pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 161-180 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
161
2012-09-21T07:42:39.428980-0700172.18.1.100172.18.3.11answerapis.google.comA(not set)
162
2012-09-21T07:42:34.410332-0700172.18.3.11172.18.1.100queryweather-news.sky.comA(not set)
163
2012-09-21T07:42:35.209416-0700172.18.3.11172.18.1.100querywww.sky.comA(not set)
164
2012-09-21T07:42:35.209508-0700172.18.3.11172.18.1.100querygo.sky.comA(not set)
165
2012-09-21T07:42:35.283145-0700172.18.1.100172.18.3.11answerwww.sky.comA(not set)
166
2012-09-21T07:42:34.548717-0700172.18.1.100172.18.3.11answerweather-news.sky.comA(not set)
167
2012-09-21T07:42:35.306022-0700172.18.1.100172.18.3.11answergo.sky.comA(not set)
168
2012-09-21T07:42:35.322011-0700172.18.3.11172.18.1.100queryuservideos.sky.comA(not set)
169
2012-09-21T07:42:35.341734-0700172.18.1.100172.18.3.11answeruservideos.sky.comA(not set)
170
2012-09-21T07:42:35.209396-0700172.18.3.11172.18.1.100querywww.facebook.comA(not set)
171
2012-09-21T07:42:35.227144-0700172.18.1.100172.18.3.11answerwww.facebook.comA(not set)
172
2012-09-21T07:42:35.227763-0700172.18.3.11172.18.1.100querygo.microsoft.comA(not set)
173
2012-09-21T07:42:35.245814-0700172.18.1.100172.18.3.11answergo.microsoft.comA(not set)
174
2012-09-21T07:42:35.303057-0700172.18.3.11172.18.1.100queryskynewspanel.comA(not set)
175
2012-09-21T07:42:35.307048-0700172.18.3.11172.18.1.100queryaccessibility.sky.comA(not set)
176
2012-09-21T07:42:35.312258-0700172.18.3.11172.18.1.100queryyourphotos.news.sky.comA(not set)
177
2012-09-21T07:42:35.321165-0700172.18.1.100172.18.3.11answerskynewspanel.comA(not set)
178
2012-09-21T07:42:35.324507-0700172.18.1.100172.18.3.11answeraccessibility.sky.comA(not set)
179
2012-09-21T07:42:35.325397-0700172.18.3.11172.18.1.100querywww.skynewsarabia.comA(not set)
180
2012-09-21T07:42:35.342790-0700172.18.3.11172.18.1.100queryskyliving.sky.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 141-160 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
141
2012-09-21T07:42:05.572868-0700172.18.3.11www.google.co.uk80GET/gen_204?atyp=i&ct=1&cad=1&rsm=6&ei=H3tcUJzaJYWf0QW184CYBw&zx=1348238525504204
142
2012-09-21T07:42:05.644569-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=2&gs_id=j&xhr=t&q=Th&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=2&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
143
2012-09-21T07:41:49.972423-0700172.18.3.11sa.bbc.co.uk80GET/bbc/bbc/s?name=news.technology.page&cps_asset_id=10059376&page_type=index&section=technology&app_version=6.2.104-RC6&first_pub=2010-07-06T07:56:59+00:00&last_editorial_update=2012-09-21T14:30:31+00:00&title=&comments_box=false&cps_media_type=&cps_media_state=&app_type=web&ml_name=SSI&ml_version=0.11.1&language=en-GB&bbc_mc=ad1ps1pf1&screen_resolution=1680x1050&blq_s=3.5&blq_r=3.5&blq_v=journalism-domestic&ns__t=1348238509934&ns_c=UTF-8&ns_ti=BBC%20News%20-%20Technology&ns_jspageurl=http%3A//www.bbc.co.uk/news/technology/&ns_referrer=http%3A//www.bbc.co.uk/news/200
144
2012-09-21T07:41:45.463328-0700172.18.3.11news.bbcimg.co.uk80GET/js/app/personalisation_panel/1_9_1/personalisation_panel.js200
145
2012-09-21T07:42:05.651815-0700172.18.3.11ssl.gstatic.com80GET/gb/images/j_e6a6aca6.png200
146
2012-09-21T07:42:05.831689-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=3&gs_id=s&xhr=t&q=The&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=3&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
147
2012-09-21T07:41:45.494531-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/gvl3-icons-0-2.png200
148
2012-09-21T07:41:49.979235-0700172.18.3.11stats.bbc.co.uk80GET/o.gif?~RS~s~RS~News~RS~t~RS~HighWeb_Index~RS~i~RS~0~RS~p~RS~99113~RS~a~RS~Domestic~RS~u~RS~/news/technology/~RS~r~RS~http://www.bbc.co.uk/news/~RS~q~RS~~RS~z~RS~59~RS~200
149
2012-09-21T07:42:05.938968-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=5&gs_id=1k&xhr=t&q=The%20k&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=5&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
150
2012-09-21T07:41:50.019615-0700172.18.3.11emp.bbci.co.uk80GET/emp/releases/bump/revisions/872744/embed.js?emp=worldwide&enableClear=1304
151
2012-09-21T07:41:50.062268-0700172.18.3.11feeds.bbci.co.uk80GET/modules/comments/getcount/?items=__CPS__19651311,__CPS__19638862200
152
2012-09-21T07:42:06.076947-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=6&gs_id=20&xhr=t&q=The%20ke&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=6&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
153
2012-09-21T07:41:45.498271-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/livestats-sprite-ko.png200
154
2012-09-21T07:41:50.101114-0700172.18.3.11emp.bbci.co.uk80GET/emp/worldwide/embed.js?mediaset=journalism-pc301
155
2012-09-21T07:41:50.192329-0700172.18.3.11www.bbc.co.uk80GET/news/special/shared/js/istats/v2/istats.js200
156
2012-09-21T07:42:06.146127-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=7&gs_id=2e&xhr=t&q=The%20key&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=7&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
157
2012-09-21T07:41:45.500514-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/market-data-down.png200
158
2012-09-21T07:41:50.347306-0700172.18.3.11emp.bbci.co.uk80GET/emp/releases/worldwide/revisions/749603_749269_749444_6/embed.js?mediaset=journalism-pc304
159
2012-09-21T07:41:45.535215-0700172.18.3.11news.bbcimg.co.uk80GET/view/1_4_35/cream/hi/news/img/services.gif200
160
2012-09-21T07:41:54.045062-0700172.18.3.11www.bbc.co.uk80GET/news/technology-19674761200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 1-20 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2012-09-21T07:41:39.704863-0700954277252052231flow172.18.3.1158234255.255.255.2551947UDPpcapanalyzer
2
2012-09-21T07:41:39.704863-0700118968389913127flow172.18.3.116405172.18.3.4980TCPpcapanalyzer
3
2012-09-21T07:41:40.359876-0700268514856517983flow172.18.3.1150167172.18.1.10053UDPpcapanalyzer
4
2012-09-21T07:42:33.881814-0700751578418267952flow172.18.3.1158234172.18.255.2551947UDPpcapanalyzer
5
2012-09-21T07:42:33.881814-0700268514856473418flow172.18.1.10053172.18.3.1150167UDPpcapanalyzer
6
2012-09-21T07:43:38.102668-0700141053112448034flow172.18.3.1158471172.18.1.10053UDPpcapanalyzer
7
2012-09-21T07:43:38.102668-07001126275663755394flow172.18.3.1156951172.18.1.10053UDPpcapanalyzer
8
2012-09-21T07:43:38.102668-0700563830371169239flow172.18.3.116599204.152.194.21880TCPpcapanalyzer
9
2012-09-21T07:43:38.102668-07001267732563203033flow172.18.3.1162003172.18.1.10053UDPpcapanalyzer
10
2012-09-21T07:43:38.102668-0700845689741651186flow172.18.3.1156536172.18.1.10053UDPpcapanalyzer
11
2012-09-21T07:43:38.102668-07001690230639403618flow172.18.3.11648464.236.124.22980TCPpcapanalyzer
12
2012-09-21T07:43:38.102668-07001972334825587849flow172.18.3.1149568172.18.1.10053UDPpcapanalyzer
13
2012-09-21T07:43:38.102668-0700284116325262502flow172.18.3.1160687172.18.1.10053UDPpcapanalyzer
14
2012-09-21T07:43:38.102668-0700426541739252755flow172.18.3.1153110172.18.1.10053UDPpcapanalyzer
15
2012-09-21T07:43:38.102668-07001834479260316737flow172.18.3.11643380.239.254.2480TCPpcapanalyzer
16
2012-09-21T07:43:38.102668-0700145799055393495flow172.18.3.1163879172.18.1.10053UDPpcapanalyzer
17
2012-09-21T07:43:38.102668-0700568043728287493flow172.18.3.1164864172.18.1.10053UDPpcapanalyzer
18
2012-09-21T07:43:38.102668-0700568110305485653flow172.18.3.116586213.174.142.2980TCPpcapanalyzer
19
2012-09-21T07:43:38.102668-07001975551755764055flow172.18.3.116410173.194.65.9480TCPpcapanalyzer
20
2012-09-21T07:43:38.102668-0700287150723368471flow172.18.3.116519194.60.187.23080TCPpcapanalyzer
File 654
Showing 141-160 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
141
2012-09-21T07:42:05.644569-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1161
142
2012-09-21T07:42:05.651815-0700173.194.41.175172.18.3.11/gb/images/j_e6a6aca6.pngPNG image data, 381 x 45, 8-bit/color RGBA, non-interlaced15130
143
2012-09-21T07:41:45.494531-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/gvl3-icons-0-2.pngPNG image data, 1344 x 48, 8-bit/color RGBA, non-interlaced16784
144
2012-09-21T07:41:49.979235-0700212.58.244.130172.18.3.11/o.gifGIF image data, version 89a, 1 x 143
145
2012-09-21T07:42:05.831689-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1167
146
2012-09-21T07:41:50.062268-070080.239.254.10172.18.3.11/modules/comments/getcount/ASCII text, with very long lines, with no line terminators501
147
2012-09-21T07:42:05.938968-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1185
148
2012-09-21T07:41:45.498271-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/livestats-sprite-ko.pngPNG image data, 650 x 96, 8-bit/color RGBA, non-interlaced4729
149
2012-09-21T07:41:50.101114-070080.239.254.42172.18.3.11/emp/worldwide/embed.jsHTML document, ASCII text317
150
2012-09-21T07:42:06.076947-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1206
151
2012-09-21T07:41:50.192329-0700212.58.244.66172.18.3.11/news/special/shared/js/istats/v2/istats.jsASCII text, with CRLF line terminators539
152
2012-09-21T07:42:06.146127-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1170
153
2012-09-21T07:41:45.500514-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/market-data-down.pngPNG image data, 9 x 7, 8-bit/color RGBA, non-interlaced180
154
2012-09-21T07:41:45.535215-070080.239.254.24172.18.3.11/view/1_4_35/cream/hi/news/img/services.gifGIF image data, version 89a, 554 x 351128
155
2012-09-21T07:41:54.045062-0700212.58.244.66172.18.3.11/news/technology-19674761HTML document, ASCII text, with CRLF, LF line terminators61765
156
2012-09-21T07:42:06.659693-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators122597
157
2012-09-21T07:41:45.538245-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/img/carousel-prev-next-3.pngPNG image data, 96 x 181, 8-bit/color RGBA, non-interlaced1594
158
2012-09-21T07:41:45.620655-0700212.58.244.80172.18.3.11/wurfldemi/network.jsonpASCII text, with no line terminators73
159
2012-09-21T07:42:06.706940-0700173.194.65.94172.18.3.11/sASCII text, with very long lines, with no line terminators1286
160
2012-09-21T07:41:54.080921-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/story.cssASCII text, with very long lines, with no line terminators24536

Comments(not set)

Update Download PCAP Delete