Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| 6018.anonymousrat5.com | 121.22.5.220 |
GET
200
http://8.134.223.214/tat
REQUEST
RESPONSE
BODY
GET /tat HTTP/1.1
User-Agent: oktt
Host: 8.134.223.214
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 13 Jun 2024 02:38:06 GMT
Content-Type: application/octet-stream
Content-Length: 9394385
Last-Modified: Thu, 13 Jun 2024 01:41:54 GMT
Connection: keep-alive
ETag: "666a4e62-8f58d1"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ICMP traffic
No ICMP traffic performed.
IRC traffic
| Command | Params | Type |
|---|---|---|
| LIST | "%s" *\x00Cannot SELECT without a mailbox.\x00\x00\x00\x00SELECT %s\x00\x00\x00Cannot FETCH without a UID.\x00FETCH %s BODY[%s]<%s>\x00\x00\x00FETCH %s BODY[%s]\x00\x00\x00Cannot APPEND without a mailbox.\x00\x00\x00\x00Cannot APPEND with unknown input file size | client |
| CONNECT | %s HTTP/%s | client |
| CONNECT | == operation_ptr->operation_type()\x00\x00_ssl_next_stat == LIST_PASV_CONNECT\x00_ssl_explicit && operation_ptr == _asyn_io_operation\x00\x00\x00\x00_is_ssl\x00delivered socket exception\x00\x00operation_ptr == _asyn_io_operation\x00_next_stat2 == DATA_DATA_READ\x00\x00\x00_ssl_next_stat == DATA_PASV_CONNECT\x00_is_ssl && operation_ptr == _data_operation\x00_active_server_socket == NULL\x00\x00\x00\x8cX'\x10\x88X'\x10\x84X'\x10\x80X'\x10|X'\x10pX'\x10dX'\x10\X'\x10http request return error, can't get entity_length\x00\x00not send request,can't get entity_length\x00\x00\x00\x00\xff\xff\xff\xff&5 | client |
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49166 -> 121.22.5.220:5555 | 2260003 | SURICATA Applayer Protocol detection skipped | Generic Protocol Command Decode |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts