IP104.18.14.101:0
Hash7525cd5104410cbba6cbee2de176f119 b408e815abfc1bdb8da02bd1a46bad5453062b5a 19905d1f4956670e9a09fb94e793d969882eee4382f34f20ffcb53d1f3eb6863
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:46:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 13:26:11 GMT
Expires: Mon, 05 Jun 2023 13:26:10 GMT
Etag: "b408e815abfc1bdb8da02bd1a46bad5453062b5a"
Cache-Control: max-age=301918,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0c06123eaf0b65-OSL
|
| tonyfaison.com/htamesly.hta | 50.87.144.53 | 200 OK | 0 B |
URL User Request GET HTTP/1.1tonyfaison.com/htamesly.hta IP50.87.144.53:80 ASN#46606 UNIFIEDLAYER-AS-1
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET POLICY Possible HTA Application Download |
GET /htamesly.hta HTTP/1.1
Host: tonyfaison.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:46:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
|
| tonyfaison.com/favicon.ico | 50.87.144.53 | 200 OK | 0 B |
URL GET HTTP/1.1tonyfaison.com/favicon.ico IP50.87.144.53:80 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttp://tonyfaison.com/htamesly.hta
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: tonyfaison.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tonyfaison.com/htamesly.hta
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:46:40 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|