Home
Result
Report
Detail Analysis

Network Analysis

Download pcap

Hosts 2 DNS 1 TCP 2 UDP 10 HTTP(S) 16 ICMP 0 IRC 0 Suricata Snort

IP Address	Status	Action
142.234.157.206	Active	Moloch
164.124.101.2	Active	Moloch

Name	Response	Post-Analysis Lookup
wiyolo.com	A 142.234.157.206	142.234.157.206

TCP Requests
- 192.168.56.101:49201 142.234.157.206:80
  wiyolo.com
- 192.168.56.101:49202 142.234.157.206:80
  wiyolo.com

UDP Requests

OPTIONS 301 http://wiyolo.com/956fb7ffae6a93d9

REQUEST

OPTIONS /956fb7ffae6a93d9 HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 translate: f Host: wiyolo.com

RESPONSE

HTTP/1.1 301 Moved Permanently Date: Wed, 15 Sep 2021 00:36:42 GMT Server: Apache Location: http://wiyolo.com/956fb7ffae6a93d9/ Content-Length: 243 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

OPTIONS 200 http://wiyolo.com/956fb7ffae6a93d9/

REQUEST

OPTIONS /956fb7ffae6a93d9/ HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 translate: f Host: wiyolo.com

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:42 GMT Server: Apache Allow: GET,POST,OPTIONS,HEAD Content-Length: 0 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: httpd/unix-directory

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 301 http://wiyolo.com/956fb7ffae6a93d9

REQUEST

PROPFIND /956fb7ffae6a93d9 HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 301 Moved Permanently Date: Wed, 15 Sep 2021 00:36:42 GMT Server: Apache Location: http://wiyolo.com/956fb7ffae6a93d9/ Content-Length: 243 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 405 http://wiyolo.com/956fb7ffae6a93d9/

REQUEST

PROPFIND /956fb7ffae6a93d9/ HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 405 Method Not Allowed Date: Wed, 15 Sep 2021 00:36:43 GMT Server: Apache Allow: GET,POST,OPTIONS,HEAD Content-Length: 225 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 301 http://wiyolo.com/956fb7ffae6a93d9

REQUEST

PROPFIND /956fb7ffae6a93d9 HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 301 Moved Permanently Date: Wed, 15 Sep 2021 00:36:43 GMT Server: Apache Location: http://wiyolo.com/956fb7ffae6a93d9/ Content-Length: 243 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 405 http://wiyolo.com/956fb7ffae6a93d9/

REQUEST

PROPFIND /956fb7ffae6a93d9/ HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 405 Method Not Allowed Date: Wed, 15 Sep 2021 00:36:43 GMT Server: Apache Allow: GET,POST,OPTIONS,HEAD Content-Length: 225 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

OPTIONS 200 http://wiyolo.com/956fb7ffae6a93d9/

REQUEST

OPTIONS /956fb7ffae6a93d9/ HTTP/1.1 User-Agent: Microsoft Office Protocol Discovery Host: wiyolo.com Content-Length: 0 Connection: Keep-Alive

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:43 GMT Server: Apache Allow: GET,POST,OPTIONS,HEAD Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: httpd/unix-directory

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

GET 200 http://wiyolo.com/956fb7ffae6a93d9/remove.html

REQUEST

GET /956fb7ffae6a93d9/remove.html HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C; .NET4.0E; MSOffice 12) Accept-Encoding: gzip, deflate Host: wiyolo.com Connection: Keep-Alive

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:43 GMT Server: Apache Last-Modified: Tue, 14 Sep 2021 20:38:39 GMT ETag: "1870-5cbfa910fe03e-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1729 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

HEAD 200 http://wiyolo.com/956fb7ffae6a93d9/remove.html

REQUEST

HEAD /956fb7ffae6a93d9/remove.html HTTP/1.1 User-Agent: Microsoft Office Existence Discovery Host: wiyolo.com Content-Length: 0 Connection: Keep-Alive

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:43 GMT Server: Apache Last-Modified: Tue, 14 Sep 2021 20:38:39 GMT ETag: "1870-5cbfa910fe03e" Accept-Ranges: bytes Content-Length: 6256 Vary: Accept-Encoding Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 301 http://wiyolo.com/956fb7ffae6a93d9

REQUEST

PROPFIND /956fb7ffae6a93d9 HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 301 Moved Permanently Date: Wed, 15 Sep 2021 00:36:44 GMT Server: Apache Location: http://wiyolo.com/956fb7ffae6a93d9/ Content-Length: 243 Keep-Alive: timeout=5, max=94 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 405 http://wiyolo.com/956fb7ffae6a93d9/

REQUEST

PROPFIND /956fb7ffae6a93d9/ HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 405 Method Not Allowed Date: Wed, 15 Sep 2021 00:36:44 GMT Server: Apache Allow: GET,POST,OPTIONS,HEAD Content-Length: 225 Keep-Alive: timeout=5, max=93 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 301 http://wiyolo.com/956fb7ffae6a93d9

REQUEST

PROPFIND /956fb7ffae6a93d9 HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 301 Moved Permanently Date: Wed, 15 Sep 2021 00:36:44 GMT Server: Apache Location: http://wiyolo.com/956fb7ffae6a93d9/ Content-Length: 243 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

PROPFIND 405 http://wiyolo.com/956fb7ffae6a93d9/

REQUEST

PROPFIND /956fb7ffae6a93d9/ HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601 Depth: 0 translate: f Content-Length: 0 Host: wiyolo.com

RESPONSE

HTTP/1.1 405 Method Not Allowed Date: Wed, 15 Sep 2021 00:36:44 GMT Server: Apache Allow: GET,POST,OPTIONS,HEAD Content-Length: 225 Keep-Alive: timeout=5, max=91 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

GET 200 http://wiyolo.com/956fb7ffae6a93d9/remove.html

REQUEST

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:44 GMT Server: Apache Last-Modified: Tue, 14 Sep 2021 20:38:39 GMT ETag: "1870-5cbfa910fe03e-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1729 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

HEAD 200 http://wiyolo.com/956fb7ffae6a93d9/remove.html

REQUEST

HEAD /956fb7ffae6a93d9/remove.html HTTP/1.1 User-Agent: Microsoft Office Existence Discovery Host: wiyolo.com Content-Length: 0 Connection: Keep-Alive

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:44 GMT Server: Apache Last-Modified: Tue, 14 Sep 2021 20:38:39 GMT ETag: "1870-5cbfa910fe03e" Accept-Ranges: bytes Content-Length: 6256 Vary: Accept-Encoding Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: text/html

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

GET 200 http://wiyolo.com/956fb7ffae6a93d9/remove.html

REQUEST

GET /956fb7ffae6a93d9/remove.html HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C; .NET4.0E) Host: wiyolo.com If-Modified-Since: Tue, 14 Sep 2021 20:38:39 GMT If-None-Match: "1870-5cbfa910fe03e-gzip" Connection: Keep-Alive

RESPONSE

HTTP/1.1 200 OK Date: Wed, 15 Sep 2021 00:36:45 GMT Server: Apache Last-Modified: Tue, 14 Sep 2021 20:38:39 GMT ETag: "1870-5cbfa910fe03e-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1729 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: text/html

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts