hcsasia.co.th/txqkafexar/rentfree.zip
301 Moved Permanently 10 kB URL User Request GET HTTP/1.1 hcsasia.co.th/txqkafexar/rentfree.zip
IP
ASN #56309 408 Fl4 CATTOWER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash f6007b52b92487e2304bc6bc31f2a4b8
907aa93584c7175c4edbbdfdf134ae96d7551717
cf7394d78679337aad0b5b0b9dc6015d34a9d5d40ea81f0dfdb739405330f9e7
NIDS Severity Alert suricata high ThreatFox payload delivery (url - confidence level: 100%)
GET /txqkafexar/rentfree.zip HTTP/1.1
Host: hcsasia.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Wed, 06 Dec 2023 10:57:36 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
hcsasia.co.th/txqkafexar/rentfree.zip
301 Moved Permanently 239 B URL User Request GET HTTP/1.1 hcsasia.co.th/txqkafexar/rentfree.zip
IP
ASN #56309 408 Fl4 CATTOWER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 345127ca99ecb8fe7af9ef0df7463ccd
9c8b4b6e707f4274d968c4a7edb073cb267349df
f2109a0422ec498e5f14bbd58541c97e86c44300609e15dfd7a13512018fc687
NIDS Severity Alert suricata high ThreatFox payload delivery (url - confidence level: 100%)
GET /txqkafexar/rentfree.zip HTTP/1.1
Host: hcsasia.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 06 Dec 2023 10:57:36 GMT
Server: Apache
Location: https://hcsasia.co.th/404.shtml
Content-Length: 239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
200 OK 10 kB URL User Request GET HTTP/1.1 IP
ASN #56309 408 Fl4 CATTOWER
Certificate IssuercPanel, Inc.
Subjecthcsasia.co.th
Fingerprint6A:0E:1C:A0:FA:1C:35:AB:D7:72:89:53:8F:EF:C0:AC:1D:AC:F1:B3
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 9c265a09256f3c34803eb7826b57c553
342ebb42e7ff5aaab35815af0ca609c3b25808af
ce2698c0d9217deac56e08210c2f07ffe6795e9573ef70356b4622952bf8d830
GET /404.shtml HTTP/1.1
Host: hcsasia.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 10:57:36 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
hcsasia.co.th/img-sys/server_misconfigured.png
200 OK 3.2 kB URL GET HTTP/1.1 hcsasia.co.th/img-sys/server_misconfigured.png
IP
ASN #56309 408 Fl4 CATTOWER
Requested by https://hcsasia.co.th/404.shtml
Certificate IssuercPanel, Inc.
Subjecthcsasia.co.th
Fingerprint6A:0E:1C:A0:FA:1C:35:AB:D7:72:89:53:8F:EF:C0:AC:1D:AC:F1:B3
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f79adaf00f83dc9757086cdbe8645ff0
82f37b8be7668eab8e1a06de828cb336799c8134
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
GET /img-sys/server_misconfigured.png HTTP/1.1
Host: hcsasia.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hcsasia.co.th/404.shtml
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 10:57:37 GMT
Server: Apache
Last-Modified: Tue, 24 Mar 2020 19:39:40 GMT
Accept-Ranges: bytes
Content-Length: 3164
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hcsasia.co.th/img-sys/powered_by_cpanel.svg
200 OK 5.6 kB URL GET HTTP/1.1 hcsasia.co.th/img-sys/powered_by_cpanel.svg
IP
ASN #56309 408 Fl4 CATTOWER
Requested by https://hcsasia.co.th/404.shtml
Certificate IssuercPanel, Inc.
Subjecthcsasia.co.th
Fingerprint6A:0E:1C:A0:FA:1C:35:AB:D7:72:89:53:8F:EF:C0:AC:1D:AC:F1:B3
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5616)
Hash c47b4b5200566a2a496a11ba472ec5da
3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
GET /img-sys/powered_by_cpanel.svg HTTP/1.1
Host: hcsasia.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hcsasia.co.th/404.shtml
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 10:57:37 GMT
Server: Apache
Last-Modified: Tue, 24 Mar 2020 19:39:40 GMT
Accept-Ranges: bytes
Content-Length: 5617
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
hcsasia.co.th/favicon.ico
200 OK 2.8 kB URL GET HTTP/1.1 hcsasia.co.th/favicon.ico
IP
ASN #56309 408 Fl4 CATTOWER
Requested by https://hcsasia.co.th/404.shtml
Certificate IssuercPanel, Inc.
Subjecthcsasia.co.th
Fingerprint6A:0E:1C:A0:FA:1C:35:AB:D7:72:89:53:8F:EF:C0:AC:1D:AC:F1:B3
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel\012- data
Hash dabe9ce5581670f84e89a789a78d09b8
1662f23ff5553364505a29cac571102cf370fc85
04ec9ba779be752a6480758574feae350370480887bc7fe52fd968519cf27208
GET /favicon.ico HTTP/1.1
Host: hcsasia.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hcsasia.co.th/404.shtml
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 10:57:37 GMT
Server: Apache
Last-Modified: Thu, 19 Jun 2014 04:32:44 GMT
Accept-Ranges: bytes
Content-Length: 2780
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/x-icon
43.229.149.178