IP3.33.152.147:0
File typeHTML document, ASCII text Hash94ca590d242c946d5e9d2bcfa0450583 9cbc295a24ad24f31c5dda22a769083bbfc73cdc cf836eda46537fff122cf4698c7db8b372b54ec72ee3267de21bee3429d7d250
NIDS | Severity | Alert | suricata | medium | ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2 | suricata | medium | ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2 |
GET / HTTP/1.1
Host: coronavirus.forsale
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 19:49:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 208
Connection: keep-alive
Location: https://www.afternic.com/forsale/coronavirus.forsale?utm_source=TDFS&utm_medium=sn_affiliate_click&utm_campaign=TDFS_GoDaddy_DLS&traffic_type=TDFS&traffic_id=GoDaddy_DLS
Server: ip-100-74-4-197.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: e76ba30b-0292-4104-8c58-01927d7ecd33
|
| www.afternic.com/forsale/coronavirus.forsale?utm_source=TDFS&utm_medium=sn_affiliate_click&utm_campaign=TDFS_GoDaddy_DLS&traffic_type=TDFS&traffic_id=GoDaddy_DLS | 95.101.10.128 | | 56 kB |
URL www.afternic.com/forsale/coronavirus.forsale?utm_source=TDFS&utm_medium=sn_affiliate_click&utm_campaign=TDFS_GoDaddy_DLS&traffic_type=TDFS&traffic_id=GoDaddy_DLS IP95.101.10.128:0 ASN#20940 Akamai International B.V.
File typegzip compressed data, from Unix Hash41aeade217b87ede7e03cd640d2b30a0 38666ff1b2894ae5fa86576e7549c9339c9fdc28 a95f19c3cda5d04c270985e0a9986e27c060002215cfb4decb95af2928f3ea58
GET /forsale/coronavirus.forsale?utm_source=TDFS&utm_medium=sn_affiliate_click&utm_campaign=TDFS_GoDaddy_DLS&traffic_type=TDFS&traffic_id=GoDaddy_DLS HTTP/1.1
Host: www.afternic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 166
server: envoy
x-akamai-transformed: 9 - 0 pmb=mTOE,2mRUM,1
content-encoding: gzip
date: Fri, 10 May 2024 19:49:20 GMT
vary: Accept-Encoding
set-cookie: fb_sessiontraffic=S_TOUCH=&pathway=64579159-2329-4fab-98ae-af6d5d7fa776&V_DATE=&pc=0; Path=/; Domain=afternic.com; Expires=Fri, 10 May 2024 20:09:20 GMT
pathway=64579159-2329-4fab-98ae-af6d5d7fa776; Path=/; Domain=afternic.com; Expires=Fri, 10 May 2024 20:09:20 GMT
visitor=vid=64579159-2329-4fab-98ae-af6d5d7fa776; Path=/; Domain=afternic.com; Expires=Fri, 09 May 2025 19:49:20 GMT
_policy={"restricted_market":true,"tracking_market":"explicit"}; Path=/; Domain=afternic.com; Expires=Sat, 10 May 2025 19:49:20 GMT
market=nb-NO; expires=Sat, 10-May-2025 19:49:20 GMT; path=/; domain=.afternic.com
_abck=71AD43EA894C557BFEDAD7E21E5A8BBE~-1~YAAQfAplX7EScVePAQAAM4wNZAsl/fb10aXUV8vLi5Ykeww5WuC9NMO2BzC+xlp/DX3Yjy4seyS5fOfABheVg864eAQEzGASTtgmGEtZcM+M8uMQS6JTDLaffk8/SI6zscuXjswTf58QgzJVKxh6QAF5kAgEle81gC8f/d2q0H9Lmg12apk+lk54RF4qKYqDuvKJ5Cq7+AEsM82ZTzeiq8iJxaZqJuPBD2fCe7ZQTlYP1y9+BfJfUmIXQO5jc8Lz2itSiywYA/8VJYXvG6OJgSvuUynBn32Uw2QB9XCUqZg7eZBypqLfSmDHl+i2M92D4E0ZjZ/mQwxZES0UtApKES7ibrIraIounOWJFTyTulooxaqKjdYZHAXXnGBFtG4PfGE/Lgc20yyt~-1~-1~-1; Domain=.afternic.com; Path=/; Expires=Sat, 10 May 2025 19:49:20 GMT; Max-Age=31536000; Secure
bm_mi=6166F2614A922CB423E81A073E2DC533~YAAQfAplX7IScVePAQAAM4wNZBc6Z58QAQD/hUrpUe6oK2c2j5p8zI9/R6Slsr8/R4W1C/11oCyEhabzCScwKaWlkhCvtLGhjx2HvCelJaBUntFgn4Or7bb0EAhuITIzqemweUbk7fQKS1db6nH+FBOR8MEkANTGG01tf3MKI6CnTbo4RSE/MCzwEqV2XCgNSRmH4bFOrkqvmpPVl2iW92TkT0C0KHCYG1fcqHi4OpajTamhWDGru6A8Z43G9q8bdclnCpk5Bq75hT90SqPWmCoQGAnCD18tZ4n5hYFaCJYV7V8STXFs0f+I+UCh0/PMhAq3tNsl0ySn3xz0Z70pxq72/ofG+11kpSA=~1; Domain=.afternic.com; Path=/; Expires=Fri, 10 May 2024 19:49:20 GMT; Max-Age=0; Secure
bm_sz=8D09787062668F51F754430CD136844B~YAAQfAplX7MScVePAQAAM4wNZBezrNEOao/zefnuQt/l7gsIm9eF6R7STwHVGmxYH2RRDfg049aGGDUJjCDqCaHPHuFdh5f7VlxLlrr0qK/CHe343SWCQKoM913drseJBwpP0cg3s7ZjzLHiNQQq2iB5bYM6MhfPJ0ntC8+jq0zjOBamkGirEAeViEPydsaSrcOebM+FuE4QM8EZW/itHXGeVHbAnLBUH/RPquexlnnS5FWY6D6F86mQmPWkEkEa/0qG7cWgWPyzZH6lXNbk9mczMAtHVl21Klk1xCAucFT+XBMjDvvqXptjkWqk7V7G4UTCcmSmHjt+S5yqjVVDOK9SiPeHf0yvL5eAWbcJdxjTPpVTj6kx1A==~3294022~3424582; Domain=.afternic.com; Path=/; Expires=Fri, 10 May 2024 23:49:20 GMT; Max-Age=14400
x-arc: 2
X-Firefox-Spdy: h2
|