Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.152cs.com | 222.139.155.85 |
- UDP Requests
-
-
192.168.56.101:61479 164.124.101.2:53
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:62327 239.255.255.250:1900
-
192.168.56.101:62329 239.255.255.250:3702
-
192.168.56.101:62331 239.255.255.250:3702
-
192.168.56.101:62333 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
200
http://45.122.138.54/ads/4.jpg
REQUEST
RESPONSE
BODY
GET /ads/4.jpg HTTP/1.1
User-Agent: Mozilla/4.0 (compatible)
Host: 45.122.138.54
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: NetBox Version 2.8 Build 4128
Date: Mon, 24 Jun 2013 10:27:42 GMT
Connection: Keep-Alive
Content-Type: image/jpeg
Last-Modified: Sun, 07 Oct 2014 13:13:12 GMT
Content-Length: 245280
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49200 -> 45.122.138.54:80 | 2008974 | ET ADWARE_PUP User-Agent (Mozilla/4.0 (compatible)) | Possibly Unwanted Program Detected |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts