| sml.benefitsonlytodayfah.buzz/ | 99.198.106.194 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1sml.benefitsonlytodayfah.buzz/ IP99.198.106.194:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET / HTTP/1.1
Host: sml.benefitsonlytodayfah.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: u=67567026d12d27456f427e79e4b5e4c7
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jun 2023 06:05:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://sml.benefitsonlytodayfah.buzz/
|
| sml.benefitsonlytodayfah.buzz/favicon.ico | 99.198.106.194 | 200 OK | 1.2 kB |
URL GET HTTP/2sml.benefitsonlytodayfah.buzz/favicon.ico IP99.198.106.194:443
Requested byhttps://sml.benefitsonlytodayfah.buzz/ CertificateIssuerLet's Encrypt Subjectsml.benefitsonlytodayfah.buzz FingerprintCE:0F:8D:00:42:E2:71:25:AA:D5:8C:7C:92:32:92:11:71:AE:BB:D2 ValiditySun, 14 May 2023 03:15:13 GMT - Sat, 12 Aug 2023 03:15:12 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hash91abe01116ab422c598e9c8af72cf4da 0f2815fe8e067d48537ad168225ab4674271fa27 b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: sml.benefitsonlytodayfah.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sml.benefitsonlytodayfah.buzz/
Cookie: u=67567026d12d27456f427e79e4b5e4c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 06:05:48 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Sat, 10 Jun 2023 06:05:48 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | | 1.4 kB |
URL ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hash5a2adbd5425e735335e5f9cdb36d45d9 65dad8e338ab74636d9c39c5749c61125252a478 9308d1a1e7d1cdca420715d6a93a25e23a96dd39ae290b4f2dfed200d446f678
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 06:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 13 Jun 2023 06:00:38 GMT
ETag: "65dad8e338ab74636d9c39c5749c61125252a478"
Last-Modified: Fri, 09 Jun 2023 06:00:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d472f5b6bd9b503-OSL
|
| app.monetizer.com/images/monetizer.png | 173.236.118.98 | 200 OK | 2.8 kB |
URL GET HTTP/2app.monetizer.com/images/monetizer.png IP173.236.118.98:443
Requested byhttps://sml.benefitsonlytodayfah.buzz/ CertificateIssuerGlobalSign nv-sa Subject*.monetizer.com Fingerprint07:EB:AC:21:9A:CB:95:7B:69:CA:70:B1:A8:7C:2B:A8:E0:0E:CF:AB ValiditySun, 21 Aug 2022 17:11:29 GMT - Fri, 22 Sep 2023 17:11:28 GMT
File typePNG image data, 150 x 149, 8-bit colormap, non-interlaced\012- data Hash03a4f7ed6a82302928cb627d8c4b7ba4 ee1470782b782b0b1d7e59616fe5d476c2ac08b2 a907a5abbd6b6e9435a8d503c6a9c05767fd296d59dd6e5fee73e6bc96a9f29c
GET /images/monetizer.png HTTP/1.1
Host: app.monetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sml.benefitsonlytodayfah.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 06:05:48 GMT
content-type: image/png
content-length: 2763
last-modified: Thu, 25 May 2023 16:41:03 GMT
etag: "646f8f9f-acb"
expires: Sat, 10 Jun 2023 06:05:48 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2
|