pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 81-100 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
81
2012-09-21T07:42:20.578611-0700172.18.1.100172.18.3.11answergulfnews.comA(not set)
82
2012-09-21T07:42:20.586078-0700172.18.3.11172.18.1.100querywww.theaustralian.com.auA(not set)
83
2012-09-21T07:42:20.605191-0700172.18.1.100172.18.3.11answerwww.theaustralian.com.auA(not set)
84
2012-09-21T07:42:22.475631-0700172.18.3.11172.18.1.100querywww.dslreports.comA(not set)
85
2012-09-21T07:42:22.475670-0700172.18.3.11172.18.1.100queryforums.malwarebytes.orgA(not set)
86
2012-09-21T07:42:22.495163-0700172.18.1.100172.18.3.11answerwww.dslreports.comA(not set)
87
2012-09-21T07:42:22.496664-0700172.18.3.11172.18.1.100querybbs.360.cnA(not set)
88
2012-09-21T07:42:22.502757-0700172.18.1.100172.18.3.11answerforums.malwarebytes.orgA(not set)
89
2012-09-21T07:42:22.503962-0700172.18.3.11172.18.1.100querybbs.kafan.cnA(not set)
90
2012-09-21T07:42:22.515638-0700172.18.1.100172.18.3.11answerbbs.360.cnA(not set)
91
2012-09-21T07:42:22.969213-0700172.18.1.100172.18.3.11answerbbs.kafan.cnA(not set)
92
2012-09-21T07:42:22.517254-0700172.18.3.11172.18.1.100queryforum.botfrei.deA(not set)
93
2012-09-21T07:42:22.536230-0700172.18.1.100172.18.3.11answerforum.botfrei.deA(not set)
94
2012-09-21T07:42:33.354308-0700172.18.3.11172.18.1.100querymedia.skynews.comA(not set)
95
2012-09-21T07:42:33.400298-0700172.18.1.100172.18.3.11answermedia.skynews.comA(not set)
96
2012-09-21T07:42:33.435229-0700172.18.3.11172.18.1.100queryjs.revsci.netA(not set)
97
2012-09-21T07:42:33.474487-0700172.18.1.100172.18.3.11answerjs.revsci.netA(not set)
98
2012-09-21T07:41:50.169348-0700172.18.3.11172.18.1.100querytwitter.comA(not set)
99
2012-09-21T07:41:50.188459-0700172.18.1.100172.18.3.11answertwitter.comA(not set)
100
2012-09-21T07:42:33.710389-0700172.18.3.11172.18.1.100querymetrics.sky.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 81-100 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
81
2012-09-21T07:41:45.004622-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63021000/jpg/_63021371_eatrich144_getty.jpg200
82
2012-09-21T07:41:44.893419-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62967000/jpg/_62967972_hi016012954.jpg200
83
2012-09-21T07:41:44.897784-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62987000/jpg/_62987391_hi016011678.jpg200
84
2012-09-21T07:41:45.254892-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.page&cps_asset_id=10263779&page_type=index&section=front-page&app_version=6.2.104-RC6&first_pub=2010-06-10T14:18:30+00:00&last_editorial_update=2012-09-21T14:32:05+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=not_set&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238505204&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Home&ns_jspageurl=http%3A//www.bbc.co.uk/news/&ns_referrer=302
85
2012-09-21T07:41:44.904783-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63018000/jpg/_63018262_hi016017809.jpg200
86
2012-09-21T07:41:45.380959-0700172.18.3.11news.bbcimg.co.uk80GET/js/view/0_0_32/news-index.js200
87
2012-09-21T07:41:44.933637-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63025000/jpg/_63025125_016028534-1.jpg200
88
2012-09-21T07:41:45.414479-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.page&ns_m2=yes&ns_setsiteck=505C7B0F67BF00B2&cps_asset_id=10263779&page_type=index&section=front-page&app_version=6.2.104-RC6&first_pub=2010-06-10T14:18:30+00:00&last_editorial_update=2012-09-21T14:32:05+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=not_set&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238505204&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Home&ns_jspageurl=http%3A//www.bbc.co.uk/news/&ns_referrer=200
89
2012-09-21T07:41:44.936981-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63028000/jpg/_63028641_binoche640.jpg200
90
2012-09-21T07:41:45.380433-0700172.18.3.11static.bbci.co.uk80GET/frameworks/demi/0.9.8/sharedmodules/demi-1.js200
91
2012-09-21T07:41:44.950703-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63012000/jpg/_63012675_63012074.jpg200
92
2012-09-21T07:41:45.418689-0700172.18.3.11static.bbci.co.uk80GET/frameworks/barlesque/2.10.0/desktop/3.5/img/bbccookies/cookie_prompt_sprite.png200
93
2012-09-21T07:41:45.435571-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/subnav-divider.png200
94
2012-09-21T07:41:45.435721-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/transparencies/rgba-0-0-0-07.png200
95
2012-09-21T07:41:45.481766-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/search.png200
96
2012-09-21T07:41:45.478856-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/red-masthead.png200
97
2012-09-21T07:41:45.521161-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/programmes-iplayer-brand.png200
98
2012-09-21T07:41:45.524575-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/languages-sprite.gif200
99
2012-09-21T07:41:45.566662-0700172.18.3.11static.bbci.co.uk80GET/frameworks/istats/0.11.1/modules/istats-1.js200
100
2012-09-21T07:41:45.508437-0700172.18.3.11emp.bbci.co.uk80GET/emp/worldwide/embed.js?mediaset=journalism-pc301
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 1-20 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2012-09-21T07:41:39.704863-0700954277252052231flow172.18.3.1158234255.255.255.2551947UDPpcapanalyzer
2
2012-09-21T07:41:39.704863-0700118968389913127flow172.18.3.116405172.18.3.4980TCPpcapanalyzer
3
2012-09-21T07:41:40.359876-0700268514856517983flow172.18.3.1150167172.18.1.10053UDPpcapanalyzer
4
2012-09-21T07:42:33.881814-0700751578418267952flow172.18.3.1158234172.18.255.2551947UDPpcapanalyzer
5
2012-09-21T07:42:33.881814-0700268514856473418flow172.18.1.10053172.18.3.1150167UDPpcapanalyzer
6
2012-09-21T07:43:38.102668-0700141053112448034flow172.18.3.1158471172.18.1.10053UDPpcapanalyzer
7
2012-09-21T07:43:38.102668-07001126275663755394flow172.18.3.1156951172.18.1.10053UDPpcapanalyzer
8
2012-09-21T07:43:38.102668-0700563830371169239flow172.18.3.116599204.152.194.21880TCPpcapanalyzer
9
2012-09-21T07:43:38.102668-07001267732563203033flow172.18.3.1162003172.18.1.10053UDPpcapanalyzer
10
2012-09-21T07:43:38.102668-0700845689741651186flow172.18.3.1156536172.18.1.10053UDPpcapanalyzer
11
2012-09-21T07:43:38.102668-07001690230639403618flow172.18.3.11648464.236.124.22980TCPpcapanalyzer
12
2012-09-21T07:43:38.102668-07001972334825587849flow172.18.3.1149568172.18.1.10053UDPpcapanalyzer
13
2012-09-21T07:43:38.102668-0700284116325262502flow172.18.3.1160687172.18.1.10053UDPpcapanalyzer
14
2012-09-21T07:43:38.102668-0700426541739252755flow172.18.3.1153110172.18.1.10053UDPpcapanalyzer
15
2012-09-21T07:43:38.102668-07001834479260316737flow172.18.3.11643380.239.254.2480TCPpcapanalyzer
16
2012-09-21T07:43:38.102668-0700145799055393495flow172.18.3.1163879172.18.1.10053UDPpcapanalyzer
17
2012-09-21T07:43:38.102668-0700568043728287493flow172.18.3.1164864172.18.1.10053UDPpcapanalyzer
18
2012-09-21T07:43:38.102668-0700568110305485653flow172.18.3.116586213.174.142.2980TCPpcapanalyzer
19
2012-09-21T07:43:38.102668-07001975551755764055flow172.18.3.116410173.194.65.9480TCPpcapanalyzer
20
2012-09-21T07:43:38.102668-0700287150723368471flow172.18.3.116519194.60.187.23080TCPpcapanalyzer
File 654
Showing 181-200 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
181
2012-09-21T07:41:49.975593-070080.239.254.24172.18.3.11/media/images/63020000/jpg/_63020954_jex_1517244_de27-1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 34145
182
2012-09-21T07:41:49.985993-070080.239.254.24172.18.3.11/media/images/58415000/jpg/_58415592_b266a5c4-7dab-4925-876f-de2b381b9663.jpgPC bitmap, Windows 3.x format, 144 x 104 x 3259958
183
2012-09-21T07:41:49.987578-070080.239.254.24172.18.3.11/media/images/63033000/jpg/_63033150_63002903.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 31809
184
2012-09-21T07:42:33.523825-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194360/default/v1/jessica-harper-1-136x75.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "LEAD Technologies Inc. V1.01"6049
185
2012-09-21T07:41:50.079295-070080.239.254.34172.18.3.11/iplayer/images/episode/p00xnxpx_150_84.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 150x84, frames 36503
186
2012-09-21T07:41:50.113786-070080.239.254.24172.18.3.11/news/special/2012/newsspec_4095/widget/img/336x189_index.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 336x189, frames 323083
187
2012-09-21T07:42:33.463709-070080.239.254.138172.18.3.11/static/lxW3YpBbBKJACyrKeJm8X1wfhnNHvfUxbZkpKV1xBw9.cssASCII text6554
188
2012-09-21T07:42:33.590422-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194311/default/v3/ll-emi-1-136x75.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 166383
189
2012-09-21T07:42:33.622446-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194331/default/v1/8647109-1-1-198x111.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 1631021
190
2012-09-21T07:41:50.149261-0700212.58.244.80172.18.3.11/wurfldemi/network.jsonpASCII text, with no line terminators73
191
2012-09-21T07:42:33.661332-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194321/default/v1/152444673-1-104x57.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 165669
192
2012-09-21T07:41:54.059903-0700212.58.244.61172.18.3.11/js/app/av/emp/compatibility.jsASCII text, with very long lines, with no line terminators1275
193
2012-09-21T07:42:33.689168-070080.239.221.43172.18.3.11/media/images/generated/sky-news/content/StaticFile/jpg/2010/Oct/Week4/147356/default/v1/15771826-176x99.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 168473
194
2012-09-21T07:42:33.738395-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194368/default/v1/sky-news-clean-feed232-13h50m30s18-1-176x99.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 166309
195
2012-09-21T07:41:54.169441-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/layout/story.cssASCII text, with very long lines, with no line terminators882
196
2012-09-21T07:42:33.750123-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194361/default/v1/evs-xtaccess-2012-09-21-cam-c-12h36m04s02-1-176x99.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 165710
197
2012-09-21T07:41:54.258319-070087.249.105.58172.18.3.11/bbc/bbc/sGIF image data, version 89a, 1 x 143
198
2012-09-21T07:42:33.802360-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194342/default/v1/n20-epk-bond-blue-ray-movie-clips-check-access-13h11m27s02-1-176x99.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 166167
199
2012-09-21T07:42:33.820273-070080.239.221.43172.18.3.11/media/images/generated/2012/9/21/194329/default/v1/evs-xtaccess-2012-09-21-cam-c-10h12m09s14-2-1-176x99.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 165918
200
2012-09-21T07:42:33.841559-070080.239.221.43172.18.3.11/media/images/generated/2012/4/12/4096/default/v1/goldfinger-1-176x99.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 167096

Comments(not set)

Update Download PCAP Delete