Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
mofa.iugur.live | 185.163.45.56 |
- UDP Requests
-
-
192.168.56.101:61479 164.124.101.2:53
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:61480 239.255.255.250:3702
-
192.168.56.101:62445 239.255.255.250:1900
-
192.168.56.101:62447 239.255.255.250:3702
-
192.168.56.101:62449 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
404
https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d= HTTP/1.1
Host: mofa.iugur.live
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d= HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d= HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/ HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/ HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/ HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4.
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4. HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4.
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4. HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
GET
404
https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4.
REQUEST
RESPONSE
BODY
GET /2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4. HTTP/1.1
Host: mofa.iugur.live
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 22 Apr 2021 00:51:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.101:49201 -> 185.163.45.56:443 | 906200056 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.101:49201 185.163.45.56:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=*.iugur.live | e3:d0:2e:6f:dd:cc:f9:aa:87:9f:48:cc:c6:70:fc:71:9b:74:f8:ec |
Snort Alerts
No Snort Alerts