pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 1-20 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2012-09-21T07:41:39.704863-0700172.18.3.11172.18.1.100querywww.google.co.ukA(not set)
2
2012-09-21T07:41:40.288015-0700172.18.3.11172.18.1.100queryplay.google.comA(not set)
3
2012-09-21T07:41:40.309850-0700172.18.3.11172.18.1.100querywww.youtube.comA(not set)
4
2012-09-21T07:41:40.337901-0700172.18.1.100172.18.3.11answerplay.google.comA(not set)
5
2012-09-21T07:41:40.339156-0700172.18.3.11172.18.1.100querynews.google.co.ukA(not set)
6
2012-09-21T07:41:40.339186-0700172.18.3.11172.18.1.100querymail.google.comA(not set)
7
2012-09-21T07:41:40.339973-0700172.18.1.100172.18.3.11answerwww.youtube.comA(not set)
8
2012-09-21T07:41:40.339974-0700172.18.1.100172.18.3.11answermail.google.comA(not set)
9
2012-09-21T07:41:40.340579-0700172.18.3.11172.18.1.100querydocs.google.comA(not set)
10
2012-09-21T07:41:40.341765-0700172.18.3.11172.18.1.100querybooks.google.co.ukA(not set)
11
2012-09-21T07:41:40.342098-0700172.18.1.100172.18.3.11answerbooks.google.co.ukA(not set)
12
2012-09-21T07:41:40.342539-0700172.18.3.11172.18.1.100querywww.blogger.comA(not set)
13
2012-09-21T07:41:40.363758-0700172.18.1.100172.18.3.11answernews.google.co.ukA(not set)
14
2012-09-21T07:41:40.363759-0700172.18.1.100172.18.3.11answerwww.blogger.comA(not set)
15
2012-09-21T07:41:40.365252-0700172.18.3.11172.18.1.100querypicasaweb.google.co.ukA(not set)
16
2012-09-21T07:41:40.380116-0700172.18.1.100172.18.3.11answerdocs.google.comA(not set)
17
2012-09-21T07:41:40.409792-0700172.18.1.100172.18.3.11answerpicasaweb.google.co.ukA(not set)
18
2012-09-21T07:41:40.287910-0700172.18.3.11172.18.1.100querymaps.google.co.ukA(not set)
19
2012-09-21T07:41:40.337900-0700172.18.1.100172.18.3.11answermaps.google.co.ukA(not set)
20
2012-09-21T07:41:40.381273-0700172.18.3.11172.18.1.100queryaccounts.google.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 81-100 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
81
2012-09-21T07:41:45.004622-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63021000/jpg/_63021371_eatrich144_getty.jpg200
82
2012-09-21T07:41:44.893419-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62967000/jpg/_62967972_hi016012954.jpg200
83
2012-09-21T07:41:44.897784-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62987000/jpg/_62987391_hi016011678.jpg200
84
2012-09-21T07:41:45.254892-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.page&cps_asset_id=10263779&page_type=index&section=front-page&app_version=6.2.104-RC6&first_pub=2010-06-10T14:18:30+00:00&last_editorial_update=2012-09-21T14:32:05+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=not_set&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238505204&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Home&ns_jspageurl=http%3A//www.bbc.co.uk/news/&ns_referrer=302
85
2012-09-21T07:41:44.904783-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63018000/jpg/_63018262_hi016017809.jpg200
86
2012-09-21T07:41:45.380959-0700172.18.3.11news.bbcimg.co.uk80GET/js/view/0_0_32/news-index.js200
87
2012-09-21T07:41:44.933637-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63025000/jpg/_63025125_016028534-1.jpg200
88
2012-09-21T07:41:45.414479-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.page&ns_m2=yes&ns_setsiteck=505C7B0F67BF00B2&cps_asset_id=10263779&page_type=index&section=front-page&app_version=6.2.104-RC6&first_pub=2010-06-10T14:18:30+00:00&last_editorial_update=2012-09-21T14:32:05+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=not_set&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238505204&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Home&ns_jspageurl=http%3A//www.bbc.co.uk/news/&ns_referrer=200
89
2012-09-21T07:41:44.936981-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63028000/jpg/_63028641_binoche640.jpg200
90
2012-09-21T07:41:45.380433-0700172.18.3.11static.bbci.co.uk80GET/frameworks/demi/0.9.8/sharedmodules/demi-1.js200
91
2012-09-21T07:41:44.950703-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63012000/jpg/_63012675_63012074.jpg200
92
2012-09-21T07:41:45.418689-0700172.18.3.11static.bbci.co.uk80GET/frameworks/barlesque/2.10.0/desktop/3.5/img/bbccookies/cookie_prompt_sprite.png200
93
2012-09-21T07:41:45.435571-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/subnav-divider.png200
94
2012-09-21T07:41:45.435721-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/transparencies/rgba-0-0-0-07.png200
95
2012-09-21T07:41:45.481766-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/search.png200
96
2012-09-21T07:41:45.478856-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/red-masthead.png200
97
2012-09-21T07:41:45.521161-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/programmes-iplayer-brand.png200
98
2012-09-21T07:41:45.524575-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/languages-sprite.gif200
99
2012-09-21T07:41:45.566662-0700172.18.3.11static.bbci.co.uk80GET/frameworks/istats/0.11.1/modules/istats-1.js200
100
2012-09-21T07:41:45.508437-0700172.18.3.11emp.bbci.co.uk80GET/emp/worldwide/embed.js?mediaset=journalism-pc301
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 21-40 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
21
2012-09-21T07:43:38.102668-07001413082846110568flow172.18.3.11662180.239.148.16980TCPpcapanalyzer
22
2012-09-21T07:43:38.102668-0700709912944879031flow172.18.3.11656446.229.160.18380TCPpcapanalyzer
23
2012-09-21T07:43:38.102668-07001977688502350629flow172.18.3.11643080.239.254.2480TCPpcapanalyzer
24
2012-09-21T07:43:38.102668-07001414790088504310flow172.18.3.11642680.239.254.3480TCPpcapanalyzer
25
2012-09-21T07:43:38.102668-07001274945956636865flow172.18.3.116491173.194.41.18780TCPpcapanalyzer
26
2012-09-21T07:43:38.102668-07001275111311975983flow172.18.3.1158336172.18.1.10053UDPpcapanalyzer
27
2012-09-21T07:43:38.102668-07001978803046326321flow172.18.3.11644480.239.254.1080TCPpcapanalyzer
28
2012-09-21T07:43:38.102668-07001979193889042742flow172.18.3.116458212.58.244.6180TCPpcapanalyzer
29
2012-09-21T07:43:38.102668-07002120118213276951flow172.18.3.116596173.254.205.23180TCPpcapanalyzer
30
2012-09-21T07:43:38.102668-07001416518816481287flow172.18.3.1165334.71.33.16780TCPpcapanalyzer
31
2012-09-21T07:43:38.102668-07001839403447564775flow172.18.3.116633212.58.244.6180TCPpcapanalyzer
32
2012-09-21T07:43:38.102668-0700432771589842653flow172.18.3.1163700172.18.1.10053UDPpcapanalyzer
33
2012-09-21T07:43:38.102668-07002122134702287755flow172.18.3.116636212.58.244.6180TCPpcapanalyzer
34
2012-09-21T07:43:38.102668-0700292551644681510flow172.18.3.1155019172.18.1.10053UDPpcapanalyzer
35
2012-09-21T07:43:38.102668-0700433430866946523flow172.18.3.1159378172.18.1.10053UDPpcapanalyzer
36
2012-09-21T07:43:38.102668-07001700414006947792flow172.18.3.116493173.194.41.18880TCPpcapanalyzer
37
2012-09-21T07:43:38.102668-0700152531416535969flow172.18.3.116563173.194.41.17380TCPpcapanalyzer
38
2012-09-21T07:43:38.102668-07001700991676723328flow172.18.3.1152558172.18.1.10053UDPpcapanalyzer
39
2012-09-21T07:43:38.102668-0700434755862735884flow172.18.3.1155991172.18.1.10053UDPpcapanalyzer
40
2012-09-21T07:43:38.102668-07001560868372367196flow172.18.3.1165130172.18.1.10053UDPpcapanalyzer
File 654
Showing 81-100 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
81
2012-09-21T07:41:44.893419-070080.239.254.24172.18.3.11/media/images/62967000/jpg/_62967972_hi016012954.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 37308
82
2012-09-21T07:41:44.897784-070080.239.254.24172.18.3.11/media/images/62987000/jpg/_62987391_hi016011678.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 35577
83
2012-09-21T07:41:44.904783-070080.239.254.24172.18.3.11/media/images/63018000/jpg/_63018262_hi016017809.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 37657
84
2012-09-21T07:41:45.254892-070087.249.105.58172.18.3.11/bbc/bbc/sHTML document, ASCII text, with very long lines857
85
2012-09-21T07:41:45.380959-070080.239.254.24172.18.3.11/js/view/0_0_32/news-index.jsASCII text, with very long lines, with no line terminators28046
86
2012-09-21T07:41:44.933637-070080.239.254.24172.18.3.11/media/images/63025000/jpg/_63025125_016028534-1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 36250
87
2012-09-21T07:41:44.936981-070080.239.254.24172.18.3.11/media/images/63028000/jpg/_63028641_binoche640.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 34047
88
2012-09-21T07:41:45.414479-070087.249.105.58172.18.3.11/bbc/bbc/sGIF image data, version 89a, 1 x 143
89
2012-09-21T07:41:44.950703-070080.239.254.24172.18.3.11/media/images/63012000/jpg/_63012675_63012074.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 37013
90
2012-09-21T07:41:45.380433-070080.239.217.171172.18.3.11/frameworks/demi/0.9.8/sharedmodules/demi-1.jsASCII text17723
91
2012-09-21T07:41:45.418689-070080.239.217.171172.18.3.11/frameworks/barlesque/2.10.0/desktop/3.5/img/bbccookies/cookie_prompt_sprite.pngPNG image data, 16 x 330, 16-bit/color RGB, non-interlaced2779
92
2012-09-21T07:41:45.435571-070080.239.254.24172.18.3.11/view/1_4_35/cream/hi/news/img/subnav-divider.pngPNG image data, 1 x 10, 8-bit colormap, non-interlaced126
93
2012-09-21T07:41:45.435721-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/transparencies/rgba-0-0-0-07.pngPNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced130
94
2012-09-21T07:41:45.481766-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/search.pngPNG image data, 32 x 24, 8-bit/color RGBA, non-interlaced390
95
2012-09-21T07:41:45.478856-070080.239.254.24172.18.3.11/view/1_4_35/cream/hi/news/img/red-masthead.pngPNG image data, 1800 x 128, 8-bit/color RGB, non-interlaced36830
96
2012-09-21T07:41:45.521161-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/programmes-iplayer-brand.pngPNG image data, 122 x 22, 8-bit colormap, non-interlaced2240
97
2012-09-21T07:41:45.524575-070080.239.254.24172.18.3.11/view/1_4_35/cream/hi/news/img/languages-sprite.gifGIF image data, version 89a, 1873 x 4811937
98
2012-09-21T07:41:45.566662-070080.239.217.171172.18.3.11/frameworks/istats/0.11.1/modules/istats-1.jsASCII text, with very long lines, with no line terminators8005
99
2012-09-21T07:41:45.508437-070080.239.254.42172.18.3.11/emp/worldwide/embed.jsHTML document, ASCII text317
100
2012-09-21T07:41:45.613716-070080.239.217.171172.18.3.11/frameworks/swfobject/0.1.3/sharedmodules/swfobject-2.jsC source, ASCII text25620

Comments(not set)

Update Download PCAP Delete