IP195.20.52.121:0 ASN#31624 Verotel International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.ga domain |
GET / HTTP/1.1
Host: 254nt.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301
Server: nginx
Date: Thu, 01 Jun 2023 17:05:03 GMT
Content-Length: 0
Connection: keep-alive
Location: http://match4single.xyz
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
IP192.64.119.162:0
File typeHTML document, ASCII text Hashcde15b1177b2373c85b0e84309369da2 06c0ab36c35147bb0d5981d0c5a75449e084fb81 bcf3428b613ec829710f9d5a5380ba41ca578ceeb2624323037b037bf35d212a
GET / HTTP/1.1
Host: match4single.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 01 Jun 2023 17:05:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 61
Connection: keep-alive
Location: https://sites.google.com/view/xwyhc7qp
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
|
IP142.250.74.3:0
Hashaaa62c1792576f29afd83c721c769ae2 a91969d4ec40a18844781b9364d60e9ae0cb1b52 3ef969ba686248b09252da03a2effad7d8e09e7192ae1daa6e3b8d0240405c43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 17:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|