fisherritory.com/1O0j054nfc0x32t-2jwjsk1une00l0nabnj400001
212.129.15.242302 Found 0 B URL User Request GET HTTP/1.1 fisherritory.com/1O0j054nfc0x32t-2jwjsk1une00l0nabnj400001
IP 212.129.15.242:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET PHISHING Suspicious Redirect - Possible Phishing May 25 2016
GET /1O0j054nfc0x32t-2jwjsk1une00l0nabnj400001 HTTP/1.1
Host: fisherritory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 06 Jun 2023 21:07:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
X-Powered-By: PHP/7.4.33
Location: /out.php?email=jane-klein@juno.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fisherritory.com/out.php?email=jane-klein@juno.com
212.129.15.242 2.9 kB URL User Request GET fisherritory.com/out.php?email=jane-klein@juno.com
IP 212.129.15.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f05349052250a72820287f13032d8b1
b3c64fc9db514632b6d03aae778197da1c8db9ba
e01070fd0387263f9ea30b0f92fb9c203b3ef271dc6df3c05c504c2c343830ef
GET /out.php?email=jane-klein@juno.com HTTP/1.1
Host: fisherritory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 21:07:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
X-Powered-By: PHP/7.4.33
Content-Length: 2936
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fisherritory.com/favicon.ico
212.129.15.242200 OK 198 B URL GET HTTP/1.1 fisherritory.com/favicon.ico
IP 212.129.15.242:80
Requested by http://fisherritory.com/out.php?email=jane-klein@juno.com
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
GET /favicon.ico HTTP/1.1
Host: fisherritory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fisherritory.com/out.php?email=jane-klein@juno.com
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 21:07:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Sun, 30 Oct 2022 16:43:13 GMT
ETag: "c6-5ec432fd4ea40"
Accept-Ranges: bytes
Content-Length: 198
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon