Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.benvenutoqui.com |
CNAME
benvenutoqui.com
|
162.241.224.131 |
| www.mcgrudersfitness.com |
CNAME
mcgrudersfitness.com
|
184.168.131.241 |
| www.liveyourmaverick.com |
CNAME
liveyourmaverick.com
|
107.178.245.252 |
- UDP Requests
-
-
192.168.56.101:54056 164.124.101.2:53
-
192.168.56.101:59369 164.124.101.2:53
-
192.168.56.101:61479 164.124.101.2:53
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:62327 239.255.255.250:1900
-
192.168.56.101:62329 239.255.255.250:3702
-
192.168.56.101:62331 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
301
http://www.liveyourmaverick.com/gz92/?wPT=GT0v1A3P0Wo01tn8aEVPdEKMGa27ABb6rwCD6aQ3acm9u+/FCvMWQnF1J5nq1GrsfOQ/roqE&oXN=6lXd02jp
REQUEST
RESPONSE
BODY
GET /gz92/?wPT=GT0v1A3P0Wo01tn8aEVPdEKMGa27ABb6rwCD6aQ3acm9u+/FCvMWQnF1J5nq1GrsfOQ/roqE&oXN=6lXd02jp HTTP/1.1
Host: www.liveyourmaverick.com
Connection: close
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Wed, 18 Aug 2021 02:29:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 199
set-cookie: Shopper-Pref=669D83A7E62E77AB6BC3A8EECC4BD1113B1D8E6E-1629858577117-x%7B%22cur%22%3A%22USD%22%7D; Expires=Wed, 25 Aug 2021 02:29:37 GMT; Path=/; HttpOnly
strict-transport-security: max-age=300
location: https://liveyourmaverick.com/gz92/?wPT=GT0v1A3P0Wo01tn8aEVPdEKMGa27ABb6rwCD6aQ3acm9u+/FCvMWQnF1J5nq1GrsfOQ/roqE&oXN=6lXd02jp
X-Request-ID: 9d6971168a36370f83fde35642a51d70
Via: 1.1 google
Connection: close
GET
301
http://www.benvenutoqui.com/gz92/?wPT=2wbwf/0XTDTlOy+JXK0H3VKZklYIa6iQS9nAdKl5Qbk+iaYvuq4CQJRQa05WJzSTgPcgyDfZ&oXN=6lXd02jp
REQUEST
RESPONSE
BODY
GET /gz92/?wPT=2wbwf/0XTDTlOy+JXK0H3VKZklYIa6iQS9nAdKl5Qbk+iaYvuq4CQJRQa05WJzSTgPcgyDfZ&oXN=6lXd02jp HTTP/1.1
Host: www.benvenutoqui.com
Connection: close
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Aug 2021 02:29:59 GMT
Server: nginx/1.19.10
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.benvenutoqui.com/gz92/?wPT=2wbwf/0XTDTlOy+JXK0H3VKZklYIa6iQS9nAdKl5Qbk+iaYvuq4CQJRQa05WJzSTgPcgyDfZ&oXN=6lXd02jp
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Server-Cache: true
X-Proxy-Cache: MISS
GET
301
http://www.mcgrudersfitness.com/gz92/?wPT=HdqjPEY9Rfu+aEeJAE6UNHawoElrodkwHbiBzE2NkYUOKlxn2k/XZs7wlcf35PTHZbYJ5c6F&oXN=6lXd02jp
REQUEST
RESPONSE
BODY
GET /gz92/?wPT=HdqjPEY9Rfu+aEeJAE6UNHawoElrodkwHbiBzE2NkYUOKlxn2k/XZs7wlcf35PTHZbYJ5c6F&oXN=6lXd02jp HTTP/1.1
Host: www.mcgrudersfitness.com
Connection: close
HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.1
Date: Wed, 18 Aug 2021 02:30:17 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Location: http://www.mcgrudersfitnessbydesign.com/gz92/?wPT=HdqjPEY9Rfu+aEeJAE6UNHawoElrodkwHbiBzE2NkYUOKlxn2k/XZs7wlcf35PTHZbYJ5c6F&oXN=6lXd02jp
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts