IP162.255.119.102:0
File typeHTML document, ASCII text Hash433644378c392985c9e8b3a325297609 93b53ac0e5619f9cc3d4c3218c4b60c7560d1176 5b41973d04dc79f0027c026d9f7669898f210fae1405b6a2c7fbc2629a668962
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | low | ET INFO Namecheap URL Forward |
GET / HTTP/1.1
Host: gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 18 Apr 2024 18:35:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 46
Connection: keep-alive
Location: http://www.gahyqah.com/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
|
IP91.195.240.19:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10840) Hashf27106890d74614327301c319fb98ec3 91cadcdeb43036f31354b96c6d3a26aa5077bd3c eaacba24e8087d49fc2d54391cf102fa483ea92397667342bdecc1de6d359652
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 18:35:32 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zT/f8adkyefXdngF3PcZKajCiX8/L1YrGexpt8F8k/w6SnjXg6F7yzd7q2VEZa5FcwVV2cKi/CLoe+GC6BhGcA==
last-modified: Thu, 18 Apr 2024 18:35:32 GMT
x-cache-miss-from: parking-d5776bf9c-fl4xd
server: NginX
content-encoding: gzip
|
IP23.253.46.64:0
File typeHTML document, ASCII text, with CRLF line terminators Hash5343c1a8b203c162a3bf3870d9f50fd4 04b5b886c20d88b57eea6d8ff882624a4ac1e51d dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 18:35:23 GMT
Content-Length: 1245
|
IP23.253.46.64:0
File typeHTML document, ASCII text, with CRLF line terminators Hash5343c1a8b203c162a3bf3870d9f50fd4 04b5b886c20d88b57eea6d8ff882624a4ac1e51d dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gahyqah.com/login.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 18:35:23 GMT
Content-Length: 1245
|