| ayioipipiphbnvbnv.dynserv.org/1C0r053nwc0bvh35-t0xro81vql0h82j03a0v00001 | 91.246.221.2 | 302 Found | 0 B |
URL User Request GET HTTP/1.1ayioipipiphbnvbnv.dynserv.org/1C0r053nwc0bvh35-t0xro81vql0h82j03a0v00001 IP91.246.221.2:80 ASN#21500 Scientific Production Enterprise Technaukservice Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.dynserv .org Domain |
GET /1C0r053nwc0bvh35-t0xro81vql0h82j03a0v00001 HTTP/1.1
Host: ayioipipiphbnvbnv.dynserv.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 27 May 2023 16:21:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: http://ayioipipiphbnvbnv.dynserv.org/rdg.html?ln=10bvh35-syf647228bb92b9b_vl_Active06vl_0pzc.t0xro82j03a0v.C0000r155w01vql0h8_vq935.ftlsy
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
| ayioipipiphbnvbnv.dynserv.org/rdg.html?ln=10bvh35-syf647228bb92b9b_vl_Active06vl_0pzc.t0xro82j03a0v.C0000r155w01vql0h8_vq935.ftlsy | 91.246.221.2 | 302 Found | 0 B |
URL User Request GET HTTP/1.1ayioipipiphbnvbnv.dynserv.org/rdg.html?ln=10bvh35-syf647228bb92b9b_vl_Active06vl_0pzc.t0xro82j03a0v.C0000r155w01vql0h8_vq935.ftlsy IP91.246.221.2:80 ASN#21500 Scientific Production Enterprise Technaukservice Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.dynserv .org Domain |
GET /rdg.html?ln=10bvh35-syf647228bb92b9b_vl_Active06vl_0pzc.t0xro82j03a0v.C0000r155w01vql0h8_vq935.ftlsy HTTP/1.1
Host: ayioipipiphbnvbnv.dynserv.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 27 May 2023 16:21:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://gawkhorn.com/1764021c2ab104fb800/otherother_0pz647228bb92f9d/yf0pz|GHWso3EbMKWm|ftlsy|0bvh35|2j03a0v|87789|0000r155w0|C|oTI2pzSxo3V=|PC|1dlkakq/p3yzAwD3ZwV4LzV5ZzV5Ly92oS9OL3EcqzHjAaMfKmOjrzZ=
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
| mitmdetection.services.mozilla.com/ | 54.230.111.77 | | 0 B |
URL mitmdetection.services.mozilla.com/ IP54.230.111.77:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Sat, 27 May 2023 16:21:06 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PfxPR7N2ayhUfl_bD7OjdCCq7qGTyWop2x4-C1pF-NnDT3j9m9bH2g==
X-Firefox-Spdy: h2
|
| gawkhorn.com/1764021c2ab104fb800/otherother_0pz647228bb92f9d/yf0pz|GHWso3EbMKWm|ftlsy|0bvh35|2j03a0v|87789|0000r155w0|C|oTI2pzSxo3V=|PC|1dlkakq/p3yzAwD3ZwV4LzV5ZzV5Ly92oS9OL3EcqzHjAaMfKmOjrzZ= | 0.0.0.0 | | 0 B |
URL User Request GET gawkhorn.com/1764021c2ab104fb800/otherother_0pz647228bb92f9d/yf0pz|GHWso3EbMKWm|ftlsy|0bvh35|2j03a0v|87789|0000r155w0|C|oTI2pzSxo3V=|PC|1dlkakq/p3yzAwD3ZwV4LzV5ZzV5Ly92oS9OL3EcqzHjAaMfKmOjrzZ= IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1764021c2ab104fb800/otherother_0pz647228bb92f9d/yf0pz|GHWso3EbMKWm|ftlsy|0bvh35|2j03a0v|87789|0000r155w0|C|oTI2pzSxo3V=|PC|1dlkakq/p3yzAwD3ZwV4LzV5ZzV5Ly92oS9OL3EcqzHjAaMfKmOjrzZ= HTTP/1.1
Host: gawkhorn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|