Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
- UDP Requests
-
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:62325 239.255.255.250:3702
-
192.168.56.101:62445 239.255.255.250:1900
-
192.168.56.101:62447 239.255.255.250:3702
-
192.168.56.101:62449 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
200
https://70.119.220.241/rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/
REQUEST
RESPONSE
BODY
GET /rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/ HTTP/1.1
Connection: Keep-Alive
User-Agent: curl/7.72.0
Host: 70.119.220.241
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Mar 2021 22:50:00 GMT
Content-Type: application/octet-stream
Content-Length: 224
Connection: keep-alive
GET
200
https://174.105.236.140/rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/
REQUEST
RESPONSE
BODY
GET /rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/ HTTP/1.1
Connection: Keep-Alive
User-Agent: curl/7.72.0
Host: 174.105.236.140
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Mar 2021 22:50:03 GMT
Content-Type: application/octet-stream
Content-Length: 224
Connection: keep-alive
GET
200
https://67.79.117.70/rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/
REQUEST
RESPONSE
BODY
GET /rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/ HTTP/1.1
Connection: Keep-Alive
User-Agent: curl/7.72.0
Host: 67.79.117.70
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Mar 2021 22:50:06 GMT
Content-Type: application/octet-stream
Content-Length: 224
Connection: keep-alive
GET
200
https://173.219.76.169/rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/
REQUEST
RESPONSE
BODY
GET /rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/ HTTP/1.1
Connection: Keep-Alive
User-Agent: curl/7.72.0
Host: 173.219.76.169
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Mar 2021 22:50:08 GMT
Content-Type: application/octet-stream
Content-Length: 224
Connection: keep-alive
GET
200
https://98.6.253.142/rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/
REQUEST
RESPONSE
BODY
GET /rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/ HTTP/1.1
Connection: Keep-Alive
User-Agent: curl/7.72.0
Host: 98.6.253.142
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Mar 2021 22:50:11 GMT
Content-Type: application/octet-stream
Content-Length: 224
Connection: keep-alive
GET
200
https://98.6.253.142/rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/
REQUEST
RESPONSE
BODY
GET /rob36/TEST22-PC_W617601.BB93B93366FF71F673BF0BB3D37F9F3F/5/kps/ HTTP/1.1
Connection: Keep-Alive
User-Agent: curl/7.72.0
Host: 98.6.253.142
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Mar 2021 22:50:58 GMT
Content-Type: application/octet-stream
Content-Length: 224
Connection: keep-alive
ICMP traffic
Source | Destination | ICMP Type | Data |
---|---|---|---|
65.158.222.46 | 192.168.56.101 | 3 | |
65.158.222.46 | 192.168.56.101 | 3 |
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.101:49204 174.105.236.140:443 |
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | a1:ea:a4:fa:0a:5e:ba:b9:c1:46:42:a3:0b:3e:a6:e7:b4:e2:f7:f0 |
TLSv1 192.168.56.101:49203 70.119.220.241:443 |
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | a1:ea:a4:fa:0a:5e:ba:b9:c1:46:42:a3:0b:3e:a6:e7:b4:e2:f7:f0 |
TLSv1 192.168.56.101:49207 98.6.253.142:443 |
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | 81:c4:f0:b6:a7:40:f0:09:2b:ab:2a:1c:df:80:a0:30:da:d8:93:79 |
TLSv1 192.168.56.101:49205 67.79.117.70:443 |
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | 81:c4:f0:b6:a7:40:f0:09:2b:ab:2a:1c:df:80:a0:30:da:d8:93:79 |
TLSv1 192.168.56.101:49206 173.219.76.169:443 |
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | C=AU, ST=Some-State, O=Internet Widgits Pty Ltd | a1:ea:a4:fa:0a:5e:ba:b9:c1:46:42:a3:0b:3e:a6:e7:b4:e2:f7:f0 |
Snort Alerts
No Snort Alerts