Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| parthaha.ac.ug | ||
| nikahuve.ac.ug | 194.5.98.107 | |
| kalskala.ac.ug | ||
| tuekisaa.ac.ug | ||
| cdn.discordapp.com | 162.159.135.233 |
- UDP Requests
-
-
192.168.56.103:49347 164.124.101.2:53
-
192.168.56.103:49644 164.124.101.2:53
-
192.168.56.103:50092 164.124.101.2:53
-
192.168.56.103:50676 164.124.101.2:53
-
192.168.56.103:51084 164.124.101.2:53
-
192.168.56.103:51935 164.124.101.2:53
-
192.168.56.103:51958 164.124.101.2:53
-
192.168.56.103:53064 164.124.101.2:53
-
192.168.56.103:54324 164.124.101.2:53
-
192.168.56.103:57573 164.124.101.2:53
-
192.168.56.103:57681 164.124.101.2:53
-
192.168.56.103:57823 164.124.101.2:53
-
192.168.56.103:58484 164.124.101.2:53
-
192.168.56.103:59362 164.124.101.2:53
-
192.168.56.103:60117 164.124.101.2:53
-
192.168.56.103:60556 164.124.101.2:53
-
192.168.56.103:60693 164.124.101.2:53
-
192.168.56.103:60880 164.124.101.2:53
-
192.168.56.103:61387 164.124.101.2:53
-
192.168.56.103:61603 164.124.101.2:53
-
192.168.56.103:63183 164.124.101.2:53
-
192.168.56.103:63462 164.124.101.2:53
-
192.168.56.103:65020 164.124.101.2:53
-
192.168.56.103:137 192.168.56.255:137
-
192.168.56.103:138 192.168.56.255:138
-
192.168.56.103:49152 239.255.255.250:3702
-
192.168.56.103:54327 239.255.255.250:1900
-
8.8.8.8:53 192.168.56.103:49347
-
8.8.8.8:53 192.168.56.103:49644
-
8.8.8.8:53 192.168.56.103:50092
-
8.8.8.8:53 192.168.56.103:50676
-
8.8.8.8:53 192.168.56.103:51084
-
8.8.8.8:53 192.168.56.103:51935
-
8.8.8.8:53 192.168.56.103:51958
-
8.8.8.8:53 192.168.56.103:53064
-
8.8.8.8:53 192.168.56.103:54324
-
8.8.8.8:53 192.168.56.103:57573
-
8.8.8.8:53 192.168.56.103:57681
-
8.8.8.8:53 192.168.56.103:57823
-
8.8.8.8:53 192.168.56.103:58484
-
8.8.8.8:53 192.168.56.103:59362
-
8.8.8.8:53 192.168.56.103:60556
-
8.8.8.8:53 192.168.56.103:60693
-
8.8.8.8:53 192.168.56.103:60880
-
8.8.8.8:53 192.168.56.103:61387
-
8.8.8.8:53 192.168.56.103:61603
-
8.8.8.8:53 192.168.56.103:63183
-
8.8.8.8:53 192.168.56.103:63462
-
8.8.8.8:53 192.168.56.103:65020
-
GET
200
https://cdn.discordapp.com/attachments/873891971998036042/956866669567942676/Wxmxcswfuohcghxfhknlcpdvxxwxrap
REQUEST
RESPONSE
BODY
GET /attachments/873891971998036042/956866669567942676/Wxmxcswfuohcghxfhknlcpdvxxwxrap HTTP/1.1
User-Agent: lVali
Host: cdn.discordapp.com
HTTP/1.1 200 OK
Date: Sat, 26 Mar 2022 00:08:59 GMT
Content-Type: application/octet-stream
Content-Length: 662016
Connection: keep-alive
CF-Ray: 6f1ba7aa3e5c0fb9-ICN
Accept-Ranges: bytes
Age: 41139
Cache-Control: public, max-age=31536000
Content-Disposition: attachment;%20filename=Wxmxcswfuohcghxfhknlcpdvxxwxrap
ETag: "5b151dff0c51ef6324a9c1f0b1a9f1be"
Expires: Sun, 26 Mar 2023 00:08:59 GMT
Last-Modified: Fri, 25 Mar 2022 10:46:31 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1648205191793225
x-goog-hash: crc32c=FIxfnQ==
x-goog-hash: md5=WxUd/wxR72MkqcHwsanxvg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 662016
X-GUploader-UploadID: ADPycdteRTHx0mKqFIMvBl34Kbno3g6Amm71fa0FgNLMtb9AhRp4DnOh1_YikLOONQbD-5MZfU0JY0jWPOkTxarf2iQ
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAkOIyDF9LIp4g9YED5kVpE9P7yd7j2XN%2BzMTMKRNBqHyjl%2FNLNsxj3ARiTnIZxXef%2B6BFYY8XjL2gJ8qhIMu1O4vTNvYJpnVhpdTEkPre8eB2VJT4el%2FcF%2BiVtOaQc0gzKI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
GET
200
https://cdn.discordapp.com/attachments/873891971998036042/956866669567942676/Wxmxcswfuohcghxfhknlcpdvxxwxrap
REQUEST
RESPONSE
BODY
GET /attachments/873891971998036042/956866669567942676/Wxmxcswfuohcghxfhknlcpdvxxwxrap HTTP/1.1
User-Agent: 72
Host: cdn.discordapp.com
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Mar 2022 00:08:59 GMT
Content-Type: application/octet-stream
Content-Length: 662016
Connection: keep-alive
CF-Ray: 6f1ba7aabaaf12ca-ICN
Accept-Ranges: bytes
Age: 41139
Cache-Control: public, max-age=31536000
Content-Disposition: attachment;%20filename=Wxmxcswfuohcghxfhknlcpdvxxwxrap
ETag: "5b151dff0c51ef6324a9c1f0b1a9f1be"
Expires: Sun, 26 Mar 2023 00:08:59 GMT
Last-Modified: Fri, 25 Mar 2022 10:46:31 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1648205191793225
x-goog-hash: crc32c=FIxfnQ==
x-goog-hash: md5=WxUd/wxR72MkqcHwsanxvg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 662016
X-GUploader-UploadID: ADPycdteRTHx0mKqFIMvBl34Kbno3g6Amm71fa0FgNLMtb9AhRp4DnOh1_YikLOONQbD-5MZfU0JY0jWPOkTxarf2iQ
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFjoPkWNEZ26LWllPY8yTZN8rc%2ByUN1l7UrnM4f%2BKs8phM6a3s6mfdQCxf8%2B7AifSH7TChKuEV4RNqZOf4VhF9K6keY9rP2Cde6dO%2FxeFRwiyrqEWjeBlXcx4jSJ6aomfI0knQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ICMP traffic
| Source | Destination | ICMP Type | Data |
|---|---|---|---|
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 | |
| 192.168.56.103 | 164.124.101.2 | 3 |
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts