Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
160dd0af-5534-4369-972f-5aa0f99c9324.s3.pl-waw.scw.cloud |
CNAME
s3.pl-waw.scw.cloud
|
151.115.10.1 |
nova-brothers.s3.pl-waw.scw.cloud |
CNAME
s3.pl-waw.scw.cloud
|
151.115.10.1 |
- TCP Requests
-
-
192.168.56.101:49164 151.115.10.1:80nova-brothers.s3.pl-waw.scw.cloud
-
192.168.56.101:49165 151.115.10.1:443nova-brothers.s3.pl-waw.scw.cloud
-
192.168.56.101:49166 151.115.10.1:443nova-brothers.s3.pl-waw.scw.cloud
-
192.168.56.101:49167 151.115.10.1:443nova-brothers.s3.pl-waw.scw.cloud
-
192.168.56.101:49169 151.115.10.1:443nova-brothers.s3.pl-waw.scw.cloud
-
192.168.56.101:49170 151.115.10.1:443nova-brothers.s3.pl-waw.scw.cloud
-
192.168.56.101:49171 151.115.10.1:443nova-brothers.s3.pl-waw.scw.cloud
-
HEAD
403
http://160dd0af-5534-4369-972f-5aa0f99c9324.s3.pl-waw.scw.cloud/workflow/poweroff-1mo67u5vspq3.exe
REQUEST
RESPONSE
BODY
HEAD /workflow/poweroff-1mo67u5vspq3.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: 160dd0af-5534-4369-972f-5aa0f99c9324.s3.pl-waw.scw.cloud
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-id-2: tx1f72fb01d1e344ed9944a-0063782679
x-amz-request-id: tx1f72fb01d1e344ed9944a-0063782679
content-type: application/xml
content-length: 0
date: Sat, 19 Nov 2022 00:42:33 GMT
GET
403
http://160dd0af-5534-4369-972f-5aa0f99c9324.s3.pl-waw.scw.cloud/workflow/poweroff-1mo67u5vspq3.exe
REQUEST
RESPONSE
BODY
GET /workflow/poweroff-1mo67u5vspq3.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: 160dd0af-5534-4369-972f-5aa0f99c9324.s3.pl-waw.scw.cloud
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-id-2: txee50c3bc32044c3bacf97-0063782679
x-amz-request-id: txee50c3bc32044c3bacf97-0063782679
content-type: application/xml
date: Sat, 19 Nov 2022 00:42:33 GMT
transfer-encoding: chunked
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts