Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
ipinfo.io | 34.117.59.81 | |
api.db-ip.com | 172.67.75.166 | |
www.maxmind.com | 104.17.215.67 | |
db-ip.com | 104.26.5.15 |
- TCP Requests
-
-
175.208.134.153:55439 192.168.56.102:5911
-
192.168.56.102:49184 104.17.215.67:80www.maxmind.com
-
192.168.56.102:49185 104.17.215.67:443www.maxmind.com
-
192.168.56.102:49186 104.17.215.67:443www.maxmind.com
-
192.168.56.102:49182 104.26.4.15:443db-ip.com
-
192.168.56.102:49183 104.26.4.15:443db-ip.com
-
192.168.56.102:49180 34.117.59.81:443ipinfo.io
-
192.168.56.102:49181 34.117.59.81:443ipinfo.io
-
192.168.56.102:49179 94.142.138.131:80
-
- UDP Requests
-
-
192.168.56.102:51405 164.124.101.2:53
-
192.168.56.102:56630 164.124.101.2:53
-
192.168.56.102:62846 164.124.101.2:53
-
192.168.56.102:63709 164.124.101.2:53
-
192.168.56.102:64513 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:51408 239.255.255.250:1900
-
52.231.114.183:123 192.168.56.102:123
-
192.168.56.103:137 192.168.56.102:137
-
GET
200
https://db-ip.com/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Host: db-ip.com
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 04:27:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: max-age=28800
X-IPLB-Request-ID: 8D655679:B220_93878F2E:0050_64361972_114EDF8F:2467A
X-IPLB-Instance: 30783
CF-Cache-Status: HIT
Age: 6575
Last-Modified: Wed, 12 Apr 2023 02:37:38 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FMDOeaUtA6hZm71DGnqxJYdK%2FREMlPc6m4puQ1IRigDPr1n9u4ZNfhP8fZE4sCNWe9f0EVYoPmJNizYoTHhdTharhdbC8Vl7dtD%2BkALQ81R7f7kNyUsb%2FZQuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b68b732b9be19fa-KIX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST
200
https://api.db-ip.com/v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self
REQUEST
RESPONSE
BODY
POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1
Connection: Keep-Alive
Referer: https://db-ip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Length: 0
Host: api.db-ip.com
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 04:27:14 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http*://*db-ip.com
Cache-control: max-age=180
X-IPLB-Request-ID: AC46E9CA:8678_93878F2E:0050_64363322_1150E054:2467B
X-IPLB-Instance: 30783
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2gp6Ry4yd6lPdxuWyW2btiAObNRF0A4Ka9QuK42XM46rnQoE3y2EYSiOAFNVxd7K118MFEZHlquET3ZdMCNnOjOsvBHPvF1I7fY2rB0gff%2B5Gcwv6DLfBDJrsdQeCw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b68b733aeb083c0-KIX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
http://94.142.138.131/api/tracemap.php
REQUEST
RESPONSE
BODY
GET /api/tracemap.php HTTP/1.1
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Host: 94.142.138.131
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 04:27:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 15
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET
301
http://www.maxmind.com/geoip/v2.1/city/me
REQUEST
RESPONSE
BODY
GET /geoip/v2.1/city/me HTTP/1.1
Connection: Keep-Alive
Referer: https://www.maxmind.com/en/locate-my-ip-address
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Host: www.maxmind.com
HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Apr 2023 04:27:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 12 Apr 2023 05:27:14 GMT
Location: https://www.maxmind.com/geoip/v2.1/city/me
Server: cloudflare
CF-RAY: 7b68b7366f01a7d7-ICN
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.102:49183 104.26.4.15:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc RSA CA-2 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 8d:c8:6e:29:ea:e9:15:f8:85:80:ae:fd:51:f0:44:ca:8c:7d:0c:dc |
TLSv1 192.168.56.102:49182 104.26.4.15:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc RSA CA-2 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 8d:c8:6e:29:ea:e9:15:f8:85:80:ae:fd:51:f0:44:ca:8c:7d:0c:dc |
Snort Alerts
No Snort Alerts