pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 1-20 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2012-09-21T07:41:39.704863-0700172.18.3.11172.18.1.100querywww.google.co.ukA(not set)
2
2012-09-21T07:41:40.288015-0700172.18.3.11172.18.1.100queryplay.google.comA(not set)
3
2012-09-21T07:41:40.309850-0700172.18.3.11172.18.1.100querywww.youtube.comA(not set)
4
2012-09-21T07:41:40.337901-0700172.18.1.100172.18.3.11answerplay.google.comA(not set)
5
2012-09-21T07:41:40.339156-0700172.18.3.11172.18.1.100querynews.google.co.ukA(not set)
6
2012-09-21T07:41:40.339186-0700172.18.3.11172.18.1.100querymail.google.comA(not set)
7
2012-09-21T07:41:40.339973-0700172.18.1.100172.18.3.11answerwww.youtube.comA(not set)
8
2012-09-21T07:41:40.339974-0700172.18.1.100172.18.3.11answermail.google.comA(not set)
9
2012-09-21T07:41:40.340579-0700172.18.3.11172.18.1.100querydocs.google.comA(not set)
10
2012-09-21T07:41:40.341765-0700172.18.3.11172.18.1.100querybooks.google.co.ukA(not set)
11
2012-09-21T07:41:40.342098-0700172.18.1.100172.18.3.11answerbooks.google.co.ukA(not set)
12
2012-09-21T07:41:40.342539-0700172.18.3.11172.18.1.100querywww.blogger.comA(not set)
13
2012-09-21T07:41:40.363758-0700172.18.1.100172.18.3.11answernews.google.co.ukA(not set)
14
2012-09-21T07:41:40.363759-0700172.18.1.100172.18.3.11answerwww.blogger.comA(not set)
15
2012-09-21T07:41:40.365252-0700172.18.3.11172.18.1.100querypicasaweb.google.co.ukA(not set)
16
2012-09-21T07:41:40.380116-0700172.18.1.100172.18.3.11answerdocs.google.comA(not set)
17
2012-09-21T07:41:40.409792-0700172.18.1.100172.18.3.11answerpicasaweb.google.co.ukA(not set)
18
2012-09-21T07:41:40.287910-0700172.18.3.11172.18.1.100querymaps.google.co.ukA(not set)
19
2012-09-21T07:41:40.337900-0700172.18.1.100172.18.3.11answermaps.google.co.ukA(not set)
20
2012-09-21T07:41:40.381273-0700172.18.3.11172.18.1.100queryaccounts.google.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 121-140 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
121
2012-09-21T07:41:45.192088-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63038000/jpg/_63038944_63038940.jpg200
122
2012-09-21T07:41:45.343096-0700172.18.3.11node1.bbcimg.co.uk80GET/glow/glow/1.7.7/widgets/widgets.css200
123
2012-09-21T07:41:45.755079-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/personalisation-help-icon.gif200
124
2012-09-21T07:41:45.380382-0700172.18.3.11open.live.bbc.co.uk80GET/wurfldemi/useragent.jsonp?callback=define&ua=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20rv%3A15.0)%20Gecko%2F20100101%20Firefox%2F15.0.1200
125
2012-09-21T07:41:45.755079-0700172.18.3.11emp.bbci.co.uk80GET/emp/releases/worldwide/revisions/749603_749269_749444_6/embed.js?mediaset=journalism-pc200
126
2012-09-21T07:41:45.419584-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/news_masthead.gif200
127
2012-09-21T07:41:54.628471-0700172.18.3.11open.bbci.co.uk80GET/buzz/shares?callback=sharetools.counts.receive&url=http%3A%2F%2Fwww.bbc.co.uk%2Fnews%2Ftechnology-19674761&title=BBC%20News%20-%20Microsoft%20releases%20fix%20for%20IE%20bug200
128
2012-09-21T07:41:54.664473-0700172.18.3.11static.bbci.co.uk80GET/modules/sharetools/v1/img/sprite-0.3.2.png200
129
2012-09-21T07:41:45.419729-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/nav-divider.png200
130
2012-09-21T07:41:45.437473-0700172.18.3.11static.bbci.co.uk80GET/frameworks/barlesque/2.10.0/desktop/3.5/img/blq-sprite_alpha.png200
131
2012-09-21T07:41:45.458829-0700172.18.3.11news.bbcimg.co.uk80GET/js/net/json/jsonloader/2_13_1/jsonloader.js200
132
2012-09-21T07:42:01.789711-0700172.18.3.11www.google.co.uk80GET/200
133
2012-09-21T07:42:01.999716-0700172.18.3.11www.google.co.uk80GET/csi?v=3&s=webhp&action=&e=17259,18168,28290,28663,37102,39523,39977,4000116,4000354,4000473,4000519,4000545,4000553,4000833,4000841,4000949,4000974,4001007&ei=H3tcUJzaJYWf0QW184CYBw&imc=1&imn=1&imp=0&rt=xjsls.77,prt.81,xjses.129,xjsee.173,xjs.175,ol.177,iml.81,wsrt.95,cst.0,dnst.0,rqst.153,rspt.84204
134
2012-09-21T07:41:49.835585-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63027000/jpg/_63027505_016036297-1.jpg200
135
2012-09-21T07:41:49.865359-0700172.18.3.11emp.bbci.co.uk80GET/emp/bump?emp=worldwide&enableClear=1301
136
2012-09-21T07:41:49.878108-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62942000/jpg/_62942737_114158299.jpg200
137
2012-09-21T07:42:05.489948-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=1&gs_id=5&xhr=t&q=T&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=1&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
138
2012-09-21T07:41:49.919419-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62998000/jpg/_62998791_3yz8e6jh.jpg200
139
2012-09-21T07:41:49.952254-0700172.18.3.11www.bbc.co.uk80GET/news/technology/200
140
2012-09-21T07:41:49.968528-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63031000/jpg/_63031637_robot_snake.jpg200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 1-20 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2012-09-21T07:41:39.704863-0700954277252052231flow172.18.3.1158234255.255.255.2551947UDPpcapanalyzer
2
2012-09-21T07:41:39.704863-0700118968389913127flow172.18.3.116405172.18.3.4980TCPpcapanalyzer
3
2012-09-21T07:41:40.359876-0700268514856517983flow172.18.3.1150167172.18.1.10053UDPpcapanalyzer
4
2012-09-21T07:42:33.881814-0700751578418267952flow172.18.3.1158234172.18.255.2551947UDPpcapanalyzer
5
2012-09-21T07:42:33.881814-0700268514856473418flow172.18.1.10053172.18.3.1150167UDPpcapanalyzer
6
2012-09-21T07:43:38.102668-0700141053112448034flow172.18.3.1158471172.18.1.10053UDPpcapanalyzer
7
2012-09-21T07:43:38.102668-07001126275663755394flow172.18.3.1156951172.18.1.10053UDPpcapanalyzer
8
2012-09-21T07:43:38.102668-0700563830371169239flow172.18.3.116599204.152.194.21880TCPpcapanalyzer
9
2012-09-21T07:43:38.102668-07001267732563203033flow172.18.3.1162003172.18.1.10053UDPpcapanalyzer
10
2012-09-21T07:43:38.102668-0700845689741651186flow172.18.3.1156536172.18.1.10053UDPpcapanalyzer
11
2012-09-21T07:43:38.102668-07001690230639403618flow172.18.3.11648464.236.124.22980TCPpcapanalyzer
12
2012-09-21T07:43:38.102668-07001972334825587849flow172.18.3.1149568172.18.1.10053UDPpcapanalyzer
13
2012-09-21T07:43:38.102668-0700284116325262502flow172.18.3.1160687172.18.1.10053UDPpcapanalyzer
14
2012-09-21T07:43:38.102668-0700426541739252755flow172.18.3.1153110172.18.1.10053UDPpcapanalyzer
15
2012-09-21T07:43:38.102668-07001834479260316737flow172.18.3.11643380.239.254.2480TCPpcapanalyzer
16
2012-09-21T07:43:38.102668-0700145799055393495flow172.18.3.1163879172.18.1.10053UDPpcapanalyzer
17
2012-09-21T07:43:38.102668-0700568043728287493flow172.18.3.1164864172.18.1.10053UDPpcapanalyzer
18
2012-09-21T07:43:38.102668-0700568110305485653flow172.18.3.116586213.174.142.2980TCPpcapanalyzer
19
2012-09-21T07:43:38.102668-07001975551755764055flow172.18.3.116410173.194.65.9480TCPpcapanalyzer
20
2012-09-21T07:43:38.102668-0700287150723368471flow172.18.3.116519194.60.187.23080TCPpcapanalyzer
File 654
Showing 161-180 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
161
2012-09-21T07:41:45.643105-070080.239.254.34172.18.3.11/glow/glow/1.7.7/widgets/images/darkpanel/ctr.pngPNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced207
162
2012-09-21T07:42:12.049128-0700173.194.41.175172.18.3.11/v6exp3/6.gifGIF image data, version 89a, 1 x 135
163
2012-09-21T07:41:54.116429-070080.239.254.42172.18.3.11/emp/bumpHTML document, ASCII text305
164
2012-09-21T07:41:54.252398-0700212.58.244.130172.18.3.11/o.gifGIF image data, version 89a, 1 x 143
165
2012-09-21T07:42:18.443981-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1298
166
2012-09-21T07:41:45.731110-070080.239.254.24172.18.3.11/js/app/ticker/2_1_1/ticker.jsASCII text, with very long lines, with no line terminators9943
167
2012-09-21T07:41:54.275052-070080.239.254.42172.18.3.11/emp/worldwide/embed.jsHTML document, ASCII text317
168
2012-09-21T07:41:49.838636-070080.239.254.24172.18.3.11/media/images/63031000/jpg/_63031105_000793140-1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 33674
169
2012-09-21T07:41:49.847598-070080.239.254.24172.18.3.11/media/images/62978000/jpg/_62978075_62978004.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 112x63, frames 34552
170
2012-09-21T07:42:20.597822-0700173.194.41.191172.18.3.11/news/tbn/Zslr3463hrQJ/6.jpgJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, frames 32293
171
2012-09-21T07:42:20.599260-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators78661
172
2012-09-21T07:42:20.771452-0700173.194.34.24172.18.3.11/verify/EAAAAOUmQ06UkEvBLgmOHOaVuYg.gifGIF image data, version 89a, 1 x 143
173
2012-09-21T07:41:49.879909-070080.239.254.24172.18.3.11/news/special/2012/newsspec_4095/widget/css/style_w.cssASCII text, with CRLF line terminators2384
174
2012-09-21T07:41:54.297266-0700212.58.244.75172.18.3.11/modules/sharetools/v1/script/sharetools.jsASCII text, with very long lines, with no line terminators34128
175
2012-09-21T07:41:49.883367-070080.239.254.24172.18.3.11/media/images/62749000/jpg/_62749458_keyboard.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 144x81, frames 34162
176
2012-09-21T07:41:49.887444-070080.239.254.24172.18.3.11/media/images/63020000/jpg/_63020748_pa-9961806.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 34751
177
2012-09-21T07:41:49.930854-070080.239.254.24172.18.3.11/media/images/62986000/jpg/_62986964_62985822.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 36259
178
2012-09-21T07:42:12.051138-0700173.194.41.175172.18.3.11/v6exp3/6.gifGIF image data, version 89a, 1 x 135
179
2012-09-21T07:41:49.934043-070080.239.254.24172.18.3.11/media/images/62999000/jpg/_62999545_000237650-1.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 144x81, frames 33984
180
2012-09-21T07:42:22.113042-0700173.194.65.94172.18.3.11/searchASCII text, with very long lines, with no line terminators75008

Comments(not set)

Update Download PCAP Delete