Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.ponto-bras.space |
CNAME
shops.myshopify.com
|
23.227.38.74 |
| www.xianshucai.net | ||
| www.khojcity.com | ||
| www.xn--3jst70hg8f.com |
- UDP Requests
-
-
192.168.56.103:51935 164.124.101.2:53
-
192.168.56.103:51958 164.124.101.2:53
-
192.168.56.103:60117 164.124.101.2:53
-
192.168.56.103:60880 164.124.101.2:53
-
192.168.56.103:63183 164.124.101.2:53
-
192.168.56.103:63462 164.124.101.2:53
-
192.168.56.103:137 192.168.56.255:137
-
192.168.56.103:138 192.168.56.255:138
-
192.168.56.103:49152 239.255.255.250:3702
-
192.168.56.103:51961 239.255.255.250:1900
-
8.8.8.8:53 192.168.56.103:60117
-
GET
403
http://www.ponto-bras.space/nk6l/?wPT=dUEi0UXZejEMtd9h224Wp6SV8B9ayfLzJlVAsh/H0s9uKTFfRfoB4axtDfgTTQPQWOziaGp1&oZN=6lSdIlC8F
REQUEST
RESPONSE
BODY
GET /nk6l/?wPT=dUEi0UXZejEMtd9h224Wp6SV8B9ayfLzJlVAsh/H0s9uKTFfRfoB4axtDfgTTQPQWOziaGp1&oZN=6lSdIlC8F HTTP/1.1
Host: www.ponto-bras.space
Connection: close
HTTP/1.1 403 Forbidden
Date: Thu, 20 Jan 2022 01:35:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
X-Sorting-Hat-PodId: -1
X-Dc: gcp-asia-northeast2
X-Request-ID: 84041498-4bcf-4cde-961d-9e1aa1dc96f1
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6d04919e7c028328-KIX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ICMP traffic
| Source | Destination | ICMP Type | Data |
|---|---|---|---|
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 |
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts