| gecu-upgrade.from-tx.com/ | 152.42.244.54 | | 793 B |
URL gecu-upgrade.from-tx.com/ IP152.42.244.54:0
File typeHTML document, ASCII text Hashc8fe84bcabd250a27fcb016318479703 4ace7853954bf0b79c61ac5db272110c848b2c41 0b7dd7400bb1a1b50a73b55f4de651bedca85e77fd43d70c774a5a904cbf1dbe
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.from-tx .com Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.from-tx .com Domain |
GET / HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:16:17 GMT
Server: Apache
Content-Length: 793
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=dfff0b7dc1d2656c0da1e278ffabc007Cloudfare.php?id=ba6349247132853c5959b8ffd3e21c72Cloudfare.php?id=bff725f7e58e066f4703853c854547c0Cloudfare.php?id=10e1c988abc26d444df2b2fa6c8ae4a7 | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=dfff0b7dc1d2656c0da1e278ffabc007Cloudfare.php?id=ba6349247132853c5959b8ffd3e21c72Cloudfare.php?id=bff725f7e58e066f4703853c854547c0Cloudfare.php?id=10e1c988abc26d444df2b2fa6c8ae4a7 IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.from-tx .com Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.from-tx .com Domain |
GET /x/login.php/Cloudfare.php?id=dfff0b7dc1d2656c0da1e278ffabc007Cloudfare.php?id=ba6349247132853c5959b8ffd3e21c72Cloudfare.php?id=bff725f7e58e066f4703853c854547c0Cloudfare.php?id=10e1c988abc26d444df2b2fa6c8ae4a7 HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:17 GMT
Server: Apache
Location: Cloudfare.php?id=f4ba27f56be6ff9da9942f6742281526
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=f4ba27f56be6ff9da9942f6742281526 | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=f4ba27f56be6ff9da9942f6742281526 IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=f4ba27f56be6ff9da9942f6742281526 HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:20 GMT
Server: Apache
Location: Cloudfare.php?id=0fbd8227ba432b1a6dcc0497d1303042
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=0fbd8227ba432b1a6dcc0497d1303042 | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=0fbd8227ba432b1a6dcc0497d1303042 IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=0fbd8227ba432b1a6dcc0497d1303042 HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:21 GMT
Server: Apache
Location: Cloudfare.php?id=a39a3942c69c979bfb564525cfa2047f
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=a39a3942c69c979bfb564525cfa2047f | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=a39a3942c69c979bfb564525cfa2047f IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=a39a3942c69c979bfb564525cfa2047f HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:22 GMT
Server: Apache
Location: Cloudfare.php?id=baea138e891b632de546dc6fd0cebcc6
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=baea138e891b632de546dc6fd0cebcc6 | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=baea138e891b632de546dc6fd0cebcc6 IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=baea138e891b632de546dc6fd0cebcc6 HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:23 GMT
Server: Apache
Location: Cloudfare.php?id=f8e6fd0b05b4520ccbb8dd8762fb09ee
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=f8e6fd0b05b4520ccbb8dd8762fb09ee | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=f8e6fd0b05b4520ccbb8dd8762fb09ee IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=f8e6fd0b05b4520ccbb8dd8762fb09ee HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:25 GMT
Server: Apache
Location: Cloudfare.php?id=15b0b0f4c850f0918125f909829694a2
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=15b0b0f4c850f0918125f909829694a2 | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=15b0b0f4c850f0918125f909829694a2 IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=15b0b0f4c850f0918125f909829694a2 HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:28 GMT
Server: Apache
Location: Cloudfare.php?id=1d198d7faeeac974b38edd2f5ca1164e
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=1d198d7faeeac974b38edd2f5ca1164e | 152.42.244.54 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=1d198d7faeeac974b38edd2f5ca1164e IP152.42.244.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=1d198d7faeeac974b38edd2f5ca1164e HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 11:16:31 GMT
Server: Apache
Location: Cloudfare.php?id=38d874c8012191ece2ed5b5c64b94287
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=38d874c8012191ece2ed5b5c64b94287 | 0.0.0.0 | | 0 B |
URL User Request GET gecu-upgrade.from-tx.com/x/login.php/Cloudfare.php?id=38d874c8012191ece2ed5b5c64b94287 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/login.php/Cloudfare.php?id=38d874c8012191ece2ed5b5c64b94287 HTTP/1.1
Host: gecu-upgrade.from-tx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|