| |  104.21.38.185 | 200 OK | 822 B |
IP104.21.38.185:443
CertificateIssuerGoogle Trust Services Subjectsagopa.life Fingerprint53:D5:1D:5D:B9:AF:8E:F6:4A:23:D1:BA:EB:DA:37:39:9C:C0:FD:70 ValidityTue, 25 Mar 2025 16:03:53 GMT - Mon, 23 Jun 2025 17:02:27 GMT
File typeHTML document, ASCII text, with very long lines (844), with no line terminators Hash1b6f5e35928c8f3d41b15542a9c13f51 b7f5ab0177164400a7d76bd09ecea4c8328cfad4 233fe4335a2accb85a5e1910f5a61f49b6cab0da34862edf648f830a63095e01
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET / HTTP/1.1
Host: sagopa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 26 Mar 2025 06:23:22 GMT
content-type: text/html
server: cloudflare
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 92648f179d22712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET sagopa.life/aes.js | 104.21.38.185 | 200 OK | 14 kB |
IP104.21.38.185:443
CertificateIssuerGoogle Trust Services Subjectsagopa.life Fingerprint53:D5:1D:5D:B9:AF:8E:F6:4A:23:D1:BA:EB:DA:37:39:9C:C0:FD:70 ValidityTue, 25 Mar 2025 16:03:53 GMT - Mon, 23 Jun 2025 17:02:27 GMT
File typeASCII text, with very long lines (13733), with no line terminators Hashfc66e046447092c606f2587837f96874 fcf354a8044f494ee1f9fe868dde3f570f50e593 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
GET /aes.js HTTP/1.1
Host: sagopa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sagopa.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 26 Mar 2025 06:23:23 GMT
content-type: application/javascript
last-modified: Mon, 30 Oct 2023 22:35:04 GMT
etag: W/"65402f98-35a5"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KjcMrQrfOdRQ%2Fv5YNbItBkBN%2BWDp5CmZEb23XWXFOg%2FAWSGYGdW9GYXuSGSR3ursQXKgC%2BCP6M4AP3BaAZHHclh626rOsrMs4fKAZsxTUFRgdDGJQImdJEl9IXEHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92648f1a3efb712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3860&min_rtt=440&rtt_var=6813&sent=12&recv=15&lost=0&retrans=0&sent_bytes=4006&recv_bytes=1360&delivery_rate=8290076&cwnd=257&unsent_bytes=0&cid=cd52af2268d72c6b&ts=540&x=0"
X-Firefox-Spdy: h2
|
|
| | 104.21.38.185 | 200 OK | 1 B |
IP104.21.38.185:80
File typevery short file (no magic) Hashd1457b72c3fb323a2671125aef3eab5d 5bab61eb53176449e25c2c82f172b82cb13ffb9d 8a8de823d5ed3e12746a62ef169bcf372be0ca44f0a1236abc35df05d96928e1
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET /?i=1 HTTP/1.1
Host: sagopa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: __test=285e7e33d7b71ee102a789039be31e3d
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2025 06:23:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Expires: Wed, 26 Mar 2025 06:23:23 GMT
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLLXpML6u7%2BWJETYzvPOF2vh6jVThNYcM6p7xjkr8bGfN3wqu22Yy3Lh0%2FSqisxWntxm2klKGIPfUrhNrQ%2FJLhgQroBXIiSm52LUYlwv7v%2FABOXoen7pJL%2FAlE7xaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 92648f1b2dc00afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=416&min_rtt=416&rtt_var=208&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=449&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| GET sagopa.life/favicon.ico | 104.21.38.185 | 302 Found | 0 B |
IP104.21.38.185:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET /favicon.ico HTTP/1.1
Host: sagopa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sagopa.life/?i=1
Cookie: __test=285e7e33d7b71ee102a789039be31e3d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 26 Mar 2025 06:23:23 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://errors.infinityfree.net/errors/404/
Cache-Control: max-age=2592000
Expires: Fri, 25 Apr 2025 06:23:23 GMT
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFAVPpbjCyCyDXmSA6suKK1NzPHwWWDlbboDizFNoUSeVlfmXNpeYQKcUFFlttouFieDNQMbsRNLzOw0Xc9nU3ESub4Q7pT2kJ%2FDzpIuwslFjxh4H8pC53TUAEbz0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 92648f1c7e520afa-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=428&min_rtt=416&rtt_var=138&sent=4&recv=6&lost=0&retrans=0&sent_bytes=906&recv_bytes=849&delivery_rate=5678431&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| GET errors.infinityfree.net/errors/404/ | 104.26.8.174 | 404 Not Found | 0 B |
URL GET errors.infinityfree.net/errors/404/ IP104.26.8.174:443
CertificateIssuerGoogle Trust Services Subjectinfinityfree.net FingerprintD1:FD:1F:6B:F1:2D:40:CC:B2:49:D6:D0:23:19:A5:01:DC:5F:78:36 ValidityWed, 05 Mar 2025 19:50:23 GMT - Tue, 03 Jun 2025 20:50:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /errors/404/ HTTP/1.1
Host: errors.infinityfree.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sagopa.life/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 26 Mar 2025 06:23:23 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZ8QA3BHVswXeLVeQgEWy3lfbzZQ7g0wQ37cKxqE0qxx2cpN%2Bb%2BaR2IBhb1rDXqKMaZKvIIZF2Gq2eUMi1klsBRT5BNs%2BEIaLIRW8uccBDhgbgeqnCjcn74nElFsS7kD%2BYRz6RnsFoCn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92648f1d8af756ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=5758&min_rtt=476&rtt_var=10578&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3291&recv_bytes=1220&delivery_rate=7074918&cwnd=254&unsent_bytes=0&cid=a66fa6e319ab0644&ts=164&x=0"
X-Firefox-Spdy: h2
|
|