| domain-botnet.servehttp.com/ | 51.79.217.59 | | 212 B |
URL domain-botnet.servehttp.com/ IP51.79.217.59:0
File typeHTML document, ASCII text Hashefcb5f99b0f85d76dcd37f09845a05b2 a7eff4f80d13dcc9e373accac5c686df0f78ad65 5590b93ae594d2cf199dd46646d046f341ad738bdb279d3156306429c1d533f0
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.servehttp .com Domain |
GET / HTTP/1.1
Host: domain-botnet.servehttp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 12:16:10 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 212
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
| domain-botnet.servehttp.com/and | 51.79.217.59 | 200 OK | 3.5 kB |
URL User Request GET HTTP/1.1domain-botnet.servehttp.com/and IP51.79.217.59:80
Hash0688fab99046df306e65cf74369be3a4 a8f8c878f10fbb43d0c72b07888e6b9ffeab2193 b3d2c9d4d461b122fb049c5ef533de2e5d2352ebd41218a38cbf96a9a843e567
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.servehttp .com Domain |
GET /and HTTP/1.1
Host: domain-botnet.servehttp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 12:16:16 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Wed, 24 Apr 2024 19:25:28 GMT
ETag: "d7c-616dca220dab0"
Accept-Ranges: bytes
Content-Length: 3452
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
| domain-botnet.servehttp.com/favicon.ico | 51.79.217.59 | 404 Not Found | 209 B |
URL GET HTTP/1.1domain-botnet.servehttp.com/favicon.ico IP51.79.217.59:80
Requested byhttp://domain-botnet.servehttp.com/and
File typeHTML document, ASCII text Hash18ffb59b61525f781cf9251045be575d bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.servehttp .com Domain |
GET /favicon.ico HTTP/1.1
Host: domain-botnet.servehttp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://domain-botnet.servehttp.com/and
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Thu, 25 Apr 2024 12:16:17 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 209
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|