popup
NetWork | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Network Analysis

Download pcap
Hosts 1 DNS 0 TCP 1 UDP 4 HTTP(S) 1 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action
192.3.216.141 Active Moloch
Name Response Post-Analysis Lookup
No hosts contacted.
GET 200 http://192.3.216.141/vvvvvvonstraints.vbs
REQUEST
: GET /vvvvvvonstraints.vbs HTTP/1.1
Accept: */*
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Host: 192.3.216.141
Connection: Keep-Alive
RESPONSE
: HTTP/1.1 200 OK
Content-Type: text/vbscript
Last-Modified: Tue, 25 Mar 2025 17
Accept-Ranges: bytes
ETag: "14f6cbba99ddb1
Server: Microsoft-IIS/10.0
Date: Thu, 27 Mar 2025 01
Content-Length: 347479
BODY 

            

        


    



        
	




                            
ICMP traffic



No ICMP traffic performed.



                            
IRC traffic



No IRC requests performed.



                            
Suricata Alerts


    

        

            Flow
            SID
            Signature
            Category
        

        
        

            
                TCP
                192.168.56.101:49184 ->
                192.3.216.141:80
            
            2027260
            ET INFO Dotted Quad Host VBS Request
            Potentially Bad Traffic
        

        
    




Suricata TLS


    
No Suricata TLS




                            
Snort Alerts


    
No Snort Alerts