| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r | 188.114.97.1 | | 167 B |
URL account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r IP188.114.97.1:0
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET /Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 05:58:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 10 May 2024 06:58:29 GMT
Location: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mh9L5jRnLsWz7o89tyRm7X8x5aURMUebk%2FSs8IQMcgsPqvWosCfiTSxsBtG%2BBlftAknpiG3hV7H3wTvuUGTyXpE50zja16wV4pGWQlrtVTHKWttKa%2BrR1dRP5UMD6ssYTYG2O%2BXw0Z4SU4j26KzjhclexhXhG0rtdk%2FKHWFcVBDpmZBzltZmyLVb1gd3mPGfSVmefyk3E%2FU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8817b2a38f7f56be-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/891t6/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:30 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8817b2a95b6a5696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/891t6/0x4AAAAAAADnOjc0PNeA8qVm/light/normal | 104.17.3.184 | | 80 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/891t6/0x4AAAAAAADnOjc0PNeA8qVm/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (42150) Hashad0d577196fa22663ea4731d3db9b546 b2282a823cb9cda9e0b6f0c984d2919f07b481ad 5fd50ad2268fca1bb96bb8996bf0c1f0cb1195927333c7d91f2a505ec601cdde
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/891t6/0x4AAAAAAADnOjc0PNeA8qVm/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:30 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
document-policy: js-profiling
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
server: cloudflare
cf-ray: 8817b2a83a6e5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit | 104.17.3.184 | | 47 kB |
URL challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 05:58:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817b2a6c8e056c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8817b2a83a6e5696/1715320710880/337ff0cafa336530a8006c7fe5fdda819e4fea4a8d0debc6aaf36ea88e504bf7/nN7J4WzaKCGAVUi | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8817b2a83a6e5696/1715320710880/337ff0cafa336530a8006c7fe5fdda819e4fea4a8d0debc6aaf36ea88e504bf7/nN7J4WzaKCGAVUi IP104.17.3.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/8817b2a83a6e5696/1715320710880/337ff0cafa336530a8006c7fe5fdda819e4fea4a8d0debc6aaf36ea88e504bf7/nN7J4WzaKCGAVUi HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/891t6/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 10 May 2024 05:58:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gM3_wyvozZTCoAGx_5f3agZ5P6kqNDevGqvNuqI5QS_cAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIDN_8Mr6M2UwqABsf-X92oGeT-pKjQ3rxqrzbqiOUEv3ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8817b2ae8f985696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8817b2a83a6e5696/1715320710885/yhttTXbwQ-9PYlE | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8817b2a83a6e5696/1715320710885/yhttTXbwQ-9PYlE IP104.17.3.184:0
File typePNG image data, 29 x 44, 8-bit/color RGB, non-interlaced Hash763eba1f99c3ec774f343f37dd5e324d 59199ef1ce78f1a74ff6b3e6f5e0f1630630aeb2 fa7a040f194709f15d485166f7e84ddaaa3dc737504489fe093ab681f9c913d8
GET /cdn-cgi/challenge-platform/h/g/i/8817b2a83a6e5696/1715320710885/yhttTXbwQ-9PYlE HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/891t6/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:32 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8817b2b44de35696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/images/christmas/49194_04.jpg | 188.114.96.1 | 200 OK | 2.0 kB |
URL GET HTTP/3account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/images/christmas/49194_04.jpg IP188.114.96.1:443
Requested byhttps://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed CertificateIssuerGoogle Trust Services LLC Subjectcurf.top Fingerprint3C:A4:94:7C:0F:A1:06:F9:27:93:17:70:F1:0A:E9:26:8D:4E:DA:B5 ValiditySun, 14 Apr 2024 03:58:16 GMT - Sat, 13 Jul 2024 03:58:15 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 152x36, components 3 Hash63d35d61f84c88a47590dd93f4cf5797 3e9440aac608f0ebd63a56084d7186423b9c58f2 18ce58c9fdecad2fb0e3848911e3798e63af79878e2230b074a7b34f10b9f62e
GET /images/christmas/49194_04.jpg HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed
Cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; .AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:37 GMT
content-type: image/jpeg
content-length: 1968
last-modified: Mon, 15 Aug 2016 06:54:50 GMT
etag: "1d1f6c1eade1eb0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=npFE%2FY%2FkKyihLxaM%2FzUOKPgvxFB4Kn2nzkymiQShCmn6qQnw1wk6WyrSBz2xA5Na4ZxmwTU7U0AFjI4F6OgFPQAHVmH1sikRiMxktvzJxes8%2BJFOp7RrXOckbvjjJhe74oSMVGbCTqnz53KtjNG0DQRGDHf3LKD037yt%2B2z%2BMR4IIHxCS7tJt9tFZmC5INTpGoOABihUt40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817b2d068dcb51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed | 188.114.96.1 | 200 OK | 39 kB |
URL User Request POST HTTP/3account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcurf.top Fingerprint3C:A4:94:7C:0F:A1:06:F9:27:93:17:70:F1:0A:E9:26:8D:4E:DA:B5 ValiditySun, 14 Apr 2024 03:58:16 GMT - Sat, 13 Jul 2024 03:58:15 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0c61fbe3ea896d3aa165335a06d29619 6a1e96877d66ee4c75651ed6376b43ef2ccee6df 5de608d9998cdf6436633c00fd702ba8b1499373cd1109c0c46e7992b9e5fe75
POST /Uns/Completed HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 267
Origin: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
DNT: 1
Connection: keep-alive
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r
Cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; .AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:36 GMT
content-type: text/html; charset=utf-8
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6549l4ANCPGu9VTS04ZgT2Aos9EjUokEh1Cm97icO%2BrgvT%2Fnm7HoruLtihBFtmI4h0rohsj8wmr%2BVbgbfcmG7yA5XRSENAmz9WD%2Fawkpa70oHxBqLBUtONFc%2BU7e28xWNQAmVZmeJfnRS5SFj%2FuSeJ1lWlVZ%2BdgRA0e8RHW8EnVQt57GdgPwL2nlpGRMPrgvZ5%2F0XyxA%2BxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817b2c95abfb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/favicon.ico | 188.114.96.1 | 200 OK | 6.6 kB |
URL GET HTTP/3account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/favicon.ico IP188.114.96.1:443
Requested byhttps://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed CertificateIssuerGoogle Trust Services LLC Subjectcurf.top Fingerprint3C:A4:94:7C:0F:A1:06:F9:27:93:17:70:F1:0A:E9:26:8D:4E:DA:B5 ValiditySun, 14 Apr 2024 03:58:16 GMT - Sat, 13 Jul 2024 03:58:15 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel Hash9200225b96881264e6481c77d69c622c 27608d84e28f926b740038252240f715eeb9d2bd 26dc5ff4bfb9213291735808465e156d4a4691135f3815e3613761243e1f69c3
GET /favicon.ico HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed
Cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; .AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:37 GMT
content-type: image/x-icon
last-modified: Wed, 21 Jul 2021 13:26:58 GMT
etag: W/"1d77e34149da836"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJBBvJc9a8f5NSyvUgKMQIJTEcnnCPnPXZhAEq8WEzldQxPQPWltG%2B4Rmhq%2FaQht6fIjq1stWQ6QxsDtenrNbv5Y%2Bn7RmilJKbOGTTWnvkiPIkjxpHo3G1wEI1LaSR%2FUPXa%2F1EhOhJgLieK1NqvAVI78F199j3iqkel1ORErP7FVwDuU%2Fh6wKDZXVlQ9%2BRWlGQehjyGbbVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817b2d20a69b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/lib/bootstrap/dist/js/bootstrap.bundle.min.js | 188.114.96.1 | 200 OK | 23 kB |
URL GET HTTP/3account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/lib/bootstrap/dist/js/bootstrap.bundle.min.js IP188.114.96.1:443
Requested byhttps://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed CertificateIssuerGoogle Trust Services LLC Subjectcurf.top Fingerprint3C:A4:94:7C:0F:A1:06:F9:27:93:17:70:F1:0A:E9:26:8D:4E:DA:B5 ValiditySun, 14 Apr 2024 03:58:16 GMT - Sat, 13 Jul 2024 03:58:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65292), with CRLF line terminators Hashb41fe9374205bd087a4d4f0ab5a195be ff398162cf8cbdbaa30110512524ecce2ca040be 5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
GET /lib/bootstrap/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r
Cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; .AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:35 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 13:26:58 GMT
etag: W/"1d77e34149c8e31"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04BUUDzLKOxhwRadOVbsWKKbfRzokIWXvs5JY18SvNmRX58abDc2kVvU3%2F2REDQYFOL1KiGkKPJozyjphOePesC1Xp6sP%2BwmvgH5LqtrE40kMB0kGSQFoMbyuYWe%2BxAO60qNWQzbPvrp84bl9cEL6KXf0X5jwl03v7%2BRuP9QFNTzvQ7oaWqZl9LLkKu00rMKbEXxd8b%2Fpn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817b2bfc9deb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r | 188.114.96.1 | | 38 kB |
URL account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r IP188.114.96.1:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash0095ce9e31ee633ca0e2b62d7f63fffa ad4a67ba7827f9f39349058fd52d427d292bda4d 9d1dab14cfebaa8281e3be8401218d10f4da68416f86668c2faf353a8543c640
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain | suricata | medium | ET INFO HTTP Request to a *.top domain |
POST /Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns?crmv=vk&a0o653=baaleos@slurpmail.net&xmsruip=&r&__cf_chl_tk=wehaqCcH7zwpVoeiGmuOmsJ288UMtZuXGVr.AGEVnfo-1715320709-0.0.1.1-1493
Content-Type: application/x-www-form-urlencoded
Content-Length: 4272
Origin: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:34 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
pragma: no-cache
set-cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; Path=/; Expires=Sat, 10-May-25 05:58:33 GMT; Domain=.curf.top; HttpOnly; Secure; SameSite=None; Partitioned
.AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU; path=/; samesite=strict; httponly
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KczW0g5OXvGpTYAiDbl9ysOFvU5vPfSfySBGB0KTw0Q%2FIrv%2Ft80aaCw%2FXjIhsWzdZ749HgS06aMN9nIkLuYWzstu%2FITlByoo%2FeD%2FXNjGtVJB88T%2FCSa3%2BTNpDESS00nlX9yrqYRFOvSNFzwY3%2FmLOmKjm3AdaHq6WFqBDV2WgFBqy4MpLj%2Bwune5Yg0nqOaVMgZUz8A8Ulk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817b2b8ab44b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/lib/jquery/dist/jquery.min.js | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/3account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/lib/jquery/dist/jquery.min.js IP188.114.96.1:443
Requested byhttps://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed CertificateIssuerGoogle Trust Services LLC Subjectcurf.top Fingerprint3C:A4:94:7C:0F:A1:06:F9:27:93:17:70:F1:0A:E9:26:8D:4E:DA:B5 ValiditySun, 14 Apr 2024 03:58:16 GMT - Sat, 13 Jul 2024 03:58:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /lib/jquery/dist/jquery.min.js HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed
Cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; .AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:36 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 13:26:58 GMT
etag: W/"1d77e34149ce084"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2scHtqTtOeiXM07JA0Yp3ajTFolstZM3I0asVE%2FxTBEiI7bEz53%2Ft4hIwkGZrB8R32YDIBxe64K8Bw48YU9dfZuI208PVJCcVSwkgsEvMd3NyZ9zHGTBY2y8XBsXWdCLZg0x1QTQHX0khll7hQ%2BkcxYCacFFhYzl0b4HrCMCKXEd7mUwDTEwOQv9Z8xpu%2F95D9u6fTg%2Fl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817b2d058d2b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/images/Halloween.jpg | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/images/Halloween.jpg IP188.114.96.1:443
Requested byhttps://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed CertificateIssuerGoogle Trust Services LLC Subjectcurf.top Fingerprint3C:A4:94:7C:0F:A1:06:F9:27:93:17:70:F1:0A:E9:26:8D:4E:DA:B5 ValiditySun, 14 Apr 2024 03:58:16 GMT - Sat, 13 Jul 2024 03:58:15 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 1800x1800, segment length 16, progressive, precision 8, 800x400, components 3 Hash87905df524ac715c9359218c0939bc90 90019abb5fbb068726df5f91da95bec918c2c6f0 44e8189275be25efa3f17ed29c30f6ac5a9102816f09d473bc03dba0335284bf
GET /images/Halloween.jpg HTTP/1.1
Host: account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://account-amazon-merchant-center-campaign-v3-signin-identifier.curf.top/Uns/Completed
Cookie: cf_clearance=LXCjg92UchvvTafRSnILU78LQD3qSK4Hs0GyZx7Lsac-1715320709-1.0.1.1-fmPBkmXjD56EBglbHpX1o8dZCGioA2aOkJZRF7.zQ_zsUtAsjAcZRxBx96Rac0TRnVdI7aqF3i6_sFqs7bWJTg; .AspNetCore.Antiforgery.3VWSvAhY2Z4=CfDJ8FRHuRYoB4BLrgJJ23lEKQqY4khDjI94lbYsupV9E-JkgTKZqQb7trLm8ec6emC2_B3yiOLb5s63WNToMcF07vPjjnqERy7aHQJlg-vVadm5XAvy3jeXicXmEvhXi9NSUNUQ-ue1PglJBHHn--nKZuU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 05:58:37 GMT
content-type: image/jpeg
content-length: 37889
last-modified: Sat, 01 Oct 2022 17:25:12 GMT
etag: "1d8d5bac3055801"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0XD0KE2XPrq5KX6F1ZcujCIzJun%2Fj%2F4nMvyivRrRcjB5osLIPe7MxUpldNv7rUbOj%2BZ0Tl9ddBAuBjGGgKal4CHm8B6onxJBfaQ46z9JzRz37b1wnxotz9%2Fap0qx0YGBQ%2BOV6HxNT8UD326Vd%2F1dTR16%2BIdturDs1i3uET%2BU1Bu0MB4UEPqhDziKgIjF8xy%2Bh4HuZBbZZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817b2d058d6b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|