Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| pwvz71qp-ur1xo6pn.netdna-ssl.com | ||
| d23ocewf5ttxmu.cloudfront.net | 54.230.169.173 |
POST
200
http://d23ocewf5ttxmu.cloudfront.net/br.ashx?pid={PID}&aid={AID}&ss=0&s=N4LjSLF&v=2.1.5.306&md5=15adccbdf2e3e994baa9e12797b52a14&mid=AAA0A3AGAJA9A9A7A3AJieie777G3DiL7L77793D1JiAA1&uid=A14B9EAF-39FF-49F6-A848-E4C05A9C6A9C
REQUEST
RESPONSE
BODY
POST /br.ashx?pid={PID}&aid={AID}&ss=0&s=N4LjSLF&v=2.1.5.306&md5=15adccbdf2e3e994baa9e12797b52a14&mid=AAA0A3AGAJA9A9A7A3AJieie777G3DiL7L77793D1JiAA1&uid=A14B9EAF-39FF-49F6-A848-E4C05A9C6A9C HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.0)
Host: d23ocewf5ttxmu.cloudfront.net
Content-Length: 1966
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Cache-Control: private,no-cache, no-store
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 21 Apr 2023 09:12:28 GMT
X-Cache: Miss from cloudfront
Via: 1.1 a267024203a3993fbec6937460fe5e04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ICN54-C3
X-Amz-Cf-Id: F-CGzVWsd2zhWf-OIAbBCHiBLVYwudSx_3qUp9nMy-1zqtzreZo4HQ==
POST
200
http://d23ocewf5ttxmu.cloudfront.net/br.ashx?pid={PID}&aid={AID}&ss=0&s=N4LjSLF&v=2.1.5.306&md5=3d0118e6f5b93e2a167614e8a0d320e7&mid=AAA0A3AGAJA9A9A7A3AJieie777G3DiL7L77793D1JiAA1&uid=A14B9EAF-39FF-49F6-A848-E4C05A9C6A9C
REQUEST
RESPONSE
BODY
POST /br.ashx?pid={PID}&aid={AID}&ss=0&s=N4LjSLF&v=2.1.5.306&md5=3d0118e6f5b93e2a167614e8a0d320e7&mid=AAA0A3AGAJA9A9A7A3AJieie777G3DiL7L77793D1JiAA1&uid=A14B9EAF-39FF-49F6-A848-E4C05A9C6A9C HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.0)
Host: d23ocewf5ttxmu.cloudfront.net
Content-Length: 1966
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Cache-Control: private,no-cache, no-store
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 21 Apr 2023 09:12:28 GMT
X-Cache: Miss from cloudfront
Via: 1.1 3a7f7d8a04f65390ae6ee5d3cee838a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ICN57-P1
X-Amz-Cf-Id: 5yEI30rFbZ9TyFXlrY3Tzzx_Atvgi6zoODRkNYlfB9o39NT3GU0Ruw==
POST
200
http://d23ocewf5ttxmu.cloudfront.net/br.ashx?pid={PID}&aid={AID}&ss=0&s=N4LjSLF&v=2.1.5.306&md5=271b06c792838b8d992c8cd45f4a3897&mid=AAA0A3AGAJA9A9A7A3AJieie777G3DiL7L77793D1JiAA1&uid=A14B9EAF-39FF-49F6-A848-E4C05A9C6A9C
REQUEST
RESPONSE
BODY
POST /br.ashx?pid={PID}&aid={AID}&ss=0&s=N4LjSLF&v=2.1.5.306&md5=271b06c792838b8d992c8cd45f4a3897&mid=AAA0A3AGAJA9A9A7A3AJieie777G3DiL7L77793D1JiAA1&uid=A14B9EAF-39FF-49F6-A848-E4C05A9C6A9C HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.0)
Host: d23ocewf5ttxmu.cloudfront.net
Content-Length: 462
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Cache-Control: private,no-cache, no-store
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 21 Apr 2023 09:12:28 GMT
X-Cache: Miss from cloudfront
Via: 1.1 3a7f7d8a04f65390ae6ee5d3cee838a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ICN57-P1
X-Amz-Cf-Id: F3xy0S87_WW7J6LLFOU-sXYyQR3o4KiO0zMmSdQSKCeC0UAMaiW2SA==
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49174 -> 18.67.47.49:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 | Potential Corporate Privacy Violation |
| TCP 192.168.56.101:49173 -> 18.67.47.49:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 | Potential Corporate Privacy Violation |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts