pak004_932bdb768b3eeeec3fcd3540acd32aa0.pcap

MD5932bdb768b3eeeec3fcd3540acd32aa0
Submission Date2021-10-04 07:56:18
Tags(not set)
Alert 6
Showing 1-6 of 6 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2012-09-21T07:42:34.494625-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
2
2012-09-21T07:42:36.845858-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
3
2012-09-21T07:42:37.398726-070080.239.254.72172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
4
2012-09-21T07:42:39.445690-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
5
2012-09-21T07:42:39.570006-0700173.194.41.188172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
6
2012-09-21T07:43:36.151476-070080.239.254.42172.18.3.11ET INFO Observed Interesting Content-Type Inbound (application/x-sh)*
DNS 327
Showing 81-100 of 327 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
81
2012-09-21T07:42:20.578611-0700172.18.1.100172.18.3.11answergulfnews.comA(not set)
82
2012-09-21T07:42:20.586078-0700172.18.3.11172.18.1.100querywww.theaustralian.com.auA(not set)
83
2012-09-21T07:42:20.605191-0700172.18.1.100172.18.3.11answerwww.theaustralian.com.auA(not set)
84
2012-09-21T07:42:22.475631-0700172.18.3.11172.18.1.100querywww.dslreports.comA(not set)
85
2012-09-21T07:42:22.475670-0700172.18.3.11172.18.1.100queryforums.malwarebytes.orgA(not set)
86
2012-09-21T07:42:22.495163-0700172.18.1.100172.18.3.11answerwww.dslreports.comA(not set)
87
2012-09-21T07:42:22.496664-0700172.18.3.11172.18.1.100querybbs.360.cnA(not set)
88
2012-09-21T07:42:22.502757-0700172.18.1.100172.18.3.11answerforums.malwarebytes.orgA(not set)
89
2012-09-21T07:42:22.503962-0700172.18.3.11172.18.1.100querybbs.kafan.cnA(not set)
90
2012-09-21T07:42:22.515638-0700172.18.1.100172.18.3.11answerbbs.360.cnA(not set)
91
2012-09-21T07:42:22.969213-0700172.18.1.100172.18.3.11answerbbs.kafan.cnA(not set)
92
2012-09-21T07:42:22.517254-0700172.18.3.11172.18.1.100queryforum.botfrei.deA(not set)
93
2012-09-21T07:42:22.536230-0700172.18.1.100172.18.3.11answerforum.botfrei.deA(not set)
94
2012-09-21T07:42:33.354308-0700172.18.3.11172.18.1.100querymedia.skynews.comA(not set)
95
2012-09-21T07:42:33.400298-0700172.18.1.100172.18.3.11answermedia.skynews.comA(not set)
96
2012-09-21T07:42:33.435229-0700172.18.3.11172.18.1.100queryjs.revsci.netA(not set)
97
2012-09-21T07:42:33.474487-0700172.18.1.100172.18.3.11answerjs.revsci.netA(not set)
98
2012-09-21T07:41:50.169348-0700172.18.3.11172.18.1.100querytwitter.comA(not set)
99
2012-09-21T07:41:50.188459-0700172.18.1.100172.18.3.11answertwitter.comA(not set)
100
2012-09-21T07:42:33.710389-0700172.18.3.11172.18.1.100querymetrics.sky.comA(not set)
TLS 8
Showing 1-8 of 8 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2012-09-21T07:42:39.608580-0700172.18.3.11173.194.41.168TLSv1plusone.google.com
2
2012-09-21T07:42:39.469797-0700172.18.3.11173.194.41.174TLSv1apis.google.com
3
2012-09-21T07:42:39.679741-0700172.18.3.11173.194.41.175TLSv1ssl.gstatic.com
4
2012-09-21T07:42:40.459911-0700172.18.3.112.23.130.110TLSv1s-static.ak.facebook.com
5
2012-09-21T07:42:47.097613-0700172.18.3.11173.194.41.185TLSv1googleads.g.doubleclick.net
6
2012-09-21T07:42:40.801600-0700172.18.3.11173.252.101.16TLSv1www.facebook.com
7
2012-09-21T07:42:59.520623-0700172.18.3.11173.194.67.95TLSv1ajax.googleapis.com
8
2012-09-21T07:43:34.176791-0700172.18.3.11173.194.41.163TLSv1sb-ssl.google.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 687
Showing 1-20 of 687 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2012-09-21T07:41:40.427980-0700172.18.3.11www.google.com80GET/textinputassistant/tia.png200
2
2012-09-21T07:41:40.178861-0700172.18.3.11www.google.co.uk80GET/images/srpr/logo3w.png200
3
2012-09-21T07:41:40.291561-0700172.18.3.11www.google.co.uk80GET/images/swxa.gif200
4
2012-09-21T07:41:40.537934-0700172.18.3.11www.google.co.uk80GET/csi?v=3&s=webhp&action=&e=17259,37102,39523,39976,4000116,4000354,4000472,4000519,4000545,4000553,4000624,4000648,4000723,4000784,4000833,4000841,4000949,4000974,4001007,4001013&ei=CXtcUPLCNoXF0QX3o4GIDQ&imc=1&imn=1&imp=1&rt=xjsls.36,prt.41,xjses.266,xjsee.318,xjs.320,ol.399,iml.61,wsrt.183,cst.0,dnst.22,rqst.103,rspt.31204
5
2012-09-21T07:41:39.911086-0700172.18.3.11www.google.co.uk80GET/200
6
2012-09-21T07:41:44.482932-0700172.18.3.11www.bbc.co.uk80GET/favicon.ico200
7
2012-09-21T07:41:39.946369-0700172.18.3.11www.google.co.uk80GET/images/icons/product/chrome-48.png200
8
2012-09-21T07:41:44.597866-0700172.18.3.11static.bbci.co.uk80GET/frameworks/barlesque/2.10.0/desktop/3.5/img/blq-blocks_grey_alpha.png200
9
2012-09-21T07:41:44.585922-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/print.css200
10
2012-09-21T07:41:40.204621-0700172.18.3.11www.google.co.uk80GET/xjs/_/js/s/s,st,anim,jsa,c,sb,hv,wta,cr,cdos,nos,tbpr,tbui,rsn,ob,mb,lc,du,ada,amcl,klc,kat,aut,bihu,kp,lu,m,shb,tng,hsm,j,p,pcc,csi/rt=j/ver=Npnh78fj8FE.en_US./d=1/sv=1/rs=AItRSTPQPHplxSwT63aSYOfWgPS1dWhc4g200
11
2012-09-21T07:41:44.590623-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/mobile.css200
12
2012-09-21T07:41:44.614033-0700172.18.3.11news.bbc.co.uk80GET/301
13
2012-09-21T07:41:44.614931-0700172.18.3.11node1.bbcimg.co.uk80GET/glow/gloader.0.1.6.js200
14
2012-09-21T07:41:44.643648-0700172.18.3.11emp.bbci.co.uk80GET/emp/bump?emp=worldwide&enableClear=1301
15
2012-09-21T07:41:44.666045-0700172.18.3.11node2.bbcimg.co.uk80GET/iplayer/images/episode/b01mxvlw_150_84.jpg200
16
2012-09-21T07:41:40.283031-0700172.18.3.11www.google.co.uk80GET/extern_chrome/ff301ef4d48490c5.js200
17
2012-09-21T07:41:44.724056-0700172.18.3.11stats.bbc.co.uk80GET/o.gif?~RS~s~RS~News~RS~t~RS~HighWeb_Index~RS~i~RS~0~RS~p~RS~99854~RS~a~RS~Domestic~RS~u~RS~/news/~RS~r~RS~(none)~RS~q~RS~~RS~z~RS~54~RS~200
18
2012-09-21T07:41:44.732058-0700172.18.3.11www.bbc.co.uk80GET/news/200
19
2012-09-21T07:41:44.733613-0700172.18.3.11news.bbcimg.co.uk80GET/view/3_0_2/cream/hi/shared/components/components.css200
20
2012-09-21T07:41:40.373773-0700172.18.3.11ssl.gstatic.com80GET/gb/js/sem_9d2b852f41bb993a0833b0a332253abb.js200
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 405
Showing 1-20 of 405 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2012-09-21T07:41:39.704863-0700954277252052231flow172.18.3.1158234255.255.255.2551947UDPpcapanalyzer
2
2012-09-21T07:41:39.704863-0700118968389913127flow172.18.3.116405172.18.3.4980TCPpcapanalyzer
3
2012-09-21T07:41:40.359876-0700268514856517983flow172.18.3.1150167172.18.1.10053UDPpcapanalyzer
4
2012-09-21T07:42:33.881814-0700751578418267952flow172.18.3.1158234172.18.255.2551947UDPpcapanalyzer
5
2012-09-21T07:42:33.881814-0700268514856473418flow172.18.1.10053172.18.3.1150167UDPpcapanalyzer
6
2012-09-21T07:43:38.102668-0700141053112448034flow172.18.3.1158471172.18.1.10053UDPpcapanalyzer
7
2012-09-21T07:43:38.102668-07001126275663755394flow172.18.3.1156951172.18.1.10053UDPpcapanalyzer
8
2012-09-21T07:43:38.102668-0700563830371169239flow172.18.3.116599204.152.194.21880TCPpcapanalyzer
9
2012-09-21T07:43:38.102668-07001267732563203033flow172.18.3.1162003172.18.1.10053UDPpcapanalyzer
10
2012-09-21T07:43:38.102668-0700845689741651186flow172.18.3.1156536172.18.1.10053UDPpcapanalyzer
11
2012-09-21T07:43:38.102668-07001690230639403618flow172.18.3.11648464.236.124.22980TCPpcapanalyzer
12
2012-09-21T07:43:38.102668-07001972334825587849flow172.18.3.1149568172.18.1.10053UDPpcapanalyzer
13
2012-09-21T07:43:38.102668-0700284116325262502flow172.18.3.1160687172.18.1.10053UDPpcapanalyzer
14
2012-09-21T07:43:38.102668-0700426541739252755flow172.18.3.1153110172.18.1.10053UDPpcapanalyzer
15
2012-09-21T07:43:38.102668-07001834479260316737flow172.18.3.11643380.239.254.2480TCPpcapanalyzer
16
2012-09-21T07:43:38.102668-0700145799055393495flow172.18.3.1163879172.18.1.10053UDPpcapanalyzer
17
2012-09-21T07:43:38.102668-0700568043728287493flow172.18.3.1164864172.18.1.10053UDPpcapanalyzer
18
2012-09-21T07:43:38.102668-0700568110305485653flow172.18.3.116586213.174.142.2980TCPpcapanalyzer
19
2012-09-21T07:43:38.102668-07001975551755764055flow172.18.3.116410173.194.65.9480TCPpcapanalyzer
20
2012-09-21T07:43:38.102668-0700287150723368471flow172.18.3.116519194.60.187.23080TCPpcapanalyzer
File 654
Showing 1-20 of 654 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2012-09-21T07:41:40.178861-0700173.194.65.94172.18.3.11/images/srpr/logo3w.pngPNG image data, 275 x 95, 8-bit colormap, non-interlaced7007
2
2012-09-21T07:41:40.427980-0700173.194.65.103172.18.3.11/textinputassistant/tia.pngPNG image data, 27 x 23, 8-bit/color RGB, non-interlaced387
3
2012-09-21T07:41:40.291561-0700173.194.65.94172.18.3.11/images/swxa.gifGIF image data, version 89a, 120 x 655223
4
2012-09-21T07:41:39.911086-0700173.194.65.94172.18.3.11/HTML document, ASCII text, with very long lines97491
5
2012-09-21T07:41:44.482932-0700212.58.244.66172.18.3.11/favicon.icoMS Windows icon resource - 2 icons, 16x16, 2 colors958
6
2012-09-21T07:41:39.946369-0700173.194.65.94172.18.3.11/images/icons/product/chrome-48.pngPNG image data, 48 x 48, 8-bit colormap, non-interlaced1834
7
2012-09-21T07:41:44.597866-070080.239.217.171172.18.3.11/frameworks/barlesque/2.10.0/desktop/3.5/img/blq-blocks_grey_alpha.pngPNG image data, 84 x 24, 8-bit/color RGBA, non-interlaced1020
8
2012-09-21T07:41:40.204621-0700173.194.65.94172.18.3.11/xjs/_/js/s/s,st,anim,jsa,c,sb,hv,wta,cr,cdos,nos,tbpr,tbui,rsn,ob,mb,lc,du,ada,amcl,klc,kat,aut,bihu,kp,lu,m,shb,tng,hsm,j,p,pcc,csi/rt=j/ver=Npnh78fj8FE.en_US./d=1/sv=1/rs=AItRSTPQPHplxSwT63aSYOfWgPS1dWhc4gASCII text, with very long lines481401
9
2012-09-21T07:41:44.585922-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/print.cssASCII text, with very long lines, with no line terminators3947
10
2012-09-21T07:41:44.590623-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/mobile.cssASCII text, with no line terminators36
11
2012-09-21T07:41:44.614033-0700212.58.244.61172.18.3.11/HTML document, ASCII text234
12
2012-09-21T07:41:44.614931-070080.239.254.34172.18.3.11/glow/gloader.0.1.6.jsHTML document, ASCII text, with very long lines15520
13
2012-09-21T07:41:44.643648-070080.239.254.42172.18.3.11/emp/bumpHTML document, ASCII text305
14
2012-09-21T07:41:44.666045-070080.239.254.74172.18.3.11/iplayer/images/episode/b01mxvlw_150_84.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 150x84, frames 310037
15
2012-09-21T07:41:40.283031-0700173.194.65.94172.18.3.11/extern_chrome/ff301ef4d48490c5.jsASCII text, with very long lines, with no line terminators61792
16
2012-09-21T07:41:44.724056-0700212.58.244.130172.18.3.11/o.gifGIF image data, version 89a, 1 x 143
17
2012-09-21T07:41:44.732058-0700212.58.244.66172.18.3.11/news/HTML document, ASCII text, with CRLF, LF line terminators105102
18
2012-09-21T07:41:44.733613-070080.239.254.24172.18.3.11/view/3_0_2/cream/hi/shared/components/components.cssASCII text, with very long lines, with no line terminators225987
19
2012-09-21T07:41:40.373773-0700173.194.41.175172.18.3.11/gb/js/sem_9d2b852f41bb993a0833b0a332253abb.jsASCII text, with very long lines45888
20
2012-09-21T07:41:40.537968-0700173.194.65.94172.18.3.11/favicon.icoMS Windows icon resource - 2 icons, 16x165430

Comments(not set)

Update Download PCAP Delete