Home
Result
Report
Detail Analysis

Network Analysis

Download pcap

Hosts 2 DNS 1 TCP 3 UDP 7 HTTP(S) 2 ICMP 0 IRC 0 Suricata Snort

IP Address	Status	Action
159.223.68.213	Active	Moloch
164.124.101.2	Active	Moloch

Name	Response	Post-Analysis Lookup
tigerdrill.xyz	A 159.223.68.213	159.223.68.213

TCP Requests

UDP Requests

GET 200 http://tigerdrill.xyz/EYWCET97LV2U.cab

REQUEST

GET /EYWCET97LV2U.cab HTTP/1.1 Accept: */* Accept-Language: ko UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Host: tigerdrill.xyz Connection: Keep-Alive

RESPONSE

HTTP/1.1 200 OK Server: nginx/1.17.10 Date: Fri, 12 Nov 2021 00:12:42 GMT Content-Type: application/octet-stream Content-Length: 287896 Last-Modified: Wed, 10 Nov 2021 03:43:42 GMT Connection: keep-alive ETag: "618b3fee-46498" Accept-Ranges: bytes

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

GET 304 http://tigerdrill.xyz/EYWCET97LV2U.cab

REQUEST

GET /EYWCET97LV2U.cab HTTP/1.1 Accept: application/x-cabinet-win32-amd64, application/x-pe-win32-amd64, application/octet-stream, application/x-setupscript, */* Accept-Language: ko UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Host: tigerdrill.xyz If-Modified-Since: Wed, 10 Nov 2021 03:43:42 GMT If-None-Match: "618b3fee-46498" Connection: Keep-Alive

RESPONSE

HTTP/1.1 304 Not Modified Server: nginx/1.17.10 Date: Fri, 12 Nov 2021 00:12:43 GMT Last-Modified: Wed, 10 Nov 2021 03:43:42 GMT Connection: keep-alive ETag: "618b3fee-46498"

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts