Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| revedanstvy.bid | 54.197.173.238 | |
| aws.amazon.com | 13.225.123.73 |
- TCP Requests
-
-
192.168.56.102:49179 54.197.173.238:80revedanstvy.bid
-
192.168.56.102:49180 54.197.173.238:80revedanstvy.bid
-
192.168.56.102:49181 54.197.173.238:80revedanstvy.bid
-
192.168.56.102:49183 54.197.173.238:80revedanstvy.bid
-
192.168.56.102:49184 54.197.173.238:80revedanstvy.bid
-
192.168.56.102:49185 54.197.173.238:80revedanstvy.bid
-
192.168.56.102:49176 99.86.203.73:443aws.amazon.com
-
192.168.56.102:49177 99.86.203.73:443aws.amazon.com
-
192.168.56.102:49178 99.86.203.73:443aws.amazon.com
-
- UDP Requests
-
-
192.168.56.102:53271 164.124.101.2:53
-
192.168.56.102:57795 164.124.101.2:53
-
192.168.56.102:58408 164.124.101.2:53
-
192.168.56.102:58692 164.124.101.2:53
-
192.168.56.102:60911 164.124.101.2:53
-
192.168.56.102:64036 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:138 192.168.56.255:138
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:53274 239.255.255.250:1900
-
8.8.8.8:53 192.168.56.102:58692
-
GET
200
https://aws.amazon.com/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Host: aws.amazon.com
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Server
Date: Fri, 09 Jul 2021 00:34:06 GMT
x-amz-rid: D4P61Z83WEF501JJJPN3
Set-Cookie: aws-priv=eyJ2IjoxLCJldSI6MCwic3QiOjB9; Version=1; Comment="Anonymous cookie for privacy regulations"; Domain=.aws.amazon.com; Max-Age=31536000; Expires=Sat, 09-Jul-2022 00:34:06 GMT; Path=/
Set-Cookie: aws-csds-token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MjU3OTQ0NDYsInZpc2l0b3ItaWQiOiI4ZWJkNDQ1Ny1jYTNmLWQ4MzctMjM3OS00ODBhYWY0ZDAwMzAiLCJpcCI6IjE3NS4yMDguMTM0LjE1MCJ9.f2-eXjUPZrgGjcYq3c9Rf7RZcHq1nZEUNFA-8iW0I6c; Version=1; Comment="Anonymous metrics validation token"; Domain=.amazon.com; Max-Age=900; Expires=Fri, 09-Jul-2021 00:49:06 GMT; Path=/
Set-Cookie: aws_lang=en; Domain=.amazon.com; Path=/
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
x-amz-id-1: D4P61Z83WEF501JJJPN3
Last-Modified: Thu, 01 Jul 2021 01:29:19 GMT
Content-Security-Policy-Report-Only: default-src 'self' data: https://a0.awsstatic.com; connect-src 'self' https://112-tzm-766.mktoresp.com https://112-tzm-766.mktoutil.com https://a0.awsstatic.com https://a0.p.awsstatic.com https://a1.awsstatic.com https://amazonwebservices.d2.sc.omtrdc.net https://amazonwebservicesinc.tt.omtrdc.net https://api.regional-table.region-services.aws.a2z.com https://api.us-west-2.prod.pricing.aws.a2z.com https://b0.p.awsstatic.com https://c0.b0.p.awsstatic.com https://calculator.aws https://d0.awsstatic.com https://d1.awsstatic.com https://d1fgizr415o1r6.cloudfront.net https://d3borx6sfvnesb.cloudfront.net https://dc.ads.linkedin.com https://dftu77xade0tc.cloudfront.net https://dpm.demdex.net https://fls-na.amazon.com https://googleads.g.doubleclick.net https://i18n-string.us-west-2.prod.pricing.aws.a2z.com https://prod.log.shortbread.aws.dev https://prod.tools.shortbread.aws.dev https://s0.awsstatic.com https://s3.amazonaws.com/aws-messaging-pricing-information/ https://s3.amazonaws.com/public-pricing-agc/ https://spot-bid-advisor.s3.amazonaws.com https://view-stage.us-west-2.prod.pricing.aws.a2z.com https://view-staging.us-east-1.prod.plc1-prod.pricing.aws.a2z.com https://www.youtube-nocookie.com; font-src 'self' data: https://a0.awsstatic.com https://f0.awsstatic.com https://fonts.gstatic.com; frame-src 'self' https://c0.b0.p.awsstatic.com https://calculator.aws https://dpm.demdex.net https://www.youtube-nocookie.com; img-src 'self' data: https://*.ads.linkedin.com https://*.vidyard.com https://*.ytimg.com https://a0.awsstatic.com https://amazonwebservices.d2.sc.omtrdc.net https://aws-quickstart.s3.amazonaws.com https://awsmedia.s3.amazonaws.com https://d1.awsstatic-china.com https://d1.awsstatic.com https://d2908q01vomqb2.cloudfront.net https://d36cz9buwru1tt.cloudfront.net https://docs.aws.amazon.com https://dpm.demdex.net https://fls-na.amazon.com https://googleads.g.doubleclick.net https://img.youtube.com https://marketingplatform.google.com https://media.amazonwebservices.com https://p.adsymptotic.com https://pages.awscloud.com https://s3.amazonaws.com/aws-quickstart/ https://ssl-static.libsyn.com https://static-cdn.jtvnw.net https://www.google.com https://www.linkedin.com https://yt3.ggpht.com; media-src 'self' https://*.libsyn.com https://a0.awsstatic.com https://anchor.fm https://awsmedia.s3.amazonaws.com https://awspodcastsiberiaent.s3.eu-west-3.amazonaws.com https://chtbl.com https://d1.awsstatic.com https://d1hemuljm71t2j.cloudfront.net https://d1le29qyzha1u4.cloudfront.net https://d1oqpvwii7b6rh.cloudfront.net https://d1vo51ubqkiilx.cloudfront.net https://d1yyh5dhdgifnx.cloudfront.net https://d2908q01vomqb2.cloudfront.net https://d2a6igt6jhaluh.cloudfront.net https://d3ctxlq1ktw2nl.cloudfront.net https://d3h2ozso0dirfl.cloudfront.net https://dgen8gghn3u86.cloudfront.net https://dk261l6wntthl.cloudfront.net https://download.stormacq.com/aws/podcast/ https://dts.podtrac.com https://media.amazonwebservices.com https://mktg-apac.s3-ap-southeast-1.amazonaws.com https://www.buzzsprout.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a0.awsstatic.com https://amazonwebservicesinc.tt.omtrdc.net https://googleads.g.doubleclick.net https://static.doubleclick.net https://website.spot.ec2.aws.a2z.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://a0.awsstatic.com; report-uri https://prod-us-west-2.csp-report.marketing.aws.dev/submit
Vary: accept-encoding,Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy: interest-cohort=()
X-Cache: Miss from cloudfront
Via: 1.1 766850cf3ceebc02f33548a3287ad589.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ICN51-C1
X-Amz-Cf-Id: DSlcjfe4VMFMP23ni2MqkMN6h3cxnQIrhNrm9XntbbAklzv3LgGyaA==
GET
200
https://aws.amazon.com/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Host: aws.amazon.com
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Server
Date: Fri, 09 Jul 2021 00:34:06 GMT
x-amz-rid: EZKKDPB44E49NTQ2RXB9
Set-Cookie: aws-priv=eyJ2IjoxLCJldSI6MCwic3QiOjB9; Version=1; Comment="Anonymous cookie for privacy regulations"; Domain=.aws.amazon.com; Max-Age=31536000; Expires=Sat, 09-Jul-2022 00:34:06 GMT; Path=/
Set-Cookie: aws-csds-token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MjU3OTQ0NDYsInZpc2l0b3ItaWQiOiJkY2JkNDQ1Ny1jYTdhLTUzMDItYmMxZS1kNzNhOTg2MjZkMDkiLCJpcCI6IjE3NS4yMDguMTM0LjE1MCJ9.Tk-lapRDjjMsebunKQ2Uqvl4UjxBPzunxJMWFyW5v-Y; Version=1; Comment="Anonymous metrics validation token"; Domain=.amazon.com; Max-Age=900; Expires=Fri, 09-Jul-2021 00:49:06 GMT; Path=/
Set-Cookie: aws_lang=en; Domain=.amazon.com; Path=/
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
x-amz-id-1: EZKKDPB44E49NTQ2RXB9
Last-Modified: Thu, 01 Jul 2021 01:29:19 GMT
Content-Security-Policy-Report-Only: default-src 'self' data: https://a0.awsstatic.com; connect-src 'self' https://112-tzm-766.mktoresp.com https://112-tzm-766.mktoutil.com https://a0.awsstatic.com https://a0.p.awsstatic.com https://a1.awsstatic.com https://amazonwebservices.d2.sc.omtrdc.net https://amazonwebservicesinc.tt.omtrdc.net https://api.regional-table.region-services.aws.a2z.com https://api.us-west-2.prod.pricing.aws.a2z.com https://b0.p.awsstatic.com https://c0.b0.p.awsstatic.com https://calculator.aws https://d0.awsstatic.com https://d1.awsstatic.com https://d1fgizr415o1r6.cloudfront.net https://d3borx6sfvnesb.cloudfront.net https://dc.ads.linkedin.com https://dftu77xade0tc.cloudfront.net https://dpm.demdex.net https://fls-na.amazon.com https://googleads.g.doubleclick.net https://i18n-string.us-west-2.prod.pricing.aws.a2z.com https://prod.log.shortbread.aws.dev https://prod.tools.shortbread.aws.dev https://s0.awsstatic.com https://s3.amazonaws.com/aws-messaging-pricing-information/ https://s3.amazonaws.com/public-pricing-agc/ https://spot-bid-advisor.s3.amazonaws.com https://view-stage.us-west-2.prod.pricing.aws.a2z.com https://view-staging.us-east-1.prod.plc1-prod.pricing.aws.a2z.com https://www.youtube-nocookie.com; font-src 'self' data: https://a0.awsstatic.com https://f0.awsstatic.com https://fonts.gstatic.com; frame-src 'self' https://c0.b0.p.awsstatic.com https://calculator.aws https://dpm.demdex.net https://www.youtube-nocookie.com; img-src 'self' data: https://*.ads.linkedin.com https://*.vidyard.com https://*.ytimg.com https://a0.awsstatic.com https://amazonwebservices.d2.sc.omtrdc.net https://aws-quickstart.s3.amazonaws.com https://awsmedia.s3.amazonaws.com https://d1.awsstatic-china.com https://d1.awsstatic.com https://d2908q01vomqb2.cloudfront.net https://d36cz9buwru1tt.cloudfront.net https://docs.aws.amazon.com https://dpm.demdex.net https://fls-na.amazon.com https://googleads.g.doubleclick.net https://img.youtube.com https://marketingplatform.google.com https://media.amazonwebservices.com https://p.adsymptotic.com https://pages.awscloud.com https://s3.amazonaws.com/aws-quickstart/ https://ssl-static.libsyn.com https://static-cdn.jtvnw.net https://www.google.com https://www.linkedin.com https://yt3.ggpht.com; media-src 'self' https://*.libsyn.com https://a0.awsstatic.com https://anchor.fm https://awsmedia.s3.amazonaws.com https://awspodcastsiberiaent.s3.eu-west-3.amazonaws.com https://chtbl.com https://d1.awsstatic.com https://d1hemuljm71t2j.cloudfront.net https://d1le29qyzha1u4.cloudfront.net https://d1oqpvwii7b6rh.cloudfront.net https://d1vo51ubqkiilx.cloudfront.net https://d1yyh5dhdgifnx.cloudfront.net https://d2908q01vomqb2.cloudfront.net https://d2a6igt6jhaluh.cloudfront.net https://d3ctxlq1ktw2nl.cloudfront.net https://d3h2ozso0dirfl.cloudfront.net https://dgen8gghn3u86.cloudfront.net https://dk261l6wntthl.cloudfront.net https://download.stormacq.com/aws/podcast/ https://dts.podtrac.com https://media.amazonwebservices.com https://mktg-apac.s3-ap-southeast-1.amazonaws.com https://www.buzzsprout.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a0.awsstatic.com https://amazonwebservicesinc.tt.omtrdc.net https://googleads.g.doubleclick.net https://static.doubleclick.net https://website.spot.ec2.aws.a2z.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://a0.awsstatic.com; report-uri https://prod-us-west-2.csp-report.marketing.aws.dev/submit
Vary: accept-encoding,Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy: interest-cohort=()
X-Cache: Miss from cloudfront
Via: 1.1 f192ae96aecb34ea7c9905f8f9f23272.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ICN51-C1
X-Amz-Cf-Id: jU5UHazBygqmM4YnoEa26Fp0mRTfyBiSzUILkAGgBUWqme_LqKF9Zw==
GET
200
https://aws.amazon.com/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Host: aws.amazon.com
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Server
Date: Fri, 09 Jul 2021 00:34:06 GMT
x-amz-rid: 8XXXGKVT5HT2RCHB5Y2T
Set-Cookie: aws-priv=eyJ2IjoxLCJldSI6MCwic3QiOjB9; Version=1; Comment="Anonymous cookie for privacy regulations"; Domain=.aws.amazon.com; Max-Age=31536000; Expires=Sat, 09-Jul-2022 00:34:06 GMT; Path=/
Set-Cookie: aws-csds-token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MjU3OTQ0NDYsInZpc2l0b3ItaWQiOiI1OGJkNDQ1Ny1jYTdjLWE3NzMtZTdmNC0yOWRkZGNiMTA1ZDkiLCJpcCI6IjE3NS4yMDguMTM0LjE1MCJ9.IX6haHl8R_AqKIZUsuhtKhK4N2FqhAYCYzSFzBnet4Y; Version=1; Comment="Anonymous metrics validation token"; Domain=.amazon.com; Max-Age=900; Expires=Fri, 09-Jul-2021 00:49:06 GMT; Path=/
Set-Cookie: aws_lang=en; Domain=.amazon.com; Path=/
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
x-amz-id-1: 8XXXGKVT5HT2RCHB5Y2T
Last-Modified: Thu, 01 Jul 2021 01:29:19 GMT
Content-Security-Policy-Report-Only: default-src 'self' data: https://a0.awsstatic.com; connect-src 'self' https://112-tzm-766.mktoresp.com https://112-tzm-766.mktoutil.com https://a0.awsstatic.com https://a0.p.awsstatic.com https://a1.awsstatic.com https://amazonwebservices.d2.sc.omtrdc.net https://amazonwebservicesinc.tt.omtrdc.net https://api.regional-table.region-services.aws.a2z.com https://api.us-west-2.prod.pricing.aws.a2z.com https://b0.p.awsstatic.com https://c0.b0.p.awsstatic.com https://calculator.aws https://d0.awsstatic.com https://d1.awsstatic.com https://d1fgizr415o1r6.cloudfront.net https://d3borx6sfvnesb.cloudfront.net https://dc.ads.linkedin.com https://dftu77xade0tc.cloudfront.net https://dpm.demdex.net https://fls-na.amazon.com https://googleads.g.doubleclick.net https://i18n-string.us-west-2.prod.pricing.aws.a2z.com https://prod.log.shortbread.aws.dev https://prod.tools.shortbread.aws.dev https://s0.awsstatic.com https://s3.amazonaws.com/aws-messaging-pricing-information/ https://s3.amazonaws.com/public-pricing-agc/ https://spot-bid-advisor.s3.amazonaws.com https://view-stage.us-west-2.prod.pricing.aws.a2z.com https://view-staging.us-east-1.prod.plc1-prod.pricing.aws.a2z.com https://www.youtube-nocookie.com; font-src 'self' data: https://a0.awsstatic.com https://f0.awsstatic.com https://fonts.gstatic.com; frame-src 'self' https://c0.b0.p.awsstatic.com https://calculator.aws https://dpm.demdex.net https://www.youtube-nocookie.com; img-src 'self' data: https://*.ads.linkedin.com https://*.vidyard.com https://*.ytimg.com https://a0.awsstatic.com https://amazonwebservices.d2.sc.omtrdc.net https://aws-quickstart.s3.amazonaws.com https://awsmedia.s3.amazonaws.com https://d1.awsstatic-china.com https://d1.awsstatic.com https://d2908q01vomqb2.cloudfront.net https://d36cz9buwru1tt.cloudfront.net https://docs.aws.amazon.com https://dpm.demdex.net https://fls-na.amazon.com https://googleads.g.doubleclick.net https://img.youtube.com https://marketingplatform.google.com https://media.amazonwebservices.com https://p.adsymptotic.com https://pages.awscloud.com https://s3.amazonaws.com/aws-quickstart/ https://ssl-static.libsyn.com https://static-cdn.jtvnw.net https://www.google.com https://www.linkedin.com https://yt3.ggpht.com; media-src 'self' https://*.libsyn.com https://a0.awsstatic.com https://anchor.fm https://awsmedia.s3.amazonaws.com https://awspodcastsiberiaent.s3.eu-west-3.amazonaws.com https://chtbl.com https://d1.awsstatic.com https://d1hemuljm71t2j.cloudfront.net https://d1le29qyzha1u4.cloudfront.net https://d1oqpvwii7b6rh.cloudfront.net https://d1vo51ubqkiilx.cloudfront.net https://d1yyh5dhdgifnx.cloudfront.net https://d2908q01vomqb2.cloudfront.net https://d2a6igt6jhaluh.cloudfront.net https://d3ctxlq1ktw2nl.cloudfront.net https://d3h2ozso0dirfl.cloudfront.net https://dgen8gghn3u86.cloudfront.net https://dk261l6wntthl.cloudfront.net https://download.stormacq.com/aws/podcast/ https://dts.podtrac.com https://media.amazonwebservices.com https://mktg-apac.s3-ap-southeast-1.amazonaws.com https://www.buzzsprout.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a0.awsstatic.com https://amazonwebservicesinc.tt.omtrdc.net https://googleads.g.doubleclick.net https://static.doubleclick.net https://website.spot.ec2.aws.a2z.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://a0.awsstatic.com; report-uri https://prod-us-west-2.csp-report.marketing.aws.dev/submit
Vary: accept-encoding,Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy: interest-cohort=()
X-Cache: Miss from cloudfront
Via: 1.1 e67bc999d3ae69aeca2e64717fe718be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ICN51-C1
X-Amz-Cf-Id: uDpUCj9czCwi7e5fz0XiP9mYEsLMj0uCl2QVNd3AmyqMqMR2jGEvaw==
GET
0
http://revedanstvy.bid/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Cookie: __gads=380132461:1:59:43; _gat=6.1.7601.64; _ga=1.591594.2020557398.105; _u=5445535432322D5043:746573743232:46323334353430333541464642464435; __io=21_3832866432_4053218753_3017428901; _gid=A4FE497CB1CB
Host: revedanstvy.bid
GET
0
http://revedanstvy.bid/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Cookie: __gads=380132461:1:59:43; _gat=6.1.7601.64; _ga=1.591594.2020557398.105; _u=5445535432322D5043:746573743232:31324441304238323134343946373444; __io=21_3832866432_4053218753_3017428901; _gid=A4FE497CB1CB
Host: revedanstvy.bid
GET
0
http://revedanstvy.bid/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Cookie: __gads=380132461:1:58:43; _gat=6.1.7601.64; _ga=1.591594.2020557398.105; _u=5445535432322D5043:746573743232:42463538344133463332383538303645; __io=21_3832866432_4053218753_3017428901; _gid=A4FE497CB1CB
Host: revedanstvy.bid
GET
0
http://revedanstvy.bid/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Cookie: __gads=380132461:1:59:43; _gat=6.1.7601.64; _ga=1.591594.2020557398.105; _u=5445535432322D5043:746573743232:46323334353430333541464642464435; __io=21_3832866432_4053218753_3017428901; _gid=A4FE497CB1CB
Host: revedanstvy.bid
GET
0
http://revedanstvy.bid/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Cookie: __gads=380132461:1:59:43; _gat=6.1.7601.64; _ga=1.591594.2020557398.105; _u=5445535432322D5043:746573743232:31324441304238323134343946373444; __io=21_3832866432_4053218753_3017428901; _gid=A4FE497CB1CB
Host: revedanstvy.bid
GET
0
http://revedanstvy.bid/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Cookie: __gads=380132461:1:58:43; _gat=6.1.7601.64; _ga=1.591594.2020557398.105; _u=5445535432322D5043:746573743232:42463538344133463332383538303645; __io=21_3832866432_4053218753_3017428901; _gid=A4FE497CB1CB
Host: revedanstvy.bid
ICMP traffic
| Source | Destination | ICMP Type | Data |
|---|---|---|---|
| 192.168.56.102 | 164.124.101.2 | 3 |
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts