172.67.161.143403 Forbidden 4.3 kB URL User Request GET HTTP/2 IP 172.67.161.143:443
Certificate IssuerGoogle Trust Services LLC
Subjectxbabinxx.top
Fingerprint60:45:DA:A1:DB:62:25:67:6E:53:EC:30:77:30:B8:96:50:2A:35:5E
ValidityWed, 26 Apr 2023 00:56:41 GMT - Tue, 25 Jul 2023 00:56:40 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1001)
Hash 039ff8c2b48d975a42ca5dd0b9f86f08
6b637a9eae8e406f10c7fd8e68ce67bbca6cf7bb
72421fbc7baf0b2d5aa7e78d6efe6c4e7036d73404d2317d8c4fe9cc58289cd9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: gxskg.xbabinxx.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 01 Jun 2023 05:10:34 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8EinXW6Z3Tjhh2Dax1Xm4HiWpHbrgJvMmca9erBhAA2u8wd6gPUJEXBQFL0d9%2BBkf6FS7619t8iJ40219ZeuAnXA8HuWMCiNra0Q%2BAjRRfGorzzjRhWyPuDEcSyMNWcEXyXa1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d04f3748d5eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gxskg.xbabinxx.top/cdn-cgi/styles/errors.css
104.21.57.83200 OK 1.9 kB URL GET HTTP/1.1 gxskg.xbabinxx.top/cdn-cgi/styles/errors.css
IP 104.21.57.83:80
Requested by http://gxskg.xbabinxx.top/
File type ASCII text, with very long lines (6205), with no line terminators
Hash fe09856beaff5d48a34796587e849b7b
e92a56ee85880c5dd593e9f0a49517d7598a07fd
574b098b0c3e4a12f959bafb73cfa857b414f27ebe854f3910b3a45651ff7a0f
GET /cdn-cgi/styles/errors.css HTTP/1.1
Host: gxskg.xbabinxx.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gxskg.xbabinxx.top/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 05:10:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 08:39:03 GMT
ETag: W/"646f1ea7-183d"
Server: cloudflare
CF-RAY: 7d04f3773b6ab517-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 01 Jun 2023 07:10:35 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
gxskg.xbabinxx.top/cdn-cgi/images/external.png
172.67.161.143200 OK 265 B URL GET HTTP/1.1 gxskg.xbabinxx.top/cdn-cgi/images/external.png
IP 172.67.161.143:80
Requested by http://gxskg.xbabinxx.top/
File type PNG image data, 24 x 24, 4-bit colormap, non-interlaced\012- data
Hash cb09a55c92c63ed227cf14f2b7f23601
a97780adf99f6dcc0e88dba36cd11df267098271
9f03b2b292f718119a8203689d05692e054f1059112c981c1e20dec82e9f2ddb
GET /cdn-cgi/images/external.png HTTP/1.1
Host: gxskg.xbabinxx.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gxskg.xbabinxx.top/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 05:10:35 GMT
Content-Type: image/png
Content-Length: 265
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: "6476144a-109"
Server: cloudflare
CF-RAY: 7d04f3774f2bb4ee-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 01 Jun 2023 07:10:35 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
performance.radar.cloudflare.com/beacon.js
104.18.30.78200 OK 8.4 kB URL GET HTTP/2 performance.radar.cloudflare.com/beacon.js
IP 104.18.30.78:443
Requested by http://gxskg.xbabinxx.top/
Certificate IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintFE:EA:F1:74:79:25:BC:59:5B:45:EB:7A:CB:F3:03:91:C3:A4:B2:A0
ValidityFri, 22 Jul 2022 00:00:00 GMT - Fri, 21 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (18811)
Hash c29da379f73edd7bfdd29e55baa92d7c
99c3780e9c994f99eaa6db4c1d96d49699652695
7dd279494fd3c82fdd59df2a77bd5af5cca686c4fbd29ca7b18888a318d0c322
GET /beacon.js HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:10:35 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
access-control-allow-headers: *
access-control-allow-methods: *
timing-allow-origin: *
set-cookie: __cf_bm=g7L8fWwLpBjZ7WbDoYabhfje8vU_Vd0OT7_cyo.Zicw-1685596235-0-AXNXMOqPLKopud6SVUJoiuYm5v6eifQHi5js1ZUCTGyVei5r5pDEkdBSqKiAvL+wK058gM0jj3a+EvlYpFVWCtw=; path=/; expires=Thu, 01-Jun-23 05:40:35 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 7d04f3775d27b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gxskg.xbabinxx.top/favicon.ico
172.67.161.143403 Forbidden 5.7 kB URL GET HTTP/1.1 gxskg.xbabinxx.top/favicon.ico
IP 172.67.161.143:80
Requested by http://gxskg.xbabinxx.top/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5968), with no line terminators
Hash f2fef6508812b1a1fd5a91e302440a7c
77004b222b6af3ebd9f7a6fba5629e622ee7fa09
9ff412dcc2b85548f2cef89709383492b6647c78e6eb68415fd2c6288b53391b
GET /favicon.ico HTTP/1.1
Host: gxskg.xbabinxx.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gxskg.xbabinxx.top/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 01 Jun 2023 05:10:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2y52lkWL7GcOvKZflkASQC4%2FGtucoEa03dt%2FajRm4gP2Kof5IXVgnb3M7aL761C5ZzuYLYYE18pI%2FV7UAT7e%2BNbK36%2Ffs%2FsKJJd5jqmrXej8jZHwi0tJzwVA8P2%2FsukCa%2F5aSQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d04f378085fb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60