log.pcap

MD59b28455fde502f8ce8121a98f44fd426
Submission Date2019-08-15 14:47:17
Tags(not set)
Alert 21
Showing 1-20 of 21 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-15T13:17:24.833063-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
2
2019-08-15T13:19:46.926143-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
3
2019-08-15T13:21:37.482842-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
4
2019-08-15T13:23:38.601897-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
5
2019-08-15T13:25:59.931799-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
6
2019-08-15T13:27:51.952723-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
7
2019-08-15T13:29:58.054439-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
8
2019-08-15T13:31:50.401905-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
9
2019-08-15T13:34:02.505289-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
10
2019-08-15T13:36:06.823581-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
11
2019-08-15T13:37:56.673693-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
12
2019-08-15T13:39:51.707118-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
13
2019-08-15T13:41:58.281803-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
14
2019-08-15T13:42:16.141386-0700172.31.29.164169.254.169.254ET POLICY curl User-Agent Outbound*
15
2019-08-15T13:44:01.899299-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
16
2019-08-15T13:45:38.640033-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
17
2019-08-15T13:48:16.427778-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
18
2019-08-15T13:49:31.513525-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
19
2019-08-15T13:52:03.183126-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
20
2019-08-15T13:54:02.539073-0700192.250.197.246172.31.29.164ET SCAN Potential SSH Scan*
DNS 28
Showing 1-20 of 28 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-08-15T13:25:12.666689-0700172.31.29.164172.31.0.2query120.104.83.51.in-addr.arpaPTR(not set)
2
2019-08-15T13:25:12.668498-0700172.31.0.2172.31.29.164answer120.104.83.51.in-addr.arpaPTR(not set)
3
2019-08-15T13:25:12.668639-0700172.31.29.164172.31.0.2queryip-51-83-104.euA(not set)
4
2019-08-15T13:25:12.670413-0700172.31.0.2172.31.29.164answerip-51-83-104.euA(not set)
5
2019-08-15T13:29:33.027831-0700172.31.29.164172.31.0.2query120.153.47.115.in-addr.arpaPTR(not set)
6
2019-08-15T13:29:33.029585-0700172.31.0.2172.31.29.164answer120.153.47.115.in-addr.arpaPTR(not set)
7
2019-08-15T13:50:52.561891-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
8
2019-08-15T13:50:52.561910-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
9
2019-08-15T13:50:52.575018-0700172.31.0.2172.31.29.164answerfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
10
2019-08-15T13:50:52.580166-0700172.31.0.2172.31.29.164answerfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
11
2019-08-15T13:50:54.812482-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
12
2019-08-15T13:50:54.812502-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
13
2019-08-15T13:50:54.812807-0700172.31.0.2172.31.29.164answerfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
14
2019-08-15T13:50:54.812826-0700172.31.0.2172.31.29.164answerfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
15
2019-08-15T13:50:54.591732-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
16
2019-08-15T13:50:54.591751-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
17
2019-08-15T13:50:54.592181-0700172.31.0.2172.31.29.164answerfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
18
2019-08-15T13:50:54.592201-0700172.31.0.2172.31.29.164answerfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
19
2019-08-15T13:50:59.623840-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comA(not set)
20
2019-08-15T13:50:59.623860-0700172.31.29.164172.31.0.2queryfoograde.cbhujo2qzopt.us-east-1.rds.amazonaws.comAAAA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 2
Showing 1-2 of 2 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-15T13:42:16.141386-0700172.31.29.164169.254.169.25480GET/latest/meta-data/network/interfaces/macs/0e:08:40:15:c2:5d/local-ipv4s200
2
2019-08-15T13:44:19.408993-0700176.98.219.12152.3.212.9580GET/200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 2821
Showing 1-20 of 2,821 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-15T13:42:55.659104-07001408645083237442flow172.31.29.16480192.250.197.24650460TCPpcapanalyzer
2
2019-08-15T13:42:55.659104-0700299078937349185flow172.31.29.16422192.250.197.24648470TCPpcapanalyzer
3
2019-08-15T13:42:55.659104-07001146123797859406flow172.31.29.16480192.250.197.24654356TCPpcapanalyzer
4
2019-08-15T13:42:55.659104-0700726320809049851flow172.31.29.16422192.250.197.24638138TCPpcapanalyzer
5
2019-08-15T13:42:55.659104-0700737453364412169flow172.31.29.16422192.250.197.24633748TCPpcapanalyzer
6
2019-08-15T13:42:55.659104-07001728761880834500flow172.31.29.16422192.250.197.24663954TCPpcapanalyzer
7
2019-08-15T13:42:55.659104-07002021493967221189flow172.31.29.16480192.250.197.24658598TCPpcapanalyzer
8
2019-08-15T13:42:55.659104-07002029293628096264flow172.31.29.16422192.250.197.24660739TCPpcapanalyzer
9
2019-08-15T13:42:55.659104-0700762922520215295flow172.31.29.16480192.250.197.24660945TCPpcapanalyzer
10
2019-08-15T13:42:55.659104-0700210512417190358flow172.31.29.16480192.250.197.24636371TCPpcapanalyzer
11
2019-08-15T13:42:55.659104-0700215571888199506flow172.31.29.16422192.250.197.24655346TCPpcapanalyzer
12
2019-08-15T13:42:55.659104-07001484562925747955flow172.31.29.16480192.250.197.24644204TCPpcapanalyzer
13
2019-08-15T13:42:55.659104-0700664404561031619flow172.31.29.16480192.250.197.24664377TCPpcapanalyzer
14
2019-08-15T13:42:55.659104-0700676267260699784flow172.31.29.16422192.250.197.24656772TCPpcapanalyzer
15
2019-08-15T13:42:55.659104-07001805332557853149flow172.31.29.16480192.250.197.24638622TCPpcapanalyzer
16
2019-08-15T13:42:55.659104-07001813802233291911flow172.31.29.16480192.250.197.24644570TCPpcapanalyzer
17
2019-08-15T13:42:55.659104-07001403757410978883flow172.31.29.16422192.250.197.24665138TCPpcapanalyzer
18
2019-08-15T13:42:55.659104-0700704055698784007flow172.31.29.16480192.250.197.24641014TCPpcapanalyzer
19
2019-08-15T13:42:55.659104-0700422756815460189flow172.31.29.16422192.250.197.24638681TCPpcapanalyzer
20
2019-08-15T13:42:55.659104-0700704377821310270flow192.250.197.24641468172.31.29.16480TCPpcapanalyzer
File 2
Showing 1-2 of 2 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-15T13:42:16.141386-0700169.254.169.254172.31.29.164/latest/meta-data/network/interfaces/macs/0e:08:40:15:c2:5d/local-ipv4sASCII text, with no line terminators13
2
2019-08-15T13:44:19.408993-0700172.31.29.164176.98.219.121/HTML document, UTF-8 Unicode text4947

Comments(not set)

Update Download PCAP Delete