pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 1-20 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2012-09-21T07:41:39.704863-0700172.18.3.11172.18.1.100querywww.google.co.ukA(not set)
2
2012-09-21T07:41:40.288015-0700172.18.3.11172.18.1.100queryplay.google.comA(not set)
3
2012-09-21T07:41:40.309850-0700172.18.3.11172.18.1.100querywww.youtube.comA(not set)
4
2012-09-21T07:41:40.337901-0700172.18.1.100172.18.3.11answerplay.google.comA(not set)
5
2012-09-21T07:41:40.339156-0700172.18.3.11172.18.1.100querynews.google.co.ukA(not set)
6
2012-09-21T07:41:40.339186-0700172.18.3.11172.18.1.100querymail.google.comA(not set)
7
2012-09-21T07:41:40.339973-0700172.18.1.100172.18.3.11answerwww.youtube.comA(not set)
8
2012-09-21T07:41:40.339974-0700172.18.1.100172.18.3.11answermail.google.comA(not set)
9
2012-09-21T07:41:40.340579-0700172.18.3.11172.18.1.100querydocs.google.comA(not set)
10
2012-09-21T07:41:40.341765-0700172.18.3.11172.18.1.100querybooks.google.co.ukA(not set)
11
2012-09-21T07:41:40.342098-0700172.18.1.100172.18.3.11answerbooks.google.co.ukA(not set)
12
2012-09-21T07:41:40.342539-0700172.18.3.11172.18.1.100querywww.blogger.comA(not set)
13
2012-09-21T07:41:40.363758-0700172.18.1.100172.18.3.11answernews.google.co.ukA(not set)
14
2012-09-21T07:41:40.363759-0700172.18.1.100172.18.3.11answerwww.blogger.comA(not set)
15
2012-09-21T07:41:40.365252-0700172.18.3.11172.18.1.100querypicasaweb.google.co.ukA(not set)
16
2012-09-21T07:41:40.380116-0700172.18.1.100172.18.3.11answerdocs.google.comA(not set)
17
2012-09-21T07:41:40.409792-0700172.18.1.100172.18.3.11answerpicasaweb.google.co.ukA(not set)
18
2012-09-21T07:41:40.287910-0700172.18.3.11172.18.1.100querymaps.google.co.ukA(not set)
19
2012-09-21T07:41:40.337900-0700172.18.1.100172.18.3.11answermaps.google.co.ukA(not set)
20
2012-09-21T07:41:40.381273-0700172.18.3.11172.18.1.100queryaccounts.google.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 161-180 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
161
2012-09-21T07:42:06.659693-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=8&gs_id=30&xhr=t&q=The%20key%20&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=8&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
162
2012-09-21T07:42:06.706940-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=11&gs_id=4g&xhr=t&q=The%20key%20is%20&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=11&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
163
2012-09-21T07:41:45.538245-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/img/carousel-prev-next-3.png200
164
2012-09-21T07:41:45.620655-0700172.18.3.11open.live.bbc.co.uk80GET/wurfldemi/network.jsonp?callback=_demi_mobile_network_cb_0200
165
2012-09-21T07:41:45.643105-0700172.18.3.11node1.bbcimg.co.uk80GET/glow/glow/1.7.7/widgets/images/darkpanel/ctr.png200
166
2012-09-21T07:41:54.080921-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/story.css200
167
2012-09-21T07:42:12.049128-0700172.18.3.11p5-vuomjve4ezg7a-ygiznq2tllkmxoic-759258-i2-v6exp3-v4.metric.gstatic.com80GET/v6exp3/6.gif200
168
2012-09-21T07:41:54.116429-0700172.18.3.11emp.bbci.co.uk80GET/emp/bump?emp=worldwide&enableClear=1301
169
2012-09-21T07:42:18.443981-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=12&gs_id=at&xhr=t&q=The%20key%20is%20%22&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=12&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
170
2012-09-21T07:41:54.184463-0700172.18.3.11emp.bbci.co.uk80GET/emp/releases/bump/revisions/872744/embed.js?emp=worldwide&enableClear=1304
171
2012-09-21T07:41:54.252398-0700172.18.3.11stats.bbc.co.uk80GET/o.gif?~RS~s~RS~News~RS~t~RS~HighWeb_Story~RS~i~RS~19674761~RS~p~RS~99113~RS~a~RS~Domestic~RS~u~RS~/news/technology-19674761~RS~r~RS~http://www.bbc.co.uk/news/technology/~RS~q~RS~~RS~z~RS~04~RS~200
172
2012-09-21T07:41:54.275052-0700172.18.3.11emp.bbci.co.uk80GET/emp/worldwide/embed.js?mediaset=journalism-pc301
173
2012-09-21T07:41:45.731110-0700172.18.3.11news.bbcimg.co.uk80GET/js/app/ticker/2_1_1/ticker.js200
174
2012-09-21T07:41:49.838636-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/63031000/jpg/_63031105_000793140-1.jpg200
175
2012-09-21T07:41:49.847598-0700172.18.3.11news.bbcimg.co.uk80GET/media/images/62978000/jpg/_62978075_62978004.jpg200
176
2012-09-21T07:41:49.879909-0700172.18.3.11newsimg.bbc.co.uk80GET/news/special/2012/newsspec_4095/widget/css/style_w.css200
177
2012-09-21T07:42:20.597822-0700172.18.3.11news.google.co.uk80GET/news/tbn/Zslr3463hrQJ/6.jpg200
178
2012-09-21T07:42:20.599260-0700172.18.3.11www.google.co.uk80GET/s?hl=en&sugexp=les%3B&gs_nf=1&cp=44&gs_id=da&xhr=t&q=The%20key%20is%20%22ad7b9c14083b52bc532fba5948342b98&pf=p&output=search&sclient=psy-ab&oq=&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=ff301ef4d48490c5&biw=1680&bih=920&tch=1&ech=13&psi=H3tcUJzaJYWf0QW184CYBw.1348238521751.1200
179
2012-09-21T07:42:20.771452-0700172.18.3.11id.google.co.uk80GET/verify/EAAAAOUmQ06UkEvBLgmOHOaVuYg.gif200
180
2012-09-21T07:42:20.824447-0700172.18.3.11www.google.co.uk80GET/csi?v=3&s=web&action=&ei=MXtcULqJFYi5hAebh4GYCQ&e=17259,18168,28290,28663,37102,39523,39977,4000116,4000354,4000473,4000519,4000545,4000553,4000833,4000841,4000949,4000974,4001007&cr=c&imp=1&pf=1&pfa=n.10,ttfc.59,ttlc.0,cbt.1&pfm=n.10,ttfc.106,ttlc.0,cbt.52&pmd=max.1,avg.0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1&imn=3&rt=prt.68,pprt.69,ol.69,jsrt.1203,iml.167,kpr.15010,bpl.18917204
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 141-160 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
141
2012-09-21T07:43:38.102668-07001455542889071554flow172.18.3.1162017172.18.1.10053UDPpcapanalyzer
142
2012-09-21T07:43:38.102668-0700893681710191748flow172.18.3.1154338172.18.1.10053UDPpcapanalyzer
143
2012-09-21T07:43:38.102668-07001175811669116745flow172.18.3.11651089.207.18.18180TCPpcapanalyzer
144
2012-09-21T07:43:38.102668-0700190659988108035flow172.18.3.11651189.207.18.18180TCPpcapanalyzer
145
2012-09-21T07:43:38.102668-07001458051146645458flow172.18.3.11643780.239.254.3480TCPpcapanalyzer
146
2012-09-21T07:43:38.102668-0700614306972093896flow172.18.3.11649580.239.221.1880TCPpcapanalyzer
147
2012-09-21T07:43:38.102668-07001599615419464727flow172.18.3.116494212.155.198.3080TCPpcapanalyzer
148
2012-09-21T07:43:38.102668-070052583233396150flow172.18.3.11657846.229.160.18380TCPpcapanalyzer
149
2012-09-21T07:43:38.102668-07001882204940931141flow172.18.3.11656246.229.160.18380TCPpcapanalyzer
150
2012-09-21T07:43:38.102668-0700616475934750348flow172.18.3.116641172.18.3.4980TCPpcapanalyzer
151
2012-09-21T07:43:38.102668-0700898019628987461flow172.18.3.116600204.152.194.21880TCPpcapanalyzer
152
2012-09-21T07:43:38.102668-07002024364063459346flow172.18.3.11656146.229.160.18380TCPpcapanalyzer
153
2012-09-21T07:43:38.102668-07001883656635594724flow172.18.3.116412173.194.65.10380TCPpcapanalyzer
154
2012-09-21T07:43:38.102668-070054131569701761flow172.18.3.11659588.212.196.6980TCPpcapanalyzer
155
2012-09-21T07:43:38.102668-070054176668325813flow172.18.3.1159406172.18.1.10053UDPpcapanalyzer
156
2012-09-21T07:43:38.102668-070054823054012522flow172.18.3.11643680.239.254.4280TCPpcapanalyzer
157
2012-09-21T07:43:38.102668-0700618294851406370flow172.18.3.116602204.152.194.21880TCPpcapanalyzer
158
2012-09-21T07:43:38.102668-07001040539523925904flow172.18.3.1151532172.18.1.10053UDPpcapanalyzer
159
2012-09-21T07:43:38.102668-07001463379060940245flow172.18.3.11664080.239.149.4480TCPpcapanalyzer
160
2012-09-21T07:43:38.102668-0700196945676397562flow172.18.3.116609212.58.244.6680TCPpcapanalyzer
File 654
Showing 1-20 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2012-09-21T07:41:40.178861-0700173.194.65.94172.18.3.11/images/srpr/logo3w.pngPNG image data, 275 x 95, 8-bit colormap, non-interlaced7007
2
2012-09-21T07:41:40.427980-0700173.194.65.103172.18.3.11/textinputassistant/tia.pngPNG image data, 27 x 23, 8-bit/color RGB, non-interlaced387
3
2012-09-21T07:41:40.291561-0700173.194.65.94172.18.3.11/images/swxa.gifGIF image data, version 89a, 120 x 655223
4
2012-09-21T07:41:39.911086-0700173.194.65.94172.18.3.11/HTML document, ASCII text, with very long lines97491
5
2012-09-21T07:41:44.482932-0700212.58.244.66172.18.3.11/favicon.icoMS Windows icon resource - 2 icons, 16x16, 2 colors958
6
2012-09-21T07:41:39.946369-0700173.194.65.94172.18.3.11/images/icons/product/chrome-48.pngPNG image data, 48 x 48, 8-bit colormap, non-interlaced1834
7
2012-09-21T07:41:44.597866-070080.239.217.171172.18.3.11/frameworks/barlesque/2.10.0/desktop/3.5/img/blq-blocks_grey_alpha.pngPNG image data, 84 x 24, 8-bit/color RGBA, non-interlaced1020
8
2012-09-21T07:41:40.204621-0700173.194.65.94172.18.3.11/xjs/_/js/s/s,st,anim,jsa,c,sb,hv,wta,cr,cdos,nos,tbpr,tbui,rsn,ob,mb,lc,du,ada,amcl,klc,kat,aut,bihu,kp,lu,m,shb,tng,hsm,j,p,pcc,csi/rt=j/ver=Npnh78fj8FE.en_US./d=1/sv=1/rs=AItRSTPQPHplxSwT63aSYOfWgPS1dWhc4gASCII text, with very long lines481401
9
2012-09-21T07:41:44.585922-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/print.cssASCII text, with very long lines, with no line terminators3947
10
2012-09-21T07:41:44.590623-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/mobile.cssASCII text, with no line terminators36
11
2012-09-21T07:41:44.614033-0700212.58.244.61172.18.3.11/HTML document, ASCII text234
12
2012-09-21T07:41:44.614931-070080.239.254.34172.18.3.11/glow/gloader.0.1.6.jsHTML document, ASCII text, with very long lines15520
13
2012-09-21T07:41:44.643648-070080.239.254.42172.18.3.11/emp/bumpHTML document, ASCII text305
14
2012-09-21T07:41:44.666045-070080.239.254.74172.18.3.11/iplayer/images/episode/b01mxvlw_150_84.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 150x84, frames 310037
15
2012-09-21T07:41:40.283031-0700173.194.65.94172.18.3.11/extern_chrome/ff301ef4d48490c5.jsASCII text, with very long lines, with no line terminators61792
16
2012-09-21T07:41:44.724056-0700212.58.244.130172.18.3.11/o.gifGIF image data, version 89a, 1 x 143
17
2012-09-21T07:41:44.732058-0700212.58.244.66172.18.3.11/news/HTML document, ASCII text, with CRLF, LF line terminators105102
18
2012-09-21T07:41:44.733613-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/components/components.cssASCII text, with very long lines, with no line terminators225987
19
2012-09-21T07:41:40.373773-0700173.194.41.175172.18.3.11/gb/js/sem_9d2b852f41bb993a0833b0a332253abb.jsASCII text, with very long lines45888
20
2012-09-21T07:41:40.537968-0700173.194.65.94172.18.3.11/favicon.icoMS Windows icon resource - 2 icons, 16x165430

Comments(not set)

Update Download PCAP Delete