pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 161-180 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
161
2012-09-21T07:42:39.428980-0700172.18.1.100172.18.3.11answerapis.google.comA(not set)
162
2012-09-21T07:42:34.410332-0700172.18.3.11172.18.1.100queryweather-news.sky.comA(not set)
163
2012-09-21T07:42:35.209416-0700172.18.3.11172.18.1.100querywww.sky.comA(not set)
164
2012-09-21T07:42:35.209508-0700172.18.3.11172.18.1.100querygo.sky.comA(not set)
165
2012-09-21T07:42:35.283145-0700172.18.1.100172.18.3.11answerwww.sky.comA(not set)
166
2012-09-21T07:42:34.548717-0700172.18.1.100172.18.3.11answerweather-news.sky.comA(not set)
167
2012-09-21T07:42:35.306022-0700172.18.1.100172.18.3.11answergo.sky.comA(not set)
168
2012-09-21T07:42:35.322011-0700172.18.3.11172.18.1.100queryuservideos.sky.comA(not set)
169
2012-09-21T07:42:35.341734-0700172.18.1.100172.18.3.11answeruservideos.sky.comA(not set)
170
2012-09-21T07:42:35.209396-0700172.18.3.11172.18.1.100querywww.facebook.comA(not set)
171
2012-09-21T07:42:35.227144-0700172.18.1.100172.18.3.11answerwww.facebook.comA(not set)
172
2012-09-21T07:42:35.227763-0700172.18.3.11172.18.1.100querygo.microsoft.comA(not set)
173
2012-09-21T07:42:35.245814-0700172.18.1.100172.18.3.11answergo.microsoft.comA(not set)
174
2012-09-21T07:42:35.303057-0700172.18.3.11172.18.1.100queryskynewspanel.comA(not set)
175
2012-09-21T07:42:35.307048-0700172.18.3.11172.18.1.100queryaccessibility.sky.comA(not set)
176
2012-09-21T07:42:35.312258-0700172.18.3.11172.18.1.100queryyourphotos.news.sky.comA(not set)
177
2012-09-21T07:42:35.321165-0700172.18.1.100172.18.3.11answerskynewspanel.comA(not set)
178
2012-09-21T07:42:35.324507-0700172.18.1.100172.18.3.11answeraccessibility.sky.comA(not set)
179
2012-09-21T07:42:35.325397-0700172.18.3.11172.18.1.100querywww.skynewsarabia.comA(not set)
180
2012-09-21T07:42:35.342790-0700172.18.3.11172.18.1.100queryskyliving.sky.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 101-120 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
101
2012-09-21T07:41:45.613716-0700172.18.3.11static.bbci.co.uk80GET/frameworks/swfobject/0.1.3/sharedmodules/swfobject-2.js200
102
2012-09-21T07:41:49.858813-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62965000/jpg/_62965186_baxter.jpg200
103
2012-09-21T07:41:49.871861-0700172.18.3.11newsimg.bbc.co.uk80GET/news/special/2012/newsspec_4095/widget/js/widget.js200
104
2012-09-21T07:41:44.988509-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63015000/jpg/_63015644_62984454.jpg200
105
2012-09-21T07:41:45.518295-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/market-data-up.png200
106
2012-09-21T07:41:49.900410-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63033000/jpg/_63033678_0qc5dm92.jpg200
107
2012-09-21T07:41:49.952148-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62962000/jpg/_62962077_jex_1515425_de54-1.jpg200
108
2012-09-21T07:41:49.961316-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/49545000/gif/_49545337_tob304x171.gif200
109
2012-09-21T07:41:45.539921-0700172.18.3.11www.bbc.co.uk80GET/js/app/ticker/ticker_initialiser.js?cachebuster=cb134823850546098384200
110
2012-09-21T07:41:49.992035-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62972000/jpg/_62972523_62971152.jpg200
111
2012-09-21T07:41:45.555128-0700172.18.3.11www.bbc.co.uk80GET/news/10284448/ticker.sjson?jsoncallback=bbc.fmtj.net.json.model.getFeedById(0).callback&client=bbcfmtj&cachebuster=cb1348238505539445200
112
2012-09-21T07:41:44.995976-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63012000/jpg/_63012475_ngahuia.jpg200
113
2012-09-21T07:41:45.026796-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63018000/jpg/_63018999_london_met_uni_afp.jpg200
114
2012-09-21T07:41:50.199326-0700172.18.3.11www.bbc.co.uk80GET/news/special/2012/newsspec_4095/js/jquery.placeholder.js200
115
2012-09-21T07:41:50.207293-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63009000/jpg/_63009359_jex_1514529_de27-1.jpg200
116
2012-09-21T07:41:45.037350-0700172.18.3.11node1.bbcimg.co.uk80GET/glow/glow/1.7.7/widgets/widgets.js200
117
2012-09-21T07:41:50.219327-0700172.18.3.11newsimg.bbc.co.uk80GET/news/special/2012/newsspec_4095/img/search.png200
118
2012-09-21T07:41:54.123780-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62959000/jpg/_62959824_hacked.jpg200
119
2012-09-21T07:41:45.715077-0700172.18.3.11static.bbc.co.uk80GET/frameworks/barlesque/1.3.2/newnav/img/search_icon.png200
120
2012-09-21T07:41:54.355412-0700172.18.3.11static.bbci.co.uk80GET/modules/sharetools/v1/style/slim.css200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 61-80 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
61
2012-09-21T07:43:38.102668-07001570830550299807flow172.18.3.11658246.229.160.18380TCPpcapanalyzer
62
2012-09-21T07:43:38.102668-07001852803738252911flow172.18.3.1157735172.18.1.10053UDPpcapanalyzer
63
2012-09-21T07:43:38.102668-070025136240057202flow172.18.3.116417212.58.244.6680TCPpcapanalyzer
64
2012-09-21T07:43:38.102668-0700588459860555807flow172.18.3.11658346.229.160.18380TCPpcapanalyzer
65
2012-09-21T07:43:38.102668-07001714374798942141flow172.18.3.116574173.194.41.17580TCPpcapanalyzer
66
2012-09-21T07:43:38.102668-0700307060040794182flow172.18.3.1162928172.18.1.10053UDPpcapanalyzer
67
2012-09-21T07:43:38.102668-07001855627678988811flow172.18.3.1149337172.18.1.10053UDPpcapanalyzer
68
2012-09-21T07:43:38.102668-07001152081974860579flow172.18.3.11652068.67.179.14680TCPpcapanalyzer
69
2012-09-21T07:43:38.102668-07001152105596099636flow172.18.3.1162129172.18.1.10053UDPpcapanalyzer
70
2012-09-21T07:43:38.102668-07001433720160212424flow172.18.3.1164790172.18.1.10053UDPpcapanalyzer
71
2012-09-21T07:43:38.102668-0700870774498157315flow172.18.3.1155212172.18.1.10053UDPpcapanalyzer
72
2012-09-21T07:43:38.102668-07001012319446057641flow172.18.3.11658846.229.160.18380TCPpcapanalyzer
73
2012-09-21T07:43:38.102668-0700168330452953180flow172.18.3.116490173.194.41.18780TCPpcapanalyzer
74
2012-09-21T07:43:38.102668-0700309654205121443flow172.18.3.116567173.194.41.17380TCPpcapanalyzer
75
2012-09-21T07:43:38.102668-07001857906162905495flow172.18.3.1156528172.18.1.10053UDPpcapanalyzer
76
2012-09-21T07:43:38.102668-07001717196588707562flow172.18.3.116453212.58.244.6680TCPpcapanalyzer
77
2012-09-21T07:43:38.102668-07001295518850701542flow172.18.3.1161074172.18.1.10053UDPpcapanalyzer
78
2012-09-21T07:43:38.102668-07002140302413837631flow172.18.3.115353224.0.0.2515353UDPpcapanalyzer
79
2012-09-21T07:43:38.102668-07001858962724829949flow172.18.3.1152048172.18.1.10053UDPpcapanalyzer
80
2012-09-21T07:43:38.102668-07001014831999802999flow172.18.3.116492212.155.198.3080TCPpcapanalyzer
File 654
Showing 141-160 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
141
2012-09-21T07:42:05.644569-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1161
142
2012-09-21T07:42:05.651815-0700173.194.41.175172.18.3.11/gb/images/j_e6a6aca6.pngPNG image data, 381 x 45, 8-bit/color RGBA, non-interlaced15130
143
2012-09-21T07:41:45.494531-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/gvl3-icons-0-2.pngPNG image data, 1344 x 48, 8-bit/color RGBA, non-interlaced16784
144
2012-09-21T07:41:49.979235-0700212.58.244.130172.18.3.11/o.gifGIF image data, version 89a, 1 x 143
145
2012-09-21T07:42:05.831689-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1167
146
2012-09-21T07:41:50.062268-070080.239.254.10172.18.3.11/modules/comments/getcount/ASCII text, with very long lines, with no line terminators501
147
2012-09-21T07:42:05.938968-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1185
148
2012-09-21T07:41:45.498271-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/livestats-sprite-ko.pngPNG image data, 650 x 96, 8-bit/color RGBA, non-interlaced4729
149
2012-09-21T07:41:50.101114-070080.239.254.42172.18.3.11/emp/worldwide/embed.jsHTML document, ASCII text317
150
2012-09-21T07:42:06.076947-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1206
151
2012-09-21T07:41:50.192329-0700212.58.244.66172.18.3.11/news/special/shared/js/istats/v2/istats.jsASCII text, with CRLF line terminators539
152
2012-09-21T07:42:06.146127-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1170
153
2012-09-21T07:41:45.500514-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/market-data-down.pngPNG image data, 9 x 7, 8-bit/color RGBA, non-interlaced180
154
2012-09-21T07:41:45.535215-070080.239.254.24172.18.3.11/view/1_4_35/cream/hi/news/img/services.gifGIF image data, version 89a, 554 x 351128
155
2012-09-21T07:41:54.045062-0700212.58.244.66172.18.3.11/news/technology-19674761HTML document, ASCII text, with CRLF, LF line terminators61765
156
2012-09-21T07:42:06.659693-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators122597
157
2012-09-21T07:41:45.538245-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/carousel-prev-next-3.pngPNG image data, 96 x 181, 8-bit/color RGBA, non-interlaced1594
158
2012-09-21T07:41:45.620655-0700212.58.244.80172.18.3.11/wurfldemi/network.jsonpASCII text, with no line terminators73
159
2012-09-21T07:42:06.706940-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1286
160
2012-09-21T07:41:54.080921-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/story.cssASCII text, with very long lines, with no line terminators24536

Comments(not set)

Update Download PCAP Delete