| GET bhpborowka.pl/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753 | 188.114.96.1 | 301 Moved Permanently | 0 B |
URL User Request GET bhpborowka.pl/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753 IP 188.114.96.1:443
CertificateIssuerGoogle Trust Services Subjectbhpborowka.pl Fingerprint9C:32:86:4B:0C:DB:86:56:EF:27:E7:69:4A:21:6A:B9:F5:FB:CA:06 ValidityMon, 10 Mar 2025 11:11:44 GMT - Sun, 08 Jun 2025 12:09:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753 HTTP/1.1
Host: bhpborowka.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 20 Mar 2025 19:39:58 GMT
content-type: text/html
location: https://www.bhpborowka.pl/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BA3E%2BP2M5DuktXlg2xMtyvP1cZhzRJuhpiil1QqikCJPuJrScqOnu%2B6iXnqiqXKP09san3kAIhUekgrFAqKuRAJoaqtMTz23mAmeTXOIJZJsCuTJqAOVmAe4uRiaxznD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9237adb6faf7fff8-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=25734&min_rtt=19790&rtt_var=14209&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1292&delivery_rate=218434&cwnd=184&unsent_bytes=0&cid=06cb08cf66c81b02&ts=534&x=0"
X-Firefox-Spdy: h2
|
| GET www.bhpborowka.pl/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753 | 188.114.96.1 | 302 Found | 0 B |
URL User Request GET www.bhpborowka.pl/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753 IP 188.114.96.1:443
CertificateIssuerGoogle Trust Services Subjectbhpborowka.pl Fingerprint9C:32:86:4B:0C:DB:86:56:EF:27:E7:69:4A:21:6A:B9:F5:FB:CA:06 ValidityMon, 10 Mar 2025 11:11:44 GMT - Sun, 08 Jun 2025 12:09:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14314753 HTTP/1.1
Host: www.bhpborowka.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 20 Mar 2025 19:39:59 GMT
content-type: text/html
location: https://linksapp.top/redirect/resources.html
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oowy36FeK6g3RGM%2F%2BXl9a4zoUpoojv%2BXQWwe3cf%2BFO54%2Bw64eynAOuZK86vF4eYpl7vRnzIgBP8fER9SoVpr%2Bwe9YCwUvAxv3O35T4ar1N%2BpCBFnnMIL7O8XOZGNSjdCAY3xPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9237adba6d1e569b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6821&min_rtt=3543&rtt_var=3669&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4096&recv_bytes=1266&delivery_rate=167614&cwnd=12000&unsent_bytes=0&cid=3d5f2c8c97db6f02&ts=636&x=1", cfExtPri, cfHdrFlush;dur=0
|
| GET linksapp.top/redirect/resources.html | 0.0.0.0 | | 0 B |
URL User Request GET linksapp.top/redirect/resources.html IP 0.0.0.0:0
CertificateIssuerGoogle Trust Services Subjectlinksapp.top FingerprintE9:09:39:26:3C:D6:81:28:AC:6C:0A:F9:D6:51:42:91:2C:34:62:CC ValiditySun, 26 Jan 2025 00:43:11 GMT - Sat, 26 Apr 2025 01:41:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET /redirect/resources.html HTTP/1.1
Host: linksapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|