Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| eisnt.com | 185.32.190.113 |
- TCP Requests
GET
404
http://eisnt.com/ahu-punjab/Fgxogd.bmp
REQUEST
RESPONSE
BODY
GET /ahu-punjab/Fgxogd.bmp HTTP/1.1
Host: eisnt.com
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 00:53:54 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: sameorigin
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000
Referrer-Policy: origin-when-cross-origin
Permissions-Policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
Link: <https://eisnt.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: _sfs_id=39bb525b28632077be38620eca0318351670460834; expires=Thu, 08-Dec-2022 01:53:54 GMT; Max-Age=3600; path=/; HttpOnly
Set-Cookie: _learn_press_session_95c6789397249f9b6677ea6925775149=78f69e76245c01f2805aa2b9c927feac%7C%7C1670633634%7C%7C996eaada71ba16cf055297eb758686ef; expires=Sat, 10-Dec-2022 00:53:54 GMT; Max-Age=172800; path=/; secure; HttpOnly
Set-Cookie: PHPSESSID=70189a6147ac3d3db7893dcc97d7bedf; path=/
Set-Cookie: _wordpress_lp_guest=7b61f8f4e6fb6d63b3483f2a49ee5d92; expires=Thu, 08-Dec-2022 01:53:54 GMT; Max-Age=3600; path=/; secure
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Referrer-Policy: no-referrer-when-downgrade
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49163 -> 185.32.190.113:80 | 2030384 | ET HUNTING Suspicious Terse Request for .bmp | Potentially Bad Traffic |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts