fullexpert.byethost7.com/Panel/gate.php/
64.190.63.136200 OK 489 B URL User Request GET HTTP/1.1 fullexpert.byethost7.com/Panel/gate.php/
IP 64.190.63.136:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 86658eba55a55e2bda7776373eccefb6
e813aab7036f5bb3ea7ff09fa4668a20b7128987
f1ee99a5d9701bdd57d90d01b04b829e9155e4874f1e02482bc915312660cbdc
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET To gate.php with no Referer
GET /Panel/gate.php/ HTTP/1.1
Host: fullexpert.byethost7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 06 Jun 2023 18:47:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 06 Jun 2023 18:47:58 GMT
x-cache-miss-from: parking-8b8f7865d-p94bq
server: NginX
content-encoding: gzip
sedoparking.com/frmpark/byethost7.com/sedopark/park.js
64.190.63.136200 OK 593 B URL GET HTTP/1.1 sedoparking.com/frmpark/byethost7.com/sedopark/park.js
IP 64.190.63.136:80
Requested by http://fullexpert.byethost7.com/Panel/gate.php/
File type ASCII text, with very long lines (987)
Hash 3ac5781c3719358fe5f0fb6bf0f32d04
a3a4b95d081b87a53f532391605ddd7dc0400f2c
bdd0c8d0b96de3f12c893f286c7fc4f338e490a8b058fef2a5813268db7ded80
GET /frmpark/byethost7.com/sedopark/park.js HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fullexpert.byethost7.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 06 Jun 2023 18:47:58 GMT
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
x-cache-miss-from: parking-8b8f7865d-7h422
server: NginX
content-encoding: gzip
fullexpert.byethost7.com/favicon.ico
64.190.63.136403 Forbidden 110 B URL GET HTTP/1.1 fullexpert.byethost7.com/favicon.ico
IP 64.190.63.136:80
Requested by http://fullexpert.byethost7.com/Panel/gate.php/
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8b181bb6767bc5795dcf17341a387e5b
b5e2a9fb1f8a4aad3c7127c769af4c780b47bef4
32cbc376cd769a26d108ae31678f975b863b7066e110c59d9a212c7281bd8c81
GET /favicon.ico HTTP/1.1
Host: fullexpert.byethost7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fullexpert.byethost7.com/Panel/gate.php/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
date: Tue, 06 Jun 2023 18:47:58 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip