pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 161-180 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
161
2012-09-21T07:42:39.428980-0700172.18.1.100172.18.3.11answerapis.google.comA(not set)
162
2012-09-21T07:42:34.410332-0700172.18.3.11172.18.1.100queryweather-news.sky.comA(not set)
163
2012-09-21T07:42:35.209416-0700172.18.3.11172.18.1.100querywww.sky.comA(not set)
164
2012-09-21T07:42:35.209508-0700172.18.3.11172.18.1.100querygo.sky.comA(not set)
165
2012-09-21T07:42:35.283145-0700172.18.1.100172.18.3.11answerwww.sky.comA(not set)
166
2012-09-21T07:42:34.548717-0700172.18.1.100172.18.3.11answerweather-news.sky.comA(not set)
167
2012-09-21T07:42:35.306022-0700172.18.1.100172.18.3.11answergo.sky.comA(not set)
168
2012-09-21T07:42:35.322011-0700172.18.3.11172.18.1.100queryuservideos.sky.comA(not set)
169
2012-09-21T07:42:35.341734-0700172.18.1.100172.18.3.11answeruservideos.sky.comA(not set)
170
2012-09-21T07:42:35.209396-0700172.18.3.11172.18.1.100querywww.facebook.comA(not set)
171
2012-09-21T07:42:35.227144-0700172.18.1.100172.18.3.11answerwww.facebook.comA(not set)
172
2012-09-21T07:42:35.227763-0700172.18.3.11172.18.1.100querygo.microsoft.comA(not set)
173
2012-09-21T07:42:35.245814-0700172.18.1.100172.18.3.11answergo.microsoft.comA(not set)
174
2012-09-21T07:42:35.303057-0700172.18.3.11172.18.1.100queryskynewspanel.comA(not set)
175
2012-09-21T07:42:35.307048-0700172.18.3.11172.18.1.100queryaccessibility.sky.comA(not set)
176
2012-09-21T07:42:35.312258-0700172.18.3.11172.18.1.100queryyourphotos.news.sky.comA(not set)
177
2012-09-21T07:42:35.321165-0700172.18.1.100172.18.3.11answerskynewspanel.comA(not set)
178
2012-09-21T07:42:35.324507-0700172.18.1.100172.18.3.11answeraccessibility.sky.comA(not set)
179
2012-09-21T07:42:35.325397-0700172.18.3.11172.18.1.100querywww.skynewsarabia.comA(not set)
180
2012-09-21T07:42:35.342790-0700172.18.3.11172.18.1.100queryskyliving.sky.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 81-100 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
81
2012-09-21T07:41:45.004622-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63021000/jpg/_63021371_eatrich144_getty.jpg200
82
2012-09-21T07:41:44.893419-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62967000/jpg/_62967972_hi016012954.jpg200
83
2012-09-21T07:41:44.897784-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62987000/jpg/_62987391_hi016011678.jpg200
84
2012-09-21T07:41:45.254892-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.page&cps_asset_id=10263779&page_type=index&section=front-page&app_version=6.2.104-RC6&first_pub=2010-06-10T14:18:30+00:00&last_editorial_update=2012-09-21T14:32:05+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=not_set&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238505204&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Home&ns_jspageurl=http%3A//www.bbc.co.uk/news/&ns_referrer=302
85
2012-09-21T07:41:44.904783-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63018000/jpg/_63018262_hi016017809.jpg200
86
2012-09-21T07:41:45.380959-0700172.18.3.11news.bbcimg.co.uk80GET/js/view/0_0_32/news-index.js200
87
2012-09-21T07:41:44.933637-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63025000/jpg/_63025125_016028534-1.jpg200
88
2012-09-21T07:41:45.414479-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.page&ns_m2=yes&ns_setsiteck=505C7B0F67BF00B2&cps_asset_id=10263779&page_type=index&section=front-page&app_version=6.2.104-RC6&first_pub=2010-06-10T14:18:30+00:00&last_editorial_update=2012-09-21T14:32:05+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=not_set&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238505204&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Home&ns_jspageurl=http%3A//www.bbc.co.uk/news/&ns_referrer=200
89
2012-09-21T07:41:44.936981-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63028000/jpg/_63028641_binoche640.jpg200
90
2012-09-21T07:41:45.380433-0700172.18.3.11static.bbci.co.uk80GET/frameworks/demi/0.9.8/sharedmodules/demi-1.js200
91
2012-09-21T07:41:44.950703-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63012000/jpg/_63012675_63012074.jpg200
92
2012-09-21T07:41:45.418689-0700172.18.3.11static.bbci.co.uk80GET/frameworks/barlesque/2.10.0/desktop/3.5/img/bbccookies/cookie_prompt_sprite.png200
93
2012-09-21T07:41:45.435571-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/subnav-divider.png200
94
2012-09-21T07:41:45.435721-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/transparencies/rgba-0-0-0-07.png200
95
2012-09-21T07:41:45.481766-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/search.png200
96
2012-09-21T07:41:45.478856-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/red-masthead.png200
97
2012-09-21T07:41:45.521161-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/programmes-iplayer-brand.png200
98
2012-09-21T07:41:45.524575-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/languages-sprite.gif200
99
2012-09-21T07:41:45.566662-0700172.18.3.11static.bbci.co.uk80GET/frameworks/istats/0.11.1/modules/istats-1.js200
100
2012-09-21T07:41:45.508437-0700172.18.3.11emp.bbci.co.uk80GET/emp/worldwide/embed.js?mediaset=journalism-pc301
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 101-120 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
101
2012-09-21T07:43:38.102668-0700317148924455330flow172.18.3.1162086172.18.1.10053UDPpcapanalyzer
102
2012-09-21T07:43:38.102668-0700317505404535623flow172.18.3.1160129172.18.1.10053UDPpcapanalyzer
103
2012-09-21T07:43:38.102668-07001022071167481237flow172.18.3.11654180.239.254.7280TCPpcapanalyzer
104
2012-09-21T07:43:38.102668-0700461081870133518flow172.18.3.116624212.58.244.8080TCPpcapanalyzer
105
2012-09-21T07:43:38.102668-0700603157237283739flow172.18.3.1159271172.18.1.10053UDPpcapanalyzer
106
2012-09-21T07:43:38.102668-07001447899994763112flow172.18.3.1159719172.18.1.10053UDPpcapanalyzer
107
2012-09-21T07:43:38.102668-07001729585423898531flow172.18.3.1162216172.18.1.10053UDPpcapanalyzer
108
2012-09-21T07:43:38.102668-07001729858155126471flow172.18.3.11647980.239.221.4380TCPpcapanalyzer
109
2012-09-21T07:43:38.102668-0700181780146840091flow172.18.3.116614184.169.78.3380TCPpcapanalyzer
110
2012-09-21T07:43:38.102668-0700182514582651992flow172.18.3.11651280.239.254.7280TCPpcapanalyzer
111
2012-09-21T07:43:38.102668-07001308738759375622flow172.18.3.1153282172.18.1.10053UDPpcapanalyzer
112
2012-09-21T07:43:38.102668-07001590314666852096flow172.18.3.1157711172.18.1.10053UDPpcapanalyzer
113
2012-09-21T07:43:38.102668-07002153449301487112flow172.18.3.11641980.239.217.17180TCPpcapanalyzer
114
2012-09-21T07:43:38.102668-07001168439354346679flow172.18.3.11643980.239.254.3480TCPpcapanalyzer
115
2012-09-21T07:43:38.102668-0700605697710469140flow172.18.3.1165312.23.143.14480TCPpcapanalyzer
116
2012-09-21T07:43:38.102668-07001168705645550523flow172.18.3.1162912172.18.1.10053UDPpcapanalyzer
117
2012-09-21T07:43:38.102668-07001591051254964750flow172.18.3.11652598.124.224.24380TCPpcapanalyzer
118
2012-09-21T07:43:38.102668-0700183684964815672flow172.18.3.11662980.239.178.13980TCPpcapanalyzer
119
2012-09-21T07:43:38.102668-07002154568140140281flow172.18.3.116409173.194.65.9480TCPpcapanalyzer
120
2012-09-21T07:43:38.102668-0700606816546231684flow172.18.3.1151485172.18.1.10053UDPpcapanalyzer
File 654
Showing 101-120 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
101
2012-09-21T07:41:49.858813-070080.239.254.24172.18.3.11/media/images/62965000/jpg/_62965186_baxter.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 33811
102
2012-09-21T07:41:44.988509-070080.239.254.24172.18.3.11/media/images/63015000/jpg/_63015644_62984454.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 35719
103
2012-09-21T07:41:49.871861-070080.239.254.24172.18.3.11/news/special/2012/newsspec_4095/widget/js/widget.jsASCII text, with CRLF line terminators1541
104
2012-09-21T07:41:45.518295-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/market-data-up.pngPNG image data, 9 x 7, 8-bit/color RGBA, non-interlaced189
105
2012-09-21T07:41:49.900410-070080.239.254.24172.18.3.11/media/images/63033000/jpg/_63033678_0qc5dm92.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 144x81, frames 34228
106
2012-09-21T07:41:49.952148-070080.239.254.24172.18.3.11/media/images/62962000/jpg/_62962077_jex_1515425_de54-1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 34637
107
2012-09-21T07:41:49.961316-070080.239.254.24172.18.3.11/media/images/49545000/gif/_49545337_tob304x171.gifGIF image data, version 89a, 304 x 17126690
108
2012-09-21T07:41:45.539921-0700212.58.244.66172.18.3.11/js/app/ticker/ticker_initialiser.jsASCII text, with very long lines, with no line terminators1794
109
2012-09-21T07:41:49.992035-070080.239.254.24172.18.3.11/media/images/62972000/jpg/_62972523_62971152.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 32969
110
2012-09-21T07:41:44.995976-070080.239.254.24172.18.3.11/media/images/63012000/jpg/_63012475_ngahuia.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 33846
111
2012-09-21T07:41:45.555128-0700212.58.244.66172.18.3.11/news/10284448/ticker.sjsonASCII text, with CRLF, LF line terminators2008
112
2012-09-21T07:41:50.199326-0700212.58.244.66172.18.3.11/news/special/2012/newsspec_4095/js/jquery.placeholder.jsASCII text, with CRLF line terminators5271
113
2012-09-21T07:41:45.026796-070080.239.254.24172.18.3.11/media/images/63018000/jpg/_63018999_london_met_uni_afp.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 34127
114
2012-09-21T07:41:50.207293-070080.239.254.24172.18.3.11/media/images/63009000/jpg/_63009359_jex_1514529_de27-1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 33409
115
2012-09-21T07:41:45.037350-070080.239.254.34172.18.3.11/glow/glow/1.7.7/widgets/widgets.jsASCII text, with very long lines113926
116
2012-09-21T07:41:50.219327-070080.239.254.24172.18.3.11/news/special/2012/newsspec_4095/img/search.pngPNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced469
117
2012-09-21T07:41:54.123780-070080.239.254.24172.18.3.11/media/images/62959000/jpg/_62959824_hacked.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 304x171, frames 316033
118
2012-09-21T07:41:45.715077-0700212.58.244.75172.18.3.11/frameworks/barlesque/1.3.2/newnav/img/search_icon.pngPNG image data, 16 x 16, 8-bit colormap, non-interlaced287
119
2012-09-21T07:41:45.192088-070080.239.254.24172.18.3.11/media/images/63038000/jpg/_63038944_63038940.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 35742
120
2012-09-21T07:41:45.343096-070080.239.254.34172.18.3.11/glow/glow/1.7.7/widgets/widgets.cssASCII text, with very long lines40372

Comments(not set)

Update Download PCAP Delete