| 173.209.208.194/robots.txt.exe | 173.209.208.194 | 302 Object Moved | 1.2 kB |
URL User Request GET HTTP/1.1173.209.208.194/robots.txt.exe IP173.209.208.194:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1181), with no line terminators Hashf89e03b34b57bd8e3c6beafe262a7729 71fb25c7fc4e8c3160e4277ddd01cf752f02ae4e 875bbc16411287567787bd1e4b5c868e03ee9b058ac218ec808d10cb18f967f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO Executable Download from dotted-quad Host |
GET /robots.txt.exe HTTP/1.1
Host: 173.209.208.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Object Moved
Location: https://bnc-businessmessaging.att.com/robots.txt.exe
Content-Type: text/html
Cache-Control: private
Connection: close
|
| bnc-businessmessaging.att.com/favicon.ico | 173.209.208.194 | 404 | 1.1 kB |
URL GET HTTP/1.1bnc-businessmessaging.att.com/favicon.ico IP173.209.208.194:443
Requested byhttps://bnc-businessmessaging.att.com/robots.txt.exe CertificateIssuerDigiCert Inc Subjectbnc-businessmessaging.att.com Fingerprint6F:AB:87:EA:E5:8D:B8:6C:87:6D:9B:74:5B:8A:F6:40:69:F3:2E:20 ValidityWed, 21 Feb 2024 00:00:00 GMT - Thu, 13 Mar 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1061), with no line terminators Hash6ce1df5b6eda56c5dae26dfd262c17bf 6f7165fd1cc3fa5b00dad91d81247826f7bc30de 4b5891a4567e39f128ae00180363fb7631182e6e99a7597e03398fcefffb3807
GET /favicon.ico HTTP/1.1
Host: bnc-businessmessaging.att.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bnc-businessmessaging.att.com/robots.txt.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404
Server: Tengine
Date: Thu, 18 Apr 2024 19:12:24 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 1065
Connection: keep-alive
Content-Language: en
|
| bnc-businessmessaging.att.com/robots.txt.exe | 173.209.208.194 | 404 | 1.1 kB |
URL User Request GET HTTP/1.1bnc-businessmessaging.att.com/robots.txt.exe IP173.209.208.194:443
CertificateIssuerDigiCert Inc Subjectbnc-businessmessaging.att.com Fingerprint6F:AB:87:EA:E5:8D:B8:6C:87:6D:9B:74:5B:8A:F6:40:69:F3:2E:20 ValidityWed, 21 Feb 2024 00:00:00 GMT - Thu, 13 Mar 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1072), with no line terminators Hash26c2c37ef0e38f700c9abc4f37d3e3d4 01bcf053d08372ce459fc71c58c7185106b19eba 19d74bfea0e60eb081f3ca993616cceb0370f28a62b1ec42712e8e37dc1231fe
GET /robots.txt.exe HTTP/1.1
Host: bnc-businessmessaging.att.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404
Server: Tengine
Date: Thu, 18 Apr 2024 19:12:24 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 1068
Connection: keep-alive
Content-Language: en
|