| www.git.git.store.prometeus.su/ | 185.215.4.10 | 403 Forbidden | 276 B |
URL User Request GET HTTP/1.1www.git.git.store.prometeus.su/ IP185.215.4.10:80
File typeHTML document, ASCII text, with very long lines (373), with no line terminators Hasha397ba56bc68bf39fec200cc97583e98 6280406b09955a1d78f6b08836006bb8b6618e54 9116cc707964e7e4c5fcf01857064dec6003fac143a2b0bf16dc93d656092cbd
NIDS | Severity | Alert | suricata | medium | ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related | suricata | medium | ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related |
GET / HTTP/1.1
Host: www.git.git.store.prometeus.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=OF6WqS9uU31Nkwoz8UZv; Domain=.prometeus.su; HttpOnly; Path=/; Expires=Sat, 10-May-2025 08:31:33 GMT
Date: Fri, 10 May 2024 08:31:33 GMT
Content-Type: text/html
Content-Encoding: gzip
Transfer-Encoding: chunked
|
| globessl.ocsp.sectigo.com/ | 104.18.38.233 | | 471 B |
URL globessl.ocsp.sectigo.com/ IP104.18.38.233:0
Hasheb47c359588e6904a4c588e8cd0aa257 1ab1ac3ffbf82241e7b0fbeb01d5b74f3e5f0e8e 30993b86903624a16d357f051159413e089bf3357ff15d9167ea20f20ed3b482
POST / HTTP/1.1
Host: globessl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:31:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 22:19:45 GMT
Expires: Wed, 15 May 2024 22:19:44 GMT
Etag: "1ab1ac3ffbf82241e7b0fbeb01d5b74f3e5f0e8e"
Cache-Control: max-age=481231,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881892df6ed856b7-OSL
|
| www.git.git.store.prometeus.su/favicon.ico | 185.215.4.10 | 403 Forbidden | 146 B |
URL GET HTTP/1.1www.git.git.store.prometeus.su/favicon.ico IP185.215.4.10:80
Requested byhttp://www.git.git.store.prometeus.su/
File typeHTML document, ASCII text, with CRLF line terminators Hash9fe3cb2b7313dc79bb477bc8fde184a7 4d7b3cb41e90618358d0ee066c45c76227a13747 32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
NIDS | Severity | Alert | suricata | medium | ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related | suricata | medium | ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related |
GET /favicon.ico HTTP/1.1
Host: www.git.git.store.prometeus.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.git.git.store.prometeus.su/
Cookie: __ddg1_=OF6WqS9uU31Nkwoz8UZv
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 08:31:32 GMT
Content-Type: text/html
Content-Length: 146
|
IP5.181.161.8:0 ASN#205282 Tilda Publishing Ltd.
Requested byhttp://www.git.git.store.prometeus.su/ CertificateIssuerCentralNic Luxembourg Sàrl Subject*.tilda.ws Fingerprint07:50:81:E7:70:4A:BF:3D:F8:12:D6:B8:23:46:99:4A:C2:F9:85:DE ValidityTue, 04 Jul 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash1e34d43b9110340d0fe0f0ede936faa5 09f6e399b9c28660da57a5df40fba968462f478c 9c56e67175aa23746e1e8c2195fe305ba171c31009a6e19c95dfa98629b678aa
GET /img/logo404.png HTTP/1.1
Host: tilda.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.git.git.store.prometeus.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 08:31:34 GMT
content-type: image/png
last-modified: Thu, 04 Jun 2015 16:27:32 GMT
x-host: tilda.ws
content-encoding: gzip
x-tilda-server: 8
X-Firefox-Spdy: h2
|