IP192.230.77.86:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.revitcity .com Domain |
GET / HTTP/1.1
Host: www.revitcity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://www.revitcity.com/
Content-Length: 0
Connection: close
|
| www.revitcity.com/login.php:rominarigby:$$$$$$$$$$ | 192.230.77.86 | | 4.6 kB |
URL User Request GET www.revitcity.com/login.php:rominarigby:$$$$$$$$$$ IP192.230.77.86:0
File typeHTML document, ASCII text, with very long lines (2754), with CRLF, LF line terminators Hash9f1f7136ce08a95e47818dd5c593e412 e519f7aeb63c474498de9f01e736f018550e9cf7 04a039e2b19ee97cef4ff4ea3f98647f9ad6d387e593dcce4a166a19cf313821
GET /login.php:rominarigby:$$$$$$$$$$ HTTP/1.1
Host: www.revitcity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Thu, 18 Apr 2024 23:20:49 GMT
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: close
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: visid_incap_332179=y8mmwi2HSmGbj+4xHRiOT9KqIWYAAAAAQUIPAAAAAAAYiC/MSUY1+NHkuo6uwjPq; expires=Fri, 18 Apr 2025 23:20:34 GMT; HttpOnly; path=/; Domain=.revitcity.com
nlbi_332179=LhloJ5+EpwNBTYPMwDhw/QAAAAAOQsXCje/oJJkP3jRZXWhQ; path=/; Domain=.revitcity.com
incap_ses_277_332179=XZdMZ4253H5yvgacERrYA+KqIWYAAAAAch0ZTvxhIfuEGgymk0HFzg==; path=/; Domain=.revitcity.com
x-incap-sess-cookie-hdr: KyJfI41eWCFyvgacERrYA+KqIWYAAAAAP9cBkt+Y9lfFH2dG/kwCSg==
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-3056227-3056228 NNNN CT(116 263 0) RT(1713482450074 40) q(0 0 3 0) r(161 161) U11
|
IP192.230.77.86:0
File typeHTML document, ASCII text, with very long lines (2754), with CRLF, LF line terminators Hash36d52ce5393593500f57b39fefc3b535 14475c59fa5b16b8abbebadc478d66a6c230a95c b1eb1394f14e0ea943f467588d4d9ecfa3bb524d874909f3073bb97f54480043
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.revitcity .com Domain |
GET / HTTP/1.1
Host: www.revitcity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Date: Thu, 18 Apr 2024 23:20:52 GMT
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3
Location: http://www.revitcity.com/index.php
Cache-Control: max-age=1
Expires: Thu, 18 Apr 2024 23:20:53 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6020
Connection: close
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: visid_incap_332179=y8mmwi2HSmGbj+4xHRiOT9KqIWYAAAAAQUIPAAAAAAAYiC/MSUY1+NHkuo6uwjPq; expires=Fri, 18 Apr 2025 23:20:36 GMT; HttpOnly; path=/; Domain=.revitcity.com
nlbi_332179=IZhAbGjspSxbm1LRwDhw/QAAAABkTD+3nLnL3/tTIZxhd8R9; path=/; Domain=.revitcity.com
incap_ses_277_332179=4rW8OFNmFn1yvgacERrYA+OqIWYAAAAAzNNzri0jlz2aN+K5TWXfUw==; path=/; Domain=.revitcity.com
x-incap-sess-cookie-hdr: dGZrC5v8zAdyvgacERrYA+OqIWYAAAAA9KtWU07kPGWhaY2A6cQUjw==
X-CDN: Imperva
X-Iinfo: 11-5197717-5197721 NNNN CT(117 119 0) RT(1713482453083 28) q(0 0 2 0) r(143 143) U11
|
| www.revitcity.com/index.php | 192.230.77.86 | | 0 B |
URL www.revitcity.com/index.php IP192.230.77.86:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.revitcity .com Domain |
GET /index.php HTTP/1.1
Host: www.revitcity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://www.revitcity.com/index.php
Content-Length: 0
Connection: close
|