| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css | 142.250.74.35 | 200 OK | 4.1 kB |
URL GET HTTP/2www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css IP142.250.74.35:443
Requested byhttp://accscnfrmtnfbacc.ftp.sh/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (22367), with no line terminators Hashb0b46b807eee39af0aad8f5fefc9b3a2 0fb04f15599bc0844063a6ab776c86e73cb9fbfc 71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
GET /_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 10:23:10 GMT
expires: Fri, 09 May 2025 10:23:10 GMT
cache-control: public, max-age=31536000
age: 75595
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 103.181.142.63 | | 25 kB |
IP103.181.142.63:0 ASN#136052 PT Cloud Hosting Indonesia
File typeHTML document, ASCII text, with very long lines (485), with CRLF line terminators Hash3bb4c3faa31db95e19158b2f46dc4e7e 0e49f42f01d1dbd7409c754c8d09b5155dc968c0 a6ba30d4a2957d3e1837a4b4029f65891261de42b9ba3dcdf34789e1e91149ff
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET / HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
etag: "28db0-663bb097-fc8e8;gz"
last-modified: Wed, 08 May 2024 17:04:23 GMT
content-type: text/html
content-length: 24745
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:04 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/styles.css | 103.181.142.63 | 200 OK | 1.8 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/styles.css IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
Hashb753875c6b971065559285355202c65d 0d0d3b7305e7355e41cc9ebc158b0024b589d4b4 f39266151ffccfe3a425ae17a6fb51671466df765081a6fe0738d5dab53c2bc6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/styles.css HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:05 GMT
etag: "2663-663bb0be-fc8fc;gz"
last-modified: Wed, 08 May 2024 17:05:02 GMT
content-type: text/css
content-length: 1841
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:05 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/load.js | 103.181.142.63 | 200 OK | 389 B |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/load.js IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typeJavaScript source, ASCII text Hashcdced71ad2a0c1ada5e6e12fe0485f52 15d1ab751afd0d0a0f66755becc360124e512c24 186c9530c90453f18f9d001a221c5c17ed497b925e93f30d34cb0dd1721a042c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/load.js HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:05 GMT
etag: "444-663bb0bb-fc8f6;gz"
last-modified: Wed, 08 May 2024 17:04:59 GMT
content-type: application/x-javascript
content-length: 389
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:05 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/chunk1.css | 103.181.142.63 | 200 OK | 13 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/chunk1.css IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typeASCII text, with very long lines (59102), with CRLF line terminators Hash2164074a81243a4b4f0597f8284d31f7 0f6a9ea3dfa82ae93b6ce14b7db626e7db4f447b d059ebac9e5a7f3f7e5ae59ca137bb7224e38ad41d3ad36e1d65995b35524a22
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/chunk1.css HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:05 GMT
etag: "e7c9-663bb0ba-fc8f4;gz"
last-modified: Wed, 08 May 2024 17:04:58 GMT
content-type: text/css
content-length: 12994
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:05 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/jquery.min.js | 103.181.142.63 | 200 OK | 30 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/jquery.min.js IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typeJavaScript source, ASCII text, with very long lines (65451) Hash4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/jquery.min.js HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:05 GMT
etag: "1538e-663bb0bb-fc8f5;gz"
last-modified: Wed, 08 May 2024 17:04:59 GMT
content-type: application/x-javascript
content-length: 30348
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:05 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/main.chunk.css | 103.181.142.63 | 200 OK | 65 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/main.chunk.css IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typeASCII text, with very long lines (65536), with no line terminators Hash874043c9317d5e3fa72a9fc55b963a57 a0eaa6f6b7458abb0870b11d9b335a6c58677e65 ecc0293c033edc95eedad6bb294a121546ce61c8b1a8973886f551b6702157fe
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/main.chunk.css HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:05 GMT
etag: "7b7d1-663bb0bd-fc8f8;gz"
last-modified: Wed, 08 May 2024 17:05:01 GMT
content-type: text/css
content-length: 64743
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:05 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| fonts.googleapis.com/css?family=Khula&display=swap&.css | 142.250.74.170 | 200 OK | 893 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Khula&display=swap&.css IP142.250.74.170:443
Requested byhttp://accscnfrmtnfbacc.ftp.sh/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashdf29723bcb74a85c5c96480c13c9b78b b3c06a500837c4260dc0ff4eb719bfe473a8022c 3148704728a654bcaafa9b22db1bd56db8f6c8a2bb0eaf41b3b8c2a6628fc536
GET /css?family=Khula&display=swap&.css HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:23:08 GMT
date: Fri, 10 May 2024 07:23:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accscnfrmtnfbacc.ftp.sh/asset/sound-mobile.svg | 103.181.142.63 | 200 OK | 1.1 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/sound-mobile.svg IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typeSVG Scalable Vector Graphics image Hashebd8798bc32c86494851a07770e04e63 b5461dc8f5f5f848033441d506ee05d48742438b 9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/sound-mobile.svg HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:08 GMT
etag: "951-663bb0be-fc8fb;gz"
last-modified: Wed, 08 May 2024 17:05:02 GMT
content-type: image/svg+xml
content-length: 1092
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 10 May 2024 07:23:08 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/Lock.png | 103.181.142.63 | 200 OK | 3.0 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/Lock.png IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typePNG image data, 117 x 120, 8-bit/color RGBA, non-interlaced Hash2e00ac35746887d77fada7370b8d5e42 a0d8c20d749b3e63e93282d7ba90b35be9c15458 9fc2fe17fa35dc50cbac42366d82e564d0a6e29a6b18f966ba78641b92850514
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/Lock.png HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:08 GMT
etag: "bab-663bb0bb-fc8f7;;;"
last-modified: Wed, 08 May 2024 17:04:59 GMT
content-type: image/png
content-length: 2987
accept-ranges: bytes
date: Fri, 10 May 2024 07:23:08 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 216.58.207.227 | 200 OK | 3.3 kB |
URL GET HTTP/2fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP216.58.207.227:443
Requested byhttp://accscnfrmtnfbacc.ftp.sh/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 13:00:35 GMT
expires: Tue, 06 May 2025 13:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 325354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accscnfrmtnfbacc.ftp.sh/asset/metalock.png | 103.181.142.63 | 200 OK | 26 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/metalock.png IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typePNG image data, 483 x 482, 8-bit/color RGBA, non-interlaced Hashd9bef559aedbc918ebb7ecc8b4bb1dcd 9377521802f54c5db26beff2a61b456e28b260ba 0800a9ba4e13276927f4b3e2c4e2df4f30b9c4350c241b4a6ff963591f518176
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/metalock.png HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:08 GMT
etag: "64af-663bb0bd-fc8f9;;;"
last-modified: Wed, 08 May 2024 17:05:01 GMT
content-type: image/png
content-length: 25775
accept-ranges: bytes
date: Fri, 10 May 2024 07:23:08 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/icon.png | 103.181.142.63 | 404 Not Found | 705 B |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/icon.png IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash30a9aa3e2018df9e4d5a7dea65c283f6 6abb0707a87dd0140ae3488c3f2a378726e2ca53 230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/icon.png HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Fri, 10 May 2024 07:23:09 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/sound-mobile.png | 103.181.142.63 | 200 OK | 52 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/sound-mobile.png IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typePNG image data, 1138 x 1138, 8-bit/color RGBA, non-interlaced Hash78aea8095f96a7cb42ac2b9aac854496 ed52f502bf0db4731c475c3c9828dd30aab3536a c150037ca397366d56aa0b6bba6a1dc69898a62ff25777e3a180ba56beaea0e0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/sound-mobile.png HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:08 GMT
etag: "cca3-663bb0be-fc8fa;;;"
last-modified: Wed, 08 May 2024 17:05:02 GMT
content-type: image/png
content-length: 52387
accept-ranges: bytes
date: Fri, 10 May 2024 07:23:08 GMT
server: LiteSpeed
connection: Keep-Alive
|
|
| accscnfrmtnfbacc.ftp.sh/asset/sound-mobile.png | 103.181.142.63 | 200 OK | 52 kB |
URL GET HTTP/1.1accscnfrmtnfbacc.ftp.sh/asset/sound-mobile.png IP103.181.142.63:80 ASN#136052 PT Cloud Hosting Indonesia
Requested byhttp://accscnfrmtnfbacc.ftp.sh/
File typePNG image data, 1138 x 1138, 8-bit/color RGBA, non-interlaced Hash78aea8095f96a7cb42ac2b9aac854496 ed52f502bf0db4731c475c3c9828dd30aab3536a c150037ca397366d56aa0b6bba6a1dc69898a62ff25777e3a180ba56beaea0e0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.ftp .sh Domain |
GET /asset/sound-mobile.png HTTP/1.1
Host: accscnfrmtnfbacc.ftp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://accscnfrmtnfbacc.ftp.sh/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 07:23:09 GMT
etag: "cca3-663bb0be-fc8fa;;;"
last-modified: Wed, 08 May 2024 17:05:02 GMT
content-type: image/png
content-length: 52387
accept-ranges: bytes
date: Fri, 10 May 2024 07:23:09 GMT
server: LiteSpeed
connection: Keep-Alive
|
|