Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.mania-31.online | 172.67.179.47 | |
| www.burneysaw.com |
GET
301
http://www.mania-31.online/rs10/?RVlPiv=tmhWCCuUnR/2p22+r5vsD84Rn13KUgX1rgHj59z166BF2ySpaKINgv8s/QUWtH6HwzUj1/+r&QL3=uTypB4hPUby4i
REQUEST
RESPONSE
BODY
GET /rs10/?RVlPiv=tmhWCCuUnR/2p22+r5vsD84Rn13KUgX1rgHj59z166BF2ySpaKINgv8s/QUWtH6HwzUj1/+r&QL3=uTypB4hPUby4i HTTP/1.1
Host: www.mania-31.online
Connection: close
HTTP/1.1 301 Moved Permanently
Date: Wed, 25 Oct 2023 02:19:35 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Wed, 25 Oct 2023 03:19:35 GMT
Location: https://www.mania-31.online/rs10/?RVlPiv=tmhWCCuUnR/2p22+r5vsD84Rn13KUgX1rgHj59z166BF2ySpaKINgv8s/QUWtH6HwzUj1/+r&QL3=uTypB4hPUby4i
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQm2wukiuZCGWTVptG8vmE7JSjF3FkiY3YQZZIa9Yoh7GwvxS4YQg%2FxYFfhN3ADlTFVvluWL7%2Bdu4lD8rVUS%2BCQVlb0gL2VVzEwPeZkHXC1BZoUOOEz5GNDmnoqKes2Kh9WylPrF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 81b6f9bd88460a8e-KIX
alt-svc: h3=":443"; ma=86400
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.103:49165 -> 104.21.96.114:80 | 2031412 | ET MALWARE FormBook CnC Checkin (GET) | Malware Command and Control Activity Detected |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts