capture.pcap

MD58e7f90712a4aee7dd97d8378be3229fe
Submission Date2019-08-22 14:33:21
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-08-22T14:28:16.876681-070010.15.1.6410.96.23.37ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 14
Showing 1-14 of 14 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-08-22T14:28:00.752486-070010.15.1.6410.96.36.159TLS 1.210.96.36.159
2
2019-08-22T14:28:11.916245-070010.96.36.15910.15.1.64TLS 1.2(not set)
3
2019-08-22T14:28:12.174551-070010.96.36.15910.15.1.64TLS 1.2(not set)
4
2019-08-22T14:28:12.160098-070010.15.5.10410.15.1.65TLS 1.2(not set)
5
2019-08-22T14:28:12.258225-070010.15.1.6410.96.46.70TLS 1.210.96.46.70
6
2019-08-22T14:28:12.322986-070010.15.1.6410.96.36.159TLS 1.210.96.36.159
7
2019-08-22T14:28:12.576260-070010.15.5.14110.15.1.64TLS 1.2(not set)
8
2019-08-22T14:28:12.723237-070010.96.36.15910.15.1.64TLS 1.2(not set)
9
2019-08-22T14:28:12.494568-070010.96.36.15910.15.1.64TLS 1.2(not set)
10
2019-08-22T14:28:15.763531-070010.15.1.6410.96.36.159TLS 1.210.96.36.159
11
2019-08-22T14:28:13.021767-070010.96.36.15910.15.1.64TLS 1.2(not set)
12
2019-08-22T14:28:13.411869-070010.96.36.15910.15.1.64TLS 1.2(not set)
13
2019-08-22T14:28:14.761344-070010.15.5.4810.15.1.65TLS 1.210.15.1.65
14
2019-08-22T14:28:15.743667-070010.15.5.14110.15.1.64TLS 1.2(not set)
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 91
Showing 1-20 of 91 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-08-22T14:27:59.046394-0700127.0.0.1127.0.0.163501POST/webguiapp/post/AjaxPoller200
2
2019-08-22T14:27:59.082073-0700127.0.0.1127.0.0.163503POST/200
3
2019-08-22T14:28:03.070838-070010.15.1.6410.96.36.2248022POST/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTC500
4
2019-08-22T14:28:04.630093-070010.15.1.6410.96.36.2248022POST/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTC500
5
2019-08-22T14:28:03.113637-070010.15.1.6410.15.5.1418090POST/mockbdHistoricoTransaccionesTCSOAP12Http200
6
2019-08-22T14:28:03.183121-070010.15.5.14110.15.1.648090GET/cards/498876554567891-DOPUSD500
7
2019-08-22T14:28:03.677494-0700127.0.0.1127.102.232.2172444GET/ODCInfo/ODCInfo?c=analytics-lb200
8
2019-08-22T14:28:06.011565-070010.15.1.6410.96.36.2248022POST/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTC500
9
2019-08-22T14:28:04.661911-070010.15.1.6410.15.5.1418090POST/mockbdHistoricoTransaccionesTCSOAP12Http200
10
2019-08-22T14:28:04.744024-070010.15.5.14110.15.1.648090GET/cards/498876554567891-DOPUSD500
11
2019-08-22T14:28:06.040238-070010.15.1.6410.15.5.1418090POST/mockbdHistoricoTransaccionesTCSOAP12Http200
12
2019-08-22T14:28:12.003079-0700127.0.0.1127.0.0.163501POST/webguiapp/post/dpMgmtAjax/regex-match200
13
2019-08-22T14:28:06.091685-070010.15.5.14110.15.1.648090GET/cards/498876554567891-DOPUSD500
14
2019-08-22T14:28:12.018635-0700127.0.0.1127.0.0.163503POST/200
15
2019-08-22T14:28:12.029304-0700127.0.0.1127.0.0.163501POST/webguiapp/post/dpMgmtAjax/regex-match200
16
2019-08-22T14:28:12.058327-0700127.0.0.1127.0.0.163501POST/webguiapp/post/dpMgmtAjax/regex-match200
17
2019-08-22T14:28:12.039090-0700127.0.0.1127.0.0.163503POST/200
18
2019-08-22T14:28:12.099775-0700127.0.0.1127.0.0.163501POST/webguiapp/post/dpMgmtAjax/regex-match200
19
2019-08-22T14:28:12.058236-0700127.0.0.1127.0.0.163503POST/200
20
2019-08-22T14:28:12.123817-0700127.0.0.1127.0.0.163501POST/webguiapp/post/dpMgmtAjax/regex-match200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 152
Showing 1-20 of 152 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-08-22T14:28:17.554044-07001689161395102566flow127.0.0.139575127.0.0.163501TCPpcapanalyzer
2
2019-08-22T14:28:17.554044-0700985959284115369flow10.15.1.641618410.96.36.2248022TCPpcapanalyzer
3
2019-08-22T14:28:17.554044-07001830418574550092flow127.0.0.136936127.0.0.163503TCPpcapanalyzer
4
2019-08-22T14:28:17.554044-07001408588361524087flow127.0.0.136864127.0.0.163503TCPpcapanalyzer
5
2019-08-22T14:28:17.554044-0700142073372884378flow127.0.0.139517127.0.0.163501TCPpcapanalyzer
6
2019-08-22T14:28:17.554044-0700986545547657428flow127.0.0.139511127.0.0.163501TCPpcapanalyzer
7
2019-08-22T14:28:17.554044-07001831112211051346flow10.15.1.641827610.96.23.371433TCPpcapanalyzer
8
2019-08-22T14:28:17.554044-07001549998012287589flow10.15.1.642378410.96.36.1599443TCPpcapanalyzer
9
2019-08-22T14:28:17.554044-0700565975907629571flow127.0.0.139523127.0.0.163501TCPpcapanalyzer
10
2019-08-22T14:28:17.554044-0700848084392053798flow127.0.0.136944127.0.0.163503TCPpcapanalyzer
11
2019-08-22T14:28:17.554044-07001413370807630101flow127.0.0.139553127.0.0.163501TCPpcapanalyzer
12
2019-08-22T14:28:17.554044-07001131955960359274flow10.15.1.641898210.96.23.371433TCPpcapanalyzer
13
2019-08-22T14:28:17.554044-07001839266207536400flow127.0.0.136974127.0.0.163503TCPpcapanalyzer
14
2019-08-22T14:28:17.554044-07001839768718685919flow127.0.0.136972127.0.0.163503TCPpcapanalyzer
15
2019-08-22T14:28:17.554044-07002123346081557595flow10.15.1.64555010.96.36.15943683TCPpcapanalyzer
16
2019-08-22T14:28:17.554044-0700294115215235510flow127.0.0.149390127.102.232.2172444TCPpcapanalyzer
17
2019-08-22T14:28:17.554044-07001703029844488435flow127.0.0.139551127.0.0.163501TCPpcapanalyzer
18
2019-08-22T14:28:17.554044-07002126043320415225flow10.15.1.641617610.96.36.2248022TCPpcapanalyzer
19
2019-08-22T14:28:17.554044-07001423833347955391flow10.15.5.1415518210.15.1.649090TCPpcapanalyzer
20
2019-08-22T14:28:17.554044-07001986989459007539flow10.15.1.645832610.96.23.371433TCPpcapanalyzer
File 166
Showing 1-20 of 166 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-08-22T14:27:59.046310-0700127.0.0.1127.0.0.1/webguiapp/post/AjaxPollerASCII text, with CRLF line terminators65
2
2019-08-22T14:27:59.046394-0700127.0.0.1127.0.0.1/webguiapp/post/AjaxPollerASCII text, with CRLF line terminators65
3
2019-08-22T14:27:59.056378-0700127.0.0.1127.0.0.1/XML 1.0 document, ASCII text, with very long lines356
4
2019-08-22T14:27:59.082073-0700127.0.0.1127.0.0.1/XML 1.0 document, ASCII text315
5
2019-08-22T14:28:03.070197-070010.15.1.6410.96.36.224/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTCXML 1.0 document, ASCII text, with very long lines2485
6
2019-08-22T14:28:03.070838-070010.96.36.22410.15.1.64/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTCXML 1.0 document, ASCII text, with very long lines1111
7
2019-08-22T14:28:03.090743-070010.15.1.6410.15.5.141/mockbdHistoricoTransaccionesTCSOAP12HttpXML 1.0 document, ASCII text, with very long lines2485
8
2019-08-22T14:28:03.155239-0700127.0.0.1127.0.0.1/loopbackASCII text277
9
2019-08-22T14:28:03.061416-0700127.0.0.1127.0.0.1/libhtp::request_uri_not_seenXML 1.0 document, ASCII text120
10
2019-08-22T14:28:03.087806-0700127.0.0.1127.0.0.1/libhtp::request_uri_not_seenXML 1.0 document, ASCII text120
11
2019-08-22T14:28:04.627531-070010.15.1.6410.96.36.224/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTCXML 1.0 document, ASCII text, with very long lines2485
12
2019-08-22T14:28:04.630093-070010.96.36.22410.15.1.64/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTCXML 1.0 document, ASCII text, with very long lines1111
13
2019-08-22T14:28:03.113637-070010.15.5.14110.15.1.64/mockbdHistoricoTransaccionesTCSOAP12Httpexported SGML document, ASCII text2988
14
2019-08-22T14:28:04.726418-0700127.0.0.1127.0.0.1/loopbackASCII text277
15
2019-08-22T14:28:03.183121-070010.15.1.6410.15.5.141/cards/498876554567891-DOPUSDXML 1.0 document, ASCII text254
16
2019-08-22T14:28:03.677494-0700127.102.232.217127.0.0.1/ODCInfo/ODCInfoASCII text225
17
2019-08-22T14:28:06.008483-070010.15.1.6410.96.36.224/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTCXML 1.0 document, ASCII text, with very long lines2485
18
2019-08-22T14:28:04.646972-070010.15.1.6410.15.5.141/mockbdHistoricoTransaccionesTCSOAP12HttpXML 1.0 document, ASCII text, with very long lines2485
19
2019-08-22T14:28:06.011565-070010.96.36.22410.15.1.64/services/s12/ProductosServicios/Productos/HistoricoTransaccionesTCXML 1.0 document, ASCII text, with very long lines1111
20
2019-08-22T14:28:04.661911-070010.15.5.14110.15.1.64/mockbdHistoricoTransaccionesTCSOAP12Httpexported SGML document, ASCII text2988

Comments(not set)

Update Download PCAP Delete