Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
wshsoft.company | 194.59.164.67 | |
ip-api.com | 208.95.112.1 |
- TCP Requests
-
-
192.168.56.101:49221 194.59.164.67:80wshsoft.company
-
192.168.56.101:49199 208.95.112.1:80ip-api.com
-
192.168.56.101:49202 79.134.225.94:5200
-
192.168.56.101:49205 79.134.225.94:5200
-
192.168.56.101:49206 79.134.225.94:5200
-
192.168.56.101:49207 79.134.225.94:5200
-
192.168.56.101:49208 79.134.225.94:5200
-
192.168.56.101:49209 79.134.225.94:5200
-
192.168.56.101:49210 79.134.225.94:5200
-
192.168.56.101:49211 79.134.225.94:5200
-
192.168.56.101:49212 79.134.225.94:5200
-
192.168.56.101:49213 79.134.225.94:5200
-
192.168.56.101:49214 79.134.225.94:5200
-
192.168.56.101:49216 79.134.225.94:5200
-
192.168.56.101:49218 79.134.225.94:5200
-
192.168.56.101:49219 79.134.225.94:5200
-
192.168.56.101:49220 79.134.225.94:5200
-
- UDP Requests
-
-
192.168.56.101:59369 164.124.101.2:53
-
192.168.56.101:61479 164.124.101.2:53
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:61480 239.255.255.250:3702
-
192.168.56.101:62445 239.255.255.250:1900
-
192.168.56.101:62447 239.255.255.250:3702
-
192.168.56.101:62449 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
200
http://ip-api.com/json/
REQUEST
RESPONSE
BODY
GET /json/ HTTP/1.1
Accept: */*
Accept-Language: ko
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Accept-Encoding: gzip, deflate
Host: ip-api.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Wed, 17 Mar 2021 15:05:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 277
Access-Control-Allow-Origin: *
X-Ttl: 60
X-Rl: 44
GET
200
http://wshsoft.company/python27.zip
REQUEST
RESPONSE
BODY
GET /python27.zip HTTP/1.1
Accept: */*
Accept-Language: ko
Cache-Control: max-age=0
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C; .NET4.0E)
Host: wshsoft.company
Connection: Keep-Alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: application/zip
Last-Modified: Thu, 07 May 2020 21:04:01 GMT
Etag: "c5ed8e-5eb477c1-e0196dc1ce759f11;;;"
Accept-Ranges: bytes
Content-Length: 12971406
Date: Wed, 17 Mar 2021 15:06:39 GMT
Server: LiteSpeed
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts