IP192.64.119.3:0
File typeHTML document, ASCII text Hashef16a43caef1f2f81cc66b9c3c5c3df5 435618a7d4d8f171850d284be59e5e01f6a0a5fc 183e589b03b923af05b713bc685a235bd5621f5529e15d196b6b930640ba8a0e
NIDS | Severity | Alert | suricata | low | ET INFO Namecheap URL Forward |
GET / HTTP/1.1
Host: meidontnohosisme.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 25 Apr 2024 21:07:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 50
Connection: keep-alive
Location: http://rorsaeed2.bsite.net/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
|
IP5.161.102.56:0 ASN#213230 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: rorsaeed2.bsite.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://rorsaeed2.bsite.net/
|
IP5.161.102.56:0 ASN#213230 Hetzner Online GmbH
File typeHTML document, ASCII text, with CRLF line terminators Hash9f3d3c34bc7e79907035d7cf1466c0ed cf66d0498b3e00f88226d56676770a09831d179d 1b12327f311fd07ccbbdd57f7d7af4063acca7da814a744a35acf95ce1897b09
GET / HTTP/1.1
Host: rorsaeed2.bsite.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Thu, 25 Apr 2024 21:07:37 GMT
content-length: 2969
X-Firefox-Spdy: h2
|
| meidontnohosisme.cfd/mino.zip | 192.64.119.3 | 302 Found | 58 B |
URL User Request GET HTTP/1.1meidontnohosisme.cfd/mino.zip IP192.64.119.3:80
File typeHTML document, ASCII text Hash204983ff5fa6aadfbcedca9005520222 cc0d4ce8ebec88af946e7c5ebf872e65796bb612 26a32248057844d4b66250d2c8f2331ded071c9a5a1723ef11101efa4fbedda9
NIDS | Severity | Alert | suricata | low | ET INFO Namecheap URL Forward |
GET /mino.zip HTTP/1.1
Host: meidontnohosisme.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 25 Apr 2024 21:07:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 58
Connection: keep-alive
Location: http://rorsaeed2.bsite.net/mino.zip
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
|
| rorsaeed2.bsite.net/mino.zip | 5.161.102.56 | 200 OK | 2.4 MB |
URL User Request GET HTTP/2rorsaeed2.bsite.net/mino.zip IP5.161.102.56:443 ASN#213230 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subject*.bsite.net FingerprintC9:64:E7:EE:59:60:0C:57:BE:96:A0:44:48:94:2C:D0:9D:68:F0:3A ValidityTue, 12 Mar 2024 23:15:50 GMT - Mon, 10 Jun 2024 23:15:49 GMT
File typeZip archive data, at least v1.0 to extract, compression method=store Size2.4 MB (2363475 bytes) Hash4fe438ec252cefca9594e29238520797 92a2032e41e1ea5ceeee69ffa6bec05359350dd6 9a345887321f1b205d26324787fd2646bc44f4d303f99c5fd05e0e7a7214f683
GET /mino.zip HTTP/1.1
Host: rorsaeed2.bsite.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-zip-compressed
last-modified: Thu, 11 Apr 2024 11:14:33 GMT
accept-ranges: bytes
etag: "8cbb486e18cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 25 Apr 2024 21:07:38 GMT
content-length: 2363475
X-Firefox-Spdy: h2
|