Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
GET
200
http://104.37.187.182/xpxmr.txt
REQUEST
RESPONSE
BODY
GET /xpxmr.txt HTTP/1.1
Accept: */*
Host: 104.37.187.182
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Sun, 31 Jan 2021 07:00:49 GMT
Accept-Ranges: bytes
ETag: "85bf37ce9ef7d61:0"
Server: Microsoft-IIS/8.5
Date: Fri, 07 Jun 2024 08:51:03 GMT
Content-Length: 128
GET
200
http://104.37.187.182/ok/wpd.html
REQUEST
RESPONSE
BODY
GET /ok/wpd.html HTTP/1.1
Accept: */*
Host: 104.37.187.182
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 31 Jan 2021 06:43:37 GMT
Accept-Ranges: bytes
ETag: "aefca3679cf7d61:0"
Server: Microsoft-IIS/8.5
Date: Fri, 07 Jun 2024 08:51:03 GMT
Content-Length: 14
GET
200
http://104.37.187.182/wpdmd5.txt
REQUEST
RESPONSE
BODY
GET /wpdmd5.txt HTTP/1.1
Connection: Keep-Alive
User-Agent: WinHttpClient
Host: 104.37.187.182
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 26 May 2022 15:39:10 GMT
Accept-Ranges: bytes
ETag: "55dc6ebe1671d81:0"
Server: Microsoft-IIS/8.5
Date: Fri, 07 Jun 2024 08:51:04 GMT
Content-Length: 32
GET
200
http://104.37.187.182/wpdtest.txt
REQUEST
RESPONSE
BODY
GET /wpdtest.txt HTTP/1.1
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1;
Host: 104.37.187.182
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 26 May 2022 15:34:33 GMT
Accept-Ranges: bytes
ETag: "c79246191671d81:0"
Server: Microsoft-IIS/8.5
Date: Fri, 07 Jun 2024 08:51:04 GMT
Content-Length: 11488
GET
200
http://104.37.187.182/ver.txt
REQUEST
RESPONSE
BODY
GET /ver.txt HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 104.37.187.182
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Sun, 23 Jul 2023 06:18:47 GMT
Accept-Ranges: bytes
ETag: "1a62708a2dbdd91:0"
Server: Microsoft-IIS/8.5
Date: Fri, 07 Jun 2024 08:51:04 GMT
Content-Length: 7
GET
200
http://104.37.187.182/shellver.txt
REQUEST
RESPONSE
BODY
GET /shellver.txt HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 104.37.187.182
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 24 Feb 2021 17:02:39 GMT
Accept-Ranges: bytes
ETag: "103da6dbcead71:0"
Server: Microsoft-IIS/8.5
Date: Fri, 07 Jun 2024 08:51:04 GMT
Content-Length: 16
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.103:49758 -> 192.168.57.17:1433 | 2001583 | ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection | Misc activity |
TCP 192.168.56.103:49844 -> 192.168.57.51:1433 | 2001583 | ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection | Misc activity |
TCP 192.168.56.103:50021 -> 192.168.57.100:445 | 2001569 | ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection | Misc activity |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts