URL User Request GET HTTP/1.1IP61.219.44.190:80 ASN#3462 Data Communication Business Group
File typeHTML document, ASCII text Hashd10d7a45a7e195998eeb004a033c1645 f83f4cf335a50e3bd203058e2fa18aef54a9f779 47d4b43aee65c7b13d8727c5adbf79d269cc318918fd4ba4eec1f50c1499966f
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET / HTTP/1.1
Host: 17so.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: 100hub.com
Date: Thu, 18 Apr 2024 10:05:21 GMT
Content-Type: text/html
Content-Length: 423
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 22 Nov 2023 14:37:33 GMT
ETag: "1a7-60abea8dee52b"
Accept-Ranges: bytes
X-Powered-By: PleskLin
|
| www.googletagmanager.com/gtag/js?id=G-GK9PGL04WW | 142.250.74.40 | 200 OK | 100 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-GK9PGL04WW IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size100 kB (100161 bytes) Hash47e6e60d1c276a44d6b0eaa5e6b2faf3 5a794bc0efbbc76b8f1c506c14a60a2b2ea0ff75 adaecdbdebc6c5816fce249b3053e948a5e897abb40cb238632ee8b0a9934a15
GET /gtag/js?id=G-GK9PGL04WW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://17so.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 10:05:21 GMT
expires: Thu, 18 Apr 2024 10:05:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100161
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
IP61.219.44.190:80 ASN#3462 Data Communication Business Group
File typeMS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Size114 kB (113459 bytes) Hash1db747255c64a30f9236e9d929e986ca 384023452346aa087d40c93c23ca2f5e32ff1b1f 88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to Suspicious *.life Domain |
GET /favicon.ico HTTP/1.1
Host: 17so.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://17so.life/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: 100hub.com
Date: Thu, 18 Apr 2024 10:05:22 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 113459
Last-Modified: Wed, 22 Nov 2023 13:23:04 GMT
Connection: keep-alive
ETag: "655e00b8-1bb33"
X-Powered-By: PleskLin
Accept-Ranges: bytes
|