 items.

Timestamp

Flow Id

Event Type

Source

Source Port

Destination

Destination Port

Protocol

Host

2018-10-19T13:54:22.042750-0700

1548985398767772

flow

10.0.0.2

40295

52.19.67.207

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

425185730964733

flow

10.0.0.2

5353

224.0.0.251

5353

UDP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

290315167402121

flow

10.0.0.2

39647

10.0.0.138

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1847178535339484

flow

10.0.0.2

48389

54.69.208.72

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1004858139619043

flow

10.0.0.2

39654

10.0.0.138

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1710190553333670

flow

10.0.0.2

39637

10.0.0.138

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1712140468558959

flow

10.0.0.138

443

10.0.0.2

45425

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1016808885657069

flow

52.94.216.150

443

10.0.0.2

43687

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

2011441706915640

flow

31.13.84.49

5222

10.0.0.2

42571

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1729973173700131

flow

10.0.0.2

39597

10.0.0.138

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1456111025959399

flow

10.0.0.2

45433

10.0.0.138

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1463476895340930

flow

127.0.0.1

43120

127.0.0.1

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1050286008589550

flow

10.0.0.2

45431

10.0.0.138

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

921136342596205

flow

10.0.0.2

39614

10.0.0.138

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1074857516240498

flow

10.0.0.2

37568

50.16.211.190

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

2061252590633870

flow

10.0.0.2

39653

10.0.0.138

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1791749834930821

flow

10.0.0.2

41836

10.0.0.138

UDP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

1097365293070672

flow

127.0.0.1

43119

127.0.0.1

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

675393345653801

flow

10.0.0.2

40275

52.19.67.207

443

TCP

pcapanalyzer

2018-10-19T13:54:22.042750-0700

817936868058663

flow

10.0.0.2

40284

52.19.67.207

443

TCP

pcapanalyzer

File 0

#		Timestamp	Source	Destination	File Name	File Magic	File Size
No results found.

Comments	(not set)

Update Download PCAP Delete