Network Analysis
| IP Address | Status | Action |
|---|---|---|
| 103.75.201.2 | Active | Moloch |
| 103.8.26.102 | Active | Moloch |
| 103.8.26.103 | Active | Moloch |
| 104.168.155.129 | Active | Moloch |
| 104.251.214.46 | Active | Moloch |
| 131.100.24.231 | Active | Moloch |
| 158.69.222.101 | Active | Moloch |
| 173.212.193.249 | Active | Moloch |
| 176.104.106.96 | Active | Moloch |
| 178.63.25.185 | Active | Moloch |
| 178.79.147.66 | Active | Moloch |
| 192.254.71.210 | Active | Moloch |
| 203.114.109.124 | Active | Moloch |
| 207.38.84.195 | Active | Moloch |
| 209.59.138.75 | Active | Moloch |
| 212.237.17.99 | Active | Moloch |
| 212.237.56.116 | Active | Moloch |
| 216.158.226.206 | Active | Moloch |
| 217.182.143.207 | Active | Moloch |
| 45.118.115.99 | Active | Moloch |
| 45.118.135.203 | Active | Moloch |
| 45.142.114.231 | Active | Moloch |
| 45.176.232.124 | Active | Moloch |
| 46.55.222.11 | Active | Moloch |
| 50.116.54.215 | Active | Moloch |
| 51.38.71.0 | Active | Moloch |
| 51.68.175.8 | Active | Moloch |
| 58.227.42.236 | Active | Moloch |
| 79.172.212.216 | Active | Moloch |
| 81.0.236.90 | Active | Moloch |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
- TCP Requests
-
-
192.168.56.101:49192 103.8.26.102:8080
-
192.168.56.101:49193 103.8.26.102:8080
-
192.168.56.101:49194 103.8.26.102:8080
-
192.168.56.101:49172 103.8.26.103:8080
-
192.168.56.101:49173 103.8.26.103:8080
-
192.168.56.101:49174 103.8.26.103:8080
-
192.168.56.101:49183 104.168.155.129:8080
-
192.168.56.101:49184 104.168.155.129:8080
-
192.168.56.101:49185 104.168.155.129:8080
-
192.168.56.101:49164 131.100.24.231:80
-
192.168.56.101:49165 131.100.24.231:80
-
192.168.56.101:49166 131.100.24.231:80
-
192.168.56.101:49168 209.59.138.75:7080
-
192.168.56.101:49169 209.59.138.75:7080
-
192.168.56.101:49170 209.59.138.75:7080
-
192.168.56.101:49217 216.158.226.206:443
-
192.168.56.101:49188 46.55.222.11:443
-
192.168.56.101:49189 46.55.222.11:443
-
192.168.56.101:49190 46.55.222.11:443
-
192.168.56.101:49176 51.38.71.0:443
-
192.168.56.101:49177 51.38.71.0:443
-
192.168.56.101:49178 51.38.71.0:443
-
192.168.56.101:49199 51.68.175.8:8080
-
192.168.56.101:49200 51.68.175.8:8080
-
192.168.56.101:49201 51.68.175.8:8080
-
GET
404
https://216.158.226.206/tGZKQVEPhVnxwfhuDvlpZfGAcjHlERyUyRAYZHoGiHfcxwJmqgiICeJrWs
REQUEST
RESPONSE
BODY
GET /tGZKQVEPhVnxwfhuDvlpZfGAcjHlERyUyRAYZHoGiHfcxwJmqgiICeJrWs HTTP/1.1
Cookie: QyjKgdmTN=0Rus5M0PftTMkuSf3GYJnMTJJGn+41H0zjomQnGDVQRbcHnP0dGcR3Uk4sViSrBFxCZ3vHK2G5A1YAzQRedxKenD62//8ArQrGBst/w+Nn1tbZevtOSI6lQ/sRVfVVkdmyhcx1zNV+wPWlO6M0I9h2zt4LBNGEj71RFOWG7fbPI4qwkK74mzXJoeSU+0hRP9kMadpJgYpPJsc+nk78UU1yhqZwmb+a3WLcTiAErkj4rxd2Faqbb2k6oeS/kb74nCw+D9eyW91YPg4si8YkXax2JgpoX6V6q7
Host: 216.158.226.206
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: GlassFish Server Open Source Edition 4.1
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 4.1 Java/Oracle Corporation/1.7)
Content-Language:
Content-Type: text/html
Date: Fri, 21 Jan 2022 01:13:23 GMT
Content-Length: 1082
ICMP traffic
| Source | Destination | ICMP Type | Data |
|---|---|---|---|
| 81.0.236.90 | 192.168.56.101 | 3 | |
| 81.0.236.90 | 192.168.56.101 | 3 | |
| 81.0.236.90 | 192.168.56.101 | 3 |
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts