| fjkz52znn2.251110com-dh.top/ | 154.40.48.249 | 302 Found | 23 kB |
URL User Request GET fjkz52znn2.251110com-dh.top/ IP 154.40.48.249:443
CertificateIssuerLet's Encrypt Subjectwww.251110.com FingerprintCC:DB:4D:21:20:13:E0:2A:1A:D7:A3:82:6D:8B:0A:D0:3E:D5:95:AD ValidityTue, 11 Mar 2025 03:52:43 GMT - Mon, 09 Jun 2025 03:52:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET / HTTP/1.1
Host: fjkz52znn2.251110com-dh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 04 Apr 2025 02:49:27 GMT
content-type: text/html; charset=UTF-8
location: https://T24HnmaAa8.251110com-dh.top/demo/
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
| t24hnmaaa8.251110com-dh.top/demo/ | 154.40.48.249 | 200 OK | 23 kB |
URL User Request GET t24hnmaaa8.251110com-dh.top/demo/ IP 154.40.48.249:443
CertificateIssuerLet's Encrypt Subjectwww.251110.com FingerprintCC:DB:4D:21:20:13:E0:2A:1A:D7:A3:82:6D:8B:0A:D0:3E:D5:95:AD ValidityTue, 11 Mar 2025 03:52:43 GMT - Mon, 09 Jun 2025 03:52:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /demo/ HTTP/1.1
Host: t24hnmaaa8.251110com-dh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Apr 2025 02:49:27 GMT
content-type: text/html
last-modified: Tue, 15 Oct 2024 11:02:57 GMT
vary: Accept-Encoding
etag: W/"670e4be1-59a0"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|