analysis.pcap

MD549e1e0209c2d72e1d459c3d8d04525fc
Submission Date2019-08-04 13:44:08
Tags(not set)
Alert 72
Showing 1-20 of 72 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-05-10T01:19:28.956340-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
2
2019-05-10T01:19:28.956689-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
3
2019-05-10T01:19:28.972944-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
4
2019-05-10T01:19:28.956218-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
5
2019-05-10T01:19:28.981917-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
6
2019-05-10T01:19:28.956921-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
7
2019-05-10T01:19:28.965317-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
8
2019-05-10T01:19:28.983432-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
9
2019-05-10T01:19:28.962366-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
10
2019-05-10T01:19:28.965352-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
11
2019-05-10T01:19:28.966035-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
12
2019-05-10T01:19:28.984719-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
13
2019-05-10T01:19:28.966483-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
14
2019-05-10T01:19:28.989516-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
15
2019-05-10T01:19:28.992329-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
16
2019-05-10T01:19:28.968066-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
17
2019-05-10T01:19:29.011508-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
18
2019-05-10T01:19:29.011508-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
19
2019-05-10T01:19:29.011508-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
20
2019-05-10T01:19:29.011508-0700192.168.149.136192.168.149.131ET SCAN Possible Nmap User-Agent Observed*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 43
Showing 1-20 of 43 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-05-10T01:19:00.620771-0700192.168.149.136192.168.149.131TLS 1.2(not set)
2
2019-05-10T01:18:49.572196-0700192.168.149.136192.168.149.131TLS 1.2(not set)
3
2019-05-10T01:19:28.942382-0700192.168.149.136192.168.149.131TLS 1.2(not set)
4
2019-05-10T01:19:28.944559-0700192.168.149.136192.168.149.131TLS 1.2(not set)
5
2019-05-10T01:19:28.940025-0700192.168.149.136192.168.149.131TLS 1.2(not set)
6
2019-05-10T01:19:28.941311-0700192.168.149.136192.168.149.131TLS 1.2(not set)
7
2019-05-10T01:19:28.945700-0700192.168.149.136192.168.149.131TLS 1.2(not set)
8
2019-05-10T01:19:28.938947-0700192.168.149.136192.168.149.131TLS 1.2(not set)
9
2019-05-10T01:19:28.943465-0700192.168.149.136192.168.149.131TLS 1.2(not set)
10
2019-05-10T01:19:28.976181-0700192.168.149.136192.168.149.131TLS 1.2(not set)
11
2019-05-10T01:19:28.990602-0700192.168.149.136192.168.149.131TLS 1.2(not set)
12
2019-05-10T01:19:28.993747-0700192.168.149.136192.168.149.131TLS 1.2(not set)
13
2019-05-10T01:19:29.017219-0700192.168.149.136192.168.149.131TLS 1.2(not set)
14
2019-05-10T01:19:28.989523-0700192.168.149.136192.168.149.131TLS 1.2(not set)
15
2019-05-10T01:19:28.995483-0700192.168.149.136192.168.149.131TLS 1.2(not set)
16
2019-05-10T01:19:29.031990-0700192.168.149.136192.168.149.131TLS 1.2(not set)
17
2019-05-10T01:19:29.047357-0700192.168.149.136192.168.149.131TLS 1.2(not set)
18
2019-05-10T01:19:29.034168-0700192.168.149.136192.168.149.131TLS 1.2(not set)
19
2019-05-10T01:19:29.045018-0700192.168.149.136192.168.149.131TLS 1.2(not set)
20
2019-05-10T01:19:29.054801-0700192.168.149.136192.168.149.131TLS 1.2(not set)
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 4910
Showing 1-20 of 4,910 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-05-10T01:18:49.557778-0700192.168.149.136(not set)8191GET/200
2
2019-05-10T01:18:44.541417-0700192.168.149.136(not set)80GET/200
3
2019-05-10T01:18:49.556395-0700192.168.149.136(not set)8000GET/303
4
2019-05-10T01:19:07.096336-0700192.168.149.136(not set)8191GET/nice%20ports%2C/Tri%6Eity.txt%2ebak200
5
2019-05-10T01:19:28.956340-0700192.168.149.136192.168.149.1318000GET/303
6
2019-05-10T01:19:28.956689-0700192.168.149.136192.168.149.1318000OPTIONS/303
7
2019-05-10T01:19:28.956728-0700192.168.149.136(not set)8000GET/303
8
2019-05-10T01:19:28.972944-0700192.168.149.136192.168.149.1318000POST/sdk303
9
2019-05-10T01:19:28.956218-0700192.168.149.136192.168.149.1318000GET/nmaplowercheck1557510561303
10
2019-05-10T01:19:28.981917-0700192.168.149.136192.168.149.1318000GET/HNAP1303
11
2019-05-10T01:19:28.956921-0700192.168.149.136192.168.149.1318000POST/303
12
2019-05-10T01:19:28.965317-0700192.168.149.136192.168.149.13180PROPFIND/200
13
2019-05-10T01:19:28.962366-0700192.168.149.136192.168.149.13180GET/nmaplowercheck1557510561404
14
2019-05-10T01:19:28.966035-0700192.168.149.136192.168.149.13180GET/.git/HEAD200
15
2019-05-10T01:19:28.983432-0700192.168.149.136192.168.149.13180GET/.gitignore404
16
2019-05-10T01:19:28.965352-0700192.168.149.136192.168.149.13180OPTIONS/200
17
2019-05-10T01:19:28.984719-0700192.168.149.136192.168.149.13180GET/HNAP1404
18
2019-05-10T01:19:28.989516-0700192.168.149.136192.168.149.13180OPTIONS/200
19
2019-05-10T01:19:28.966483-0700192.168.149.136192.168.149.13180POST/200
20
2019-05-10T01:19:28.993381-0700192.168.149.136192.168.149.1318000GET/en-US/303
SMB 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
1
2019-05-10T01:24:04.577915-0700192.168.149.136192.168.149.131unknownSMB1_COMMAND_NEGOTIATE_PROTOCOL00
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 922
Showing 1-20 of 922 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-05-10T01:20:12.792338-0700459096370175261flow192.168.149.13639008192.168.149.13130567UDPpcapanalyzer
2
2019-05-10T01:20:43.197093-07001273767911148172flow192.168.149.13639134192.168.149.1318000TCPpcapanalyzer
3
2019-05-10T01:20:43.197093-0700308620040260121flow192.168.149.13639134192.168.149.1318191TCPpcapanalyzer
4
2019-05-10T01:20:43.197093-07001453847299934798flow192.168.149.13639134192.168.149.1318089TCPpcapanalyzer
5
2019-05-10T01:20:43.197093-07001459669131330570flow192.168.149.13638957192.168.149.13133620TCPpcapanalyzer
6
2019-05-10T01:20:43.197093-0700903148743977275flow192.168.149.13638958192.168.149.13133620TCPpcapanalyzer
7
2019-05-10T01:20:43.197093-0700111427354282333flow192.168.149.13639134192.168.149.13180TCPpcapanalyzer
8
2019-05-10T01:24:04.577915-07001407380056945887flow192.168.149.13633566192.168.149.13180TCPpcapanalyzer
9
2019-05-10T01:24:04.577915-0700140751251673527flow192.168.149.13633722192.168.149.13180TCPpcapanalyzer
10
2019-05-10T01:24:04.577915-0700281512362374346flow192.168.149.13633606192.168.149.13180TCPpcapanalyzer
11
2019-05-10T01:24:04.577915-0700281606846777540flow192.168.149.13637968192.168.149.1318000TCPpcapanalyzer
12
2019-05-10T01:24:04.577915-07001126053256591041flow192.168.149.13633708192.168.149.13180TCPpcapanalyzer
13
2019-05-10T01:24:04.577915-07001970538316265009flow192.168.149.13633364192.168.149.13180TCPpcapanalyzer
14
2019-05-10T01:24:04.577915-07001266861611924210flow192.168.149.13632888192.168.149.13180TCPpcapanalyzer
15
2019-05-10T01:24:04.577915-0700281731405684075flow192.168.149.13632872192.168.149.13180TCPpcapanalyzer
16
2019-05-10T01:24:04.577915-0700141124913816013flow192.168.149.13633184192.168.149.13180TCPpcapanalyzer
17
2019-05-10T01:24:04.577915-0700281963333899075flow192.168.149.13633500192.168.149.13180TCPpcapanalyzer
18
2019-05-10T01:24:04.577915-0700845108708327154flow192.168.149.13632796192.168.149.13180TCPpcapanalyzer
19
2019-05-10T01:24:04.577915-0700985906321395556flow192.168.149.13635312192.168.149.1318089TCPpcapanalyzer
20
2019-05-10T01:24:04.577915-07002112038156438180flow192.168.149.13660414192.168.149.13180TCPpcapanalyzer
File 4907
Showing 1-20 of 4,907 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-05-10T01:18:44.541417-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines870
2
2019-05-10T01:18:49.556395-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with CRLF line terminators289
3
2019-05-10T01:18:49.557778-0700192.168.149.131192.168.149.136/ASCII text, with CRLF line terminators85
4
2019-05-10T01:19:07.096336-0700192.168.149.131192.168.149.136/nice ports,/Trinity.txt.bakASCII text, with CRLF line terminators85
5
2019-05-10T01:19:28.948032-0700192.168.149.136192.168.149.131/ASCII text, with no line terminators88
6
2019-05-10T01:19:28.956340-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines, with CRLF line terminators343
7
2019-05-10T01:19:28.956689-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines, with CRLF line terminators343
8
2019-05-10T01:19:28.972781-0700192.168.149.136192.168.149.131/sdkASCII text, with very long lines, with no line terminators441
9
2019-05-10T01:19:28.948746-0700192.168.149.136192.168.149.131/ASCII text, with no line terminators88
10
2019-05-10T01:19:28.972944-0700192.168.149.131192.168.149.136/sdkHTML document, ASCII text, with very long lines, with CRLF line terminators349
11
2019-05-10T01:19:28.956218-0700192.168.149.131192.168.149.136/nmaplowercheck1557510561HTML document, ASCII text, with very long lines, with CRLF line terminators391
12
2019-05-10T01:19:28.956921-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines, with CRLF line terminators343
13
2019-05-10T01:19:28.981917-0700192.168.149.131192.168.149.136/HNAP1HTML document, ASCII text, with very long lines, with CRLF line terminators353
14
2019-05-10T01:19:28.956728-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with CRLF line terminators289
15
2019-05-10T01:19:28.965317-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines870
16
2019-05-10T01:19:28.962366-0700192.168.149.131192.168.149.136/nmaplowercheck1557510561HTML document, ASCII text302
17
2019-05-10T01:19:28.983432-0700192.168.149.131192.168.149.136/.gitignoreHTML document, ASCII text288
18
2019-05-10T01:19:28.965352-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines870
19
2019-05-10T01:19:28.984719-0700192.168.149.131192.168.149.136/HNAP1HTML document, ASCII text283
20
2019-05-10T01:19:28.966483-0700192.168.149.131192.168.149.136/HTML document, ASCII text, with very long lines870

Comments(not set)

Update Download PCAP Delete