TCP DUMP AWS DNS

gistfile1.txt

2:00:27.289263 IP ip-10-0-20-50.ec2.internal.55258 > ec2-52-0-31-125.compute-1.amazonaws.com.https: Flags [R], seq 2682364080, win 0, length 0
12:00:27.292408 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 273:341, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 68
12:00:27.292750 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 341:377, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 36
12:00:27.292798 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 377:429, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.292838 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 429:481, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.292901 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 481:533, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.292947 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 533:585, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.292988 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 585:637, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.293078 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 637:673, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 36
12:00:27.293122 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 673:725, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.293161 IP ip-10-0-20-50.ec2.internal.ssh > ip-10-0-10-251.ec2.internal.60132: Flags [P.], seq 725:777, ack 140, win 379, options [nop,nop,TS val 9163032 ecr 410392078], length 52
12:00:27.298103 IP ip-10-0-20-50.ec2.internal.43604 > ip-10-0-0-2.ec2.internal.domain: 63898+ A? registry-1.docker.io. (38)
12:00:27.298184 IP ip-10-0-20-50.ec2.internal.58882 > ip-10-0-0-2.ec2.internal.domain: 63322+ AAAA? registry-1.docker.io. (38)
12:00:27.298488 IP ip-10-0-0-2.ec2.internal.domain > ip-10-0-20-50.ec2.internal.43604: 63898 5/0/0 CNAME us-east-1-elbio-rm5bon1qaeo4-623296237.us-east-1.elb.amazonaws.com., A 107.21.22.134, A 52
.0.31.125, A 52.6.136.158, A 54.164.219.90 (182)
12:00:27.298517 IP ip-10-0-0-2.ec2.internal.domain > ip-10-0-20-50.ec2.internal.58882: 63322 1/1/0 CNAME us-east-1-elbio-rm5bon1qaeo4-623296237.us-east-1.elb.amazonaws.com. (200)
12:00:27.298820 IP ip-10-0-20-50.ec2.internal.52087 > ip-10-0-0-2.ec2.internal.domain: 1457+ AAAA? registry-1.docker.io.ec2.internal. (51)
12:00:27.299092 IP ip-10-0-0-2.ec2.internal.domain > ip-10-0-20-50.ec2.internal.52087: 1457 NXDomain 0/1/0 (112)
12:00:27.299187 IP ip-10-0-20-50.ec2.internal.42112 > ec2-107-21-22-134.compute-1.amazonaws.com.https: Flags [S], seq 3115541448, win 26883, options [mss 8961,sackOK,TS val 9163034 ecr 0,nop,wsca
le 7], length 0
12:00:27.299220 IP ip-10-0-20-50.ec2.internal.42113 > ec2-107-21-22-134.compute-1.amazonaws.com.https: Flags [S], seq 2737712159, win 26883, options [mss 8961,sackOK,TS val 9163034 ecr 0,nop,wsca
le 7], length 0
12:00:27.299269 IP ip-10-0-20-50.ec2.internal.42114 > ec2-107-21-22-134.compute-1.amazonaws.com.https: Flags [S], seq 3414813140, win 26883, options [mss 8961,sackOK,TS val 9163034 ecr 0,nop,wsca
le 7], length 0
12:00:27.299308 IP ip-10-0-20-50.ec2.internal.42115 > ec2-107-21-22-134.compute-1.amazonaws.com.https: Flags [S], seq 2618813851, win 26883, options [mss 8961,sackOK,TS val 9163034 ecr 0,nop,wsca
le 7], length 0
12:00:27.300645 IP ec2-107-21-22-134.compute-1.amazonaws.com.https > ip-10-0-20-50.ec2.internal.42113: Flags [S.], seq 2047370571, ack 2737712160, win 14480, options [mss 1460,sackOK,TS val 49487
009 ecr 9163034,nop,wscale 8], length 0