| 988920com-jyrms.988920a.buzz/ |  38.45.125.67 | 302 Moved Temporarily | 39 kB |
URL User Request GET 988920com-jyrms.988920a.buzz/ IP38.45.125.67:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET / HTTP/1.1
Host: 988920com-jyrms.988920a.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 23 Apr 2025 07:58:45 GMT
Content-Type: text/html; charset=GB2312
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://lt-oE0bV.988920a.buzz:1031/demo
Strict-Transport-Security: max-age=31536000
|
|
| lt-oe0bv.988920a.buzz:1031/demo | 38.45.125.67 | 301 Moved Permanently | 39 kB |
URL User Request GET lt-oe0bv.988920a.buzz:1031/demo IP38.45.125.67:1031
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /demo HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Apr 2025 07:58:46 GMT
Content-Type: text/html
Content-Length: 162
Location: http://lt-oe0bv.988920a.buzz:1031/demo/
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
|
|
| lt-oe0bv.988920a.buzz:1031/demo/ | 38.45.125.67 | 200 OK | 39 kB |
URL User Request GET lt-oe0bv.988920a.buzz:1031/demo/ IP38.45.125.67:1031
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash39b79d1a85cf6bc96a67cbab6528de17 8aedd588112a2bcc61bb3597fd56e32e7ce2d8a1 560f576a7fb8247d09ed644d5f181a6fd152354c3b9debbaac38e3f1d4392618
GET /demo/ HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Apr 2025 07:58:46 GMT
Content-Type: text/html
Last-Modified: Wed, 06 Nov 2024 17:30:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"672ba7c3-969b"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| lt-oe0bv.988920a.buzz:1031/demo/zy/zy.js | 38.45.125.67 | 200 OK | 969 B |
URL GET lt-oe0bv.988920a.buzz:1031/demo/zy/zy.js IP38.45.125.67:1031
Requested byhttp://lt-oe0bv.988920a.buzz:1031/demo/
File typeHTML document, Unicode text, UTF-8 text Hashcc9876eb538d74e73ca3f7fd516f6a57 5ab5d54f8528dba934c72c0a188b68f6c631888a 326a0a309fe5b90fe62f8f8adc5b9a25e868a7baf33a36dc09ff5a719b372e63
GET /demo/zy/zy.js HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://lt-oe0bv.988920a.buzz:1031/demo/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Apr 2025 07:58:47 GMT
Content-Type: application/javascript
Content-Length: 969
Last-Modified: Tue, 25 Feb 2025 04:00:07 GMT
Connection: keep-alive
ETag: "67bd4047-3c9"
Expires: Wed, 23 Apr 2025 19:58:47 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| lt-oe0bv.988920a.buzz:1031/demo/css/style.css | 38.45.125.67 | 200 OK | 29 kB |
URL GET lt-oe0bv.988920a.buzz:1031/demo/css/style.css IP38.45.125.67:1031
Requested byhttp://lt-oe0bv.988920a.buzz:1031/demo/
File typeUnicode text, UTF-8 text, with very long lines (28702), with no line terminators Hash9d3406698b2981342c19f13f801b0eb5 15430941408813f1f7f09f04c3ed7bac4083325f ea3e737cc586886366522cd809da667a4c9a2bf3b493da4afe9b955bc5f4cde4
GET /demo/css/style.css HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://lt-oe0bv.988920a.buzz:1031/demo/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Apr 2025 07:58:46 GMT
Content-Type: text/css
Last-Modified: Wed, 06 Nov 2024 17:30:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"672ba7c4-7020"
Expires: Wed, 23 Apr 2025 19:58:46 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| 988920com-jyrms.988920a.buzz/ |  0.0.0.0 | | 0 B |
URL User Request GET 988920com-jyrms.988920a.buzz/ IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET / HTTP/1.1
Host: 988920com-jyrms.988920a.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| lt-oe0bv.988920a.buzz:1031/demo/zy/88.html?t=1745395127172 | 38.45.125.67 | 200 OK | 4.9 kB |
URL GET lt-oe0bv.988920a.buzz:1031/demo/zy/88.html?t=1745395127172 IP38.45.125.67:1031
Requested byhttp://lt-oe0bv.988920a.buzz:1031/demo/
File typeHTML document, Unicode text, UTF-8 text Hashb68c76313ca4ec88a39197905289f387 06874d2d785ac1c8e7752db7d49aede571475f4c 1c2241605da1173ca7c451745ae727b91afc372fd4e6c9926d3675d080686a74
GET /demo/zy/88.html?t=1745395127172 HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://lt-oe0bv.988920a.buzz:1031/demo/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Apr 2025 07:58:47 GMT
Content-Type: text/html
Last-Modified: Mon, 18 Nov 2024 06:43:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"673ae1fb-132a"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| lt-oe0bv.988920a.buzz:1031/demo/zy/list.css | 38.45.125.67 | 200 OK | 4.2 kB |
URL GET lt-oe0bv.988920a.buzz:1031/demo/zy/list.css IP38.45.125.67:1031
Requested byhttp://lt-oe0bv.988920a.buzz:1031/demo/zy/88.html?t=1745395127172
File typeUnicode text, UTF-8 text, with very long lines (938) Hash9f28de2cd20d8d89ec9d5f5f5cccb586 b8bfd64a20c7b921464243d5aca35577960948c8 1029ac936610e971496fb2eeb441f71fc44260f2246143c6c47f1927af1c4779
GET /demo/zy/list.css HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://lt-oe0bv.988920a.buzz:1031/demo/zy/88.html?t=1745395127172
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Apr 2025 07:58:47 GMT
Content-Type: text/css
Last-Modified: Wed, 06 Nov 2024 17:30:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"672ba7c3-1090"
Expires: Wed, 23 Apr 2025 19:58:47 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| lt-oe0bv.988920a.buzz:1031/favicon.ico | 38.45.125.67 | 404 Not Found | 138 B |
URL GET lt-oe0bv.988920a.buzz:1031/favicon.ico IP38.45.125.67:1031
Requested byhttp://lt-oe0bv.988920a.buzz:1031/demo/
File typeHTML document, ASCII text Hash7389d931c86b3d7bb6b8af46d8c4172b 8d2a4760aa0b47984d11cd1a66448719177fb791 301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f
GET /favicon.ico HTTP/1.1
Host: lt-oe0bv.988920a.buzz:1031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://lt-oe0bv.988920a.buzz:1031/demo/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Apr 2025 07:58:47 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
ETag: "672bab89-8a"
|
|