Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dukastotranza.click | 79.110.62.15 | |
| specificsecurity.ru | 79.110.62.15 | |
| smartkontur.site |
POST
200
http://dukastotranza.click/NfjxzZz8jn/index.php
REQUEST
RESPONSE
BODY
POST /NfjxzZz8jn/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: dukastotranza.click
Content-Length: 21
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 17 Oct 2024 01:36:33 GMT
Server: nginx/1.18.0
Content-Length: 1
POST
200
http://specificsecurity.ru/NfjxzZz9jn/index.php
REQUEST
RESPONSE
BODY
POST /NfjxzZz9jn/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: specificsecurity.ru
Content-Length: 21
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 17 Oct 2024 01:36:34 GMT
Server: nginx/1.18.0
Content-Length: 1
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 79.110.62.15:80 -> 192.168.56.101:49166 | 2400007 | ET DROP Spamhaus DROP Listed Traffic Inbound group 8 | Misc Attack |
| TCP 79.110.62.15:80 -> 192.168.56.101:49166 | 2402000 | ET DROP Dshield Block Listed Source group 1 | Misc Attack |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts