pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 1-20 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2012-09-21T07:41:39.704863-0700172.18.3.11172.18.1.100querywww.google.co.ukA(not set)
2
2012-09-21T07:41:40.288015-0700172.18.3.11172.18.1.100queryplay.google.comA(not set)
3
2012-09-21T07:41:40.309850-0700172.18.3.11172.18.1.100querywww.youtube.comA(not set)
4
2012-09-21T07:41:40.337901-0700172.18.1.100172.18.3.11answerplay.google.comA(not set)
5
2012-09-21T07:41:40.339156-0700172.18.3.11172.18.1.100querynews.google.co.ukA(not set)
6
2012-09-21T07:41:40.339186-0700172.18.3.11172.18.1.100querymail.google.comA(not set)
7
2012-09-21T07:41:40.339973-0700172.18.1.100172.18.3.11answerwww.youtube.comA(not set)
8
2012-09-21T07:41:40.339974-0700172.18.1.100172.18.3.11answermail.google.comA(not set)
9
2012-09-21T07:41:40.340579-0700172.18.3.11172.18.1.100querydocs.google.comA(not set)
10
2012-09-21T07:41:40.341765-0700172.18.3.11172.18.1.100querybooks.google.co.ukA(not set)
11
2012-09-21T07:41:40.342098-0700172.18.1.100172.18.3.11answerbooks.google.co.ukA(not set)
12
2012-09-21T07:41:40.342539-0700172.18.3.11172.18.1.100querywww.blogger.comA(not set)
13
2012-09-21T07:41:40.363758-0700172.18.1.100172.18.3.11answernews.google.co.ukA(not set)
14
2012-09-21T07:41:40.363759-0700172.18.1.100172.18.3.11answerwww.blogger.comA(not set)
15
2012-09-21T07:41:40.365252-0700172.18.3.11172.18.1.100querypicasaweb.google.co.ukA(not set)
16
2012-09-21T07:41:40.380116-0700172.18.1.100172.18.3.11answerdocs.google.comA(not set)
17
2012-09-21T07:41:40.409792-0700172.18.1.100172.18.3.11answerpicasaweb.google.co.ukA(not set)
18
2012-09-21T07:41:40.287910-0700172.18.3.11172.18.1.100querymaps.google.co.ukA(not set)
19
2012-09-21T07:41:40.337900-0700172.18.1.100172.18.3.11answermaps.google.co.ukA(not set)
20
2012-09-21T07:41:40.381273-0700172.18.3.11172.18.1.100queryaccounts.google.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 1-20 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2012-09-21T07:41:40.427980-0700172.18.3.11www.google.com80GET/textinputassistant/tia.png200
2
2012-09-21T07:41:40.178861-0700172.18.3.11www.google.co.uk80GET/images/srpr/logo3w.png200
3
2012-09-21T07:41:40.291561-0700172.18.3.11www.google.co.uk80GET/images/swxa.gif200
4
2012-09-21T07:41:40.537934-0700172.18.3.11www.google.co.uk80GET/csi?v=3&s=webhp&action=&e=17259,37102,39523,39976,4000116,4000354,4000472,4000519,4000545,4000553,4000624,4000648,4000723,4000784,4000833,4000841,4000949,4000974,4001007,4001013&ei=CXtcUPLCNoXF0QX3o4GIDQ&imc=1&imn=1&imp=1&rt=xjsls.36,prt.41,xjses.266,xjsee.318,xjs.320,ol.399,iml.61,wsrt.183,cst.0,dnst.22,rqst.103,rspt.31204
5
2012-09-21T07:41:39.911086-0700172.18.3.11www.google.co.uk80GET/200
6
2012-09-21T07:41:44.482932-0700172.18.3.11www.bbc.co.uk80GET/favicon.ico200
7
2012-09-21T07:41:39.946369-0700172.18.3.11www.google.co.uk80GET/images/icons/product/chrome-48.png200
8
2012-09-21T07:41:44.597866-0700172.18.3.11static.bbci.co.uk80GET/frameworks/barlesque/2.10.0/desktop/3.5/img/blq-blocks_grey_alpha.png200
9
2012-09-21T07:41:44.585922-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/print.css200
10
2012-09-21T07:41:40.204621-0700172.18.3.11www.google.co.uk80GET/xjs/_/js/s/s,st,anim,jsa,c,sb,hv,wta,cr,cdos,nos,tbpr,tbui,rsn,ob,mb,lc,du,ada,amcl,klc,kat,aut,bihu,kp,lu,m,shb,tng,hsm,j,p,pcc,csi/rt=j/ver=Npnh78fj8FE.en_US./d=1/sv=1/rs=AItRSTPQPHplxSwT63aSYOfWgPS1dWhc4g200
11
2012-09-21T07:41:44.590623-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/mobile.css200
12
2012-09-21T07:41:44.614033-0700172.18.3.11news.bbc.co.uk80GET/301
13
2012-09-21T07:41:44.614931-0700172.18.3.11node1.bbcimg.co.uk80GET/glow/gloader.0.1.6.js200
14
2012-09-21T07:41:44.643648-0700172.18.3.11emp.bbci.co.uk80GET/emp/bump?emp=worldwide&enableClear=1301
15
2012-09-21T07:41:44.666045-0700172.18.3.11node2.bbcimg.co.uk80GET/iplayer/images/episode/b01mxvlw_150_84.jpg200
16
2012-09-21T07:41:40.283031-0700172.18.3.11www.google.co.uk80GET/extern_chrome/ff301ef4d48490c5.js200
17
2012-09-21T07:41:44.724056-0700172.18.3.11stats.bbc.co.uk80GET/o.gif?~RS~s~RS~News~RS~t~RS~HighWeb_Index~RS~i~RS~0~RS~p~RS~99854~RS~a~RS~Domestic~RS~u~RS~/news/~RS~r~RS~(none)~RS~q~RS~~RS~z~RS~54~RS~200
18
2012-09-21T07:41:44.732058-0700172.18.3.11www.bbc.co.uk80GET/news/200
19
2012-09-21T07:41:44.733613-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/components/components.css200
20
2012-09-21T07:41:40.373773-0700172.18.3.11ssl.gstatic.com80GET/gb/js/sem_9d2b852f41bb993a0833b0a332253abb.js200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 81-100 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
81
2012-09-21T07:43:38.102668-07001015046747382918flow172.18.3.1164572172.18.1.10053UDPpcapanalyzer
82
2012-09-21T07:43:38.102668-070029974525631780flow172.18.3.11657946.229.160.18380TCPpcapanalyzer
83
2012-09-21T07:43:38.102668-0700733704914522847flow172.18.3.1153871172.18.1.10053UDPpcapanalyzer
84
2012-09-21T07:43:38.102668-07001437482551830618flow172.18.3.11654698.124.224.24380TCPpcapanalyzer
85
2012-09-21T07:43:38.102668-07001015742533663495flow172.18.3.1154195172.18.1.10053UDPpcapanalyzer
86
2012-09-21T07:43:38.102668-0700735057830894817flow172.18.3.116568173.194.41.17380TCPpcapanalyzer
87
2012-09-21T07:43:38.102668-07001720662634011504flow172.18.3.116625212.58.244.8080TCPpcapanalyzer
88
2012-09-21T07:43:38.102668-07001861705061211135flow172.18.3.11648864.236.124.22980TCPpcapanalyzer
89
2012-09-21T07:43:38.102668-07002143334657142904flow172.18.3.11653294.127.77.6780TCPpcapanalyzer
90
2012-09-21T07:43:38.102668-0700173239602743460flow172.18.3.116592204.152.194.21880TCPpcapanalyzer
91
2012-09-21T07:43:38.102668-0700454766117294326flow172.18.3.1150757172.18.1.10053UDPpcapanalyzer
92
2012-09-21T07:43:38.102668-07001721762144105648flow172.18.3.116601204.152.194.21880TCPpcapanalyzer
93
2012-09-21T07:43:38.102668-070033023951099558flow172.18.3.1165344.71.33.16780TCPpcapanalyzer
94
2012-09-21T07:43:38.102668-0700877773151343008flow172.18.3.1152566172.18.1.10053UDPpcapanalyzer
95
2012-09-21T07:43:38.102668-0700174324080189534flow172.18.3.116553184.85.159.13980TCPpcapanalyzer
96
2012-09-21T07:43:38.102668-0700315630648409846flow172.18.3.11645480.239.254.2480TCPpcapanalyzer
97
2012-09-21T07:43:38.102668-0700456565708248652flow172.18.3.1157032172.18.1.10053UDPpcapanalyzer
98
2012-09-21T07:43:38.102668-070034804216865735flow172.18.3.116597173.254.205.23180TCPpcapanalyzer
99
2012-09-21T07:43:38.102668-0700316317845307884flow172.18.3.1164122172.18.1.10053UDPpcapanalyzer
100
2012-09-21T07:43:38.102668-07001020733282210210flow172.18.3.11646180.239.254.8380TCPpcapanalyzer
File 654
Showing 41-60 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
41
2012-09-21T07:41:44.756262-070080.239.254.24172.18.3.11/media/images/63032000/jpg/_63032873_tradersreut.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 36343
42
2012-09-21T07:41:44.758614-070080.239.254.24172.18.3.11/media/images/63038000/jpg/_63038055_aircraft2.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 304x171, frames 311119
43
2012-09-21T07:41:44.882081-070080.239.254.10172.18.3.11/modules/comments/getcount/ASCII text, with very long lines, with no line terminators565
44
2012-09-21T07:41:44.883612-070080.239.254.24172.18.3.11/media/images/63003000/jpg/_63003647_177081.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 39455
45
2012-09-21T07:41:44.643302-070080.239.254.24172.18.3.11/js/config/apps/4_7_1/bbc_fmtj_config.jsASCII text, with very long lines, with no line terminators1375
46
2012-09-21T07:41:44.884056-070080.239.254.42172.18.3.11/emp/releases/bump/revisions/872744/embed.jsASCII text, with very long lines, with no line terminators6356
47
2012-09-21T07:41:44.646065-070080.239.254.24172.18.3.11/js/app/av/emp/2_0_55/emp.jsASCII text, with CRLF, LF line terminators11347
48
2012-09-21T07:41:44.795622-070080.239.254.24172.18.3.11/media/images/63019000/jpg/_63019226_58471620.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 33280
49
2012-09-21T07:41:44.682981-070080.239.254.24172.18.3.11/view/1_4_35/cream/hi/news/skin.cssASCII text, with very long lines, with no line terminators11874
50
2012-09-21T07:41:44.800519-070080.239.254.24172.18.3.11/media/images/63031000/jpg/_63031178_hacked.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 36527
51
2012-09-21T07:41:44.686406-070080.239.254.24172.18.3.11/img/1_0_1/cream/hi/news/news-blocks.gifGIF image data, version 89a, 255 x 401657
52
2012-09-21T07:41:44.806398-070080.239.254.24172.18.3.11/media/images/63033000/jpg/_63033998_timon.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 35907
53
2012-09-21T07:41:44.722843-070080.239.254.24172.18.3.11/media/images/63000000/jpg/_63000763_medguv6z.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 112x63, frames 32656
54
2012-09-21T07:41:44.727683-070080.239.254.24172.18.3.11/media/images/63032000/jpg/_63032511_queen26.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 34869
55
2012-09-21T07:41:44.772096-070080.239.254.24172.18.3.11/media/images/62948000/jpg/_62948233_62947988.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 36023
56
2012-09-21T07:41:44.925401-070080.239.254.24172.18.3.11/media/images/63027000/jpg/_63027062_paxman1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 144x81, frames 33362
57
2012-09-21T07:41:44.778179-070080.239.254.24172.18.3.11/media/images/63018000/jpg/_63018246_casualty.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 35909
58
2012-09-21T07:41:44.818930-070080.239.254.24172.18.3.11/media/images/63026000/jpg/_63026058_kwillaimshills.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 34601
59
2012-09-21T07:41:44.822034-070080.239.217.171172.18.3.11/frameworks/barlesque/2.10.0/desktop/3.5/style/main.cssASCII text, with very long lines, with no line terminators29261
60
2012-09-21T07:41:44.826843-070080.239.254.24172.18.3.11/media/images/63035000/jpg/_63035008_63031171.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 35879

Comments(not set)

Update Download PCAP Delete