Report - e.nfluk.com/T/v60000018c10f04a22a1d6e289d22c0457/d9caebd248654fc00000021ef3a0bcc9/d9caebd2-4865-4fc0-b680-71be9102a2f9

Report Overview

Visitedpublic

2023-11-27 13:36:49

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
starling-oversea.byteoversea.com	29663	2017-09-20	2020-04-15 10:49:41	2023-11-26 23:31:43	530 B	92 kB	2.22.31.41
p16-sign-useast2a.tiktokcdn.com	unknown	2017-09-20	2023-03-30 14:01:39	2023-11-26 18:12:08	12 kB	2.7 MB	92.123.135.141
p16-sign-va.tiktokcdn.com	995	2017-09-20	2020-08-14 10:15:13	2023-11-20 18:12:05	3.4 kB	805 kB	92.123.135.141
vmweb-va.byteoversea.com	234159	2017-09-20	2021-11-27 15:17:38	2023-11-25 22:10:41	1.1 kB	2.9 kB	23.36.77.201
verification-i18n.tiktok.com	unknown	1996-07-21	2023-08-22 15:40:59	2023-11-18 19:33:48	1.6 kB	1.9 kB	23.33.119.9
p19-rc-captcha-useast2a.ibyteimg.com	unknown	2019-07-19	2023-06-15 02:03:07	2023-11-18 18:53:09	1.1 kB	217 kB	151.101.246.73
mon.tiktokv.com	1924	2017-09-20	2019-03-20 14:59:02	2023-11-23 19:10:37	4.3 kB	9.3 kB	23.60.69.17
vcs-va-useast2a.byteoversea.com	unknown	2017-09-20	2022-04-02 14:26:17	2023-11-18 18:52:54	1.1 kB	3.4 kB	23.36.77.224
mon-i18n.tiktokv.com	unknown	2017-09-20	2022-04-20 20:30:29	2023-11-24 10:01:21	1.6 kB	3.2 kB	147.160.191.131
v16-webapp-prime.tiktok.com	unknown	1996-07-21	2022-11-17 14:54:50	2023-11-23 10:16:15	1.6 kB	14 MB	23.36.76.241
e.nfluk.com	unknown	2003-05-08	2017-01-30 15:21:10	2023-11-21 15:38:32	500 B	228 B	93.191.148.22
sf16-website-login.neutral.ttwstatic.com	unknown	2021-11-05	2022-12-12 16:40:21	2023-11-23 10:16:09	79 kB	4.9 MB	92.123.135.145
mon-va.byteoversea.com	5043	2017-09-20	2018-12-03 14:10:29	2023-11-23 17:23:23	2.3 kB	141 kB	71.18.4.241
mcs-va-useast2a.tiktokv.com	unknown	2017-09-20	2023-04-04 16:30:00	2023-11-26 21:29:27	15 kB	27 kB	2.22.31.27
mssdk-va.tiktok.com	unknown	1996-07-21	2022-05-13 06:50:55	2023-11-25 22:30:25	5.8 kB	6.9 kB	95.101.10.210
www.tiktok.com	2538	1996-07-21	2017-11-01 12:14:27	2023-11-22 22:07:10	19 kB	54 kB	23.73.4.215
webcast.tiktok.com	51043	1996-07-21	2021-01-15 18:38:59	2023-11-25 04:39:40	5.0 kB	5.5 kB	23.36.77.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-27 13:36:24	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:24	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:28	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:28	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:30	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:30	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:30	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:30	high	Client IP	Internal IP	ETPRO POLICY Byteoversea TikTok related DNS Lookup
2023-11-27 13:36:32	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:32	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:32	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:33	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:33	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:35	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:35	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:35	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:35	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:36	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:37	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:38	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-11-27 13:36:38	low	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (119)

HTTP Transactions (240)

	URL	IP	Response	Size