| | 50.201.81.209 | 200 | 3.9 kB |
URL User Request GET HTTP/1.1IP50.201.81.209:8080
File typeHTML document, Unicode text, UTF-8 text, with very long lines (799) Hash483f8c22328665d0c8408ce663eda92f ca667b9edcd83aa86ea74b6e232b170e55493fed 8e15b0adc46ec2c4fbcf224aaed1a3df10679d3b1a81116049e448eececf1c79
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Set-Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; Path=/; HttpOnly
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/jquery-readyfix.js | 50.201.81.209 | 200 | 999 B |
URL GET HTTP/1.150.201.81.209:8080/scripts/jquery-readyfix.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
Hash1e16efe7cc00c71c431fd8f6fde16b6a 4d0dca4c47cb95922d88049e3ae80f32e4519418 588d6533235922f144c51d01c3dde57e2a68435a8cc065dfd7a80de73cbfca37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/jquery-readyfix.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:27 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=2510fc2b-1f48-4c77-949f-4b382d1a2830;path=/;priority=high
_zcsr_tmp=2510fc2b-1f48-4c77-949f-4b382d1a2830;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"2296-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/jquery.browser.min.js | 50.201.81.209 | 200 | 1.0 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/jquery.browser.min.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (2237) Hash9929873df0833fc027580212a2c92742 9f9262431058e45256616514a94729a747a68753 4752051d3d0c5a46e0bbabd7813e1113b4d24f844e2c36512ada5165e67f29ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/jquery.browser.min.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:27 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=072b5b77-3e14-4665-a467-f2fa1fb72ff4;path=/;priority=high
_zcsr_tmp=072b5b77-3e14-4665-a467-f2fa1fb72ff4;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"2595-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/jquery.min.js | 50.201.81.209 | 200 | 31 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/jquery.min.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/jquery.min.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:27 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=fdfb3571-f710-4f4b-8ac2-d2a3f2ac2fee;path=/;priority=high
_zcsr_tmp=fdfb3571-f710-4f4b-8ac2-d2a3f2ac2fee;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"89476-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/jquery-migrate.min.js | 50.201.81.209 | 200 | 4.0 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/jquery-migrate.min.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (10878) Hashb17acf619ad30d5015f146451ed89cce 680a167264b8cf54f2f5e33637b21e921b10c4e0 00f96531cd15e257ff45be42cf889d5940989410c6ddbd0470dd54b217778691
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/jquery-migrate.min.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:27 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=93bfb1f9-6377-43be-9992-611b6d16d2ef;path=/;priority=high
_zcsr_tmp=93bfb1f9-6377-43be-9992-611b6d16d2ef;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"10976-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/bootstrap.min.js | 50.201.81.209 | 200 | 11 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/bootstrap.min.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (39553) Hash2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/bootstrap.min.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:27 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=d240a212-84a2-4279-8593-ea359e2af961;path=/;priority=high
_zcsr_tmp=d240a212-84a2-4279-8593-ea359e2af961;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"39680-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/Base.esapi.properties.js | 50.201.81.209 | 200 | 1.1 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/Base.esapi.properties.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeHTML document, ASCII text Hasheed5649e883489a7f484ffab96bf3f15 06c57ab23d5be7a059e8f72810f6c6e88ee0acf1 51d58be98d13ee5eeccf937d4f89085565c07204375feecd67cc0e17f0de91de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/Base.esapi.properties.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=2e78112d-00f4-47f3-ab78-af7f9d8ff0b2;path=/;priority=high
_zcsr_tmp=2e78112d-00f4-47f3-ab78-af7f9d8ff0b2;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"2546-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/ESAPI_Standard_en_US.properties.js | 50.201.81.209 | 200 | 943 B |
URL GET HTTP/1.150.201.81.209:8080/scripts/ESAPI_Standard_en_US.properties.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
Hash35ad50deb69922e8dbc5ff8eecc3c9da 61b6bd9b7d6a1ad852313a4ea72bc3c67b392267 ffc19b3c3872eff43697465aa3520ff895b9932a54d8da8e08d3a478e42eab23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/ESAPI_Standard_en_US.properties.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=f46da026-8f40-451d-ac01-0157e185e735;path=/;priority=high
_zcsr_tmp=f46da026-8f40-451d-ac01-0157e185e735;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"4769-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/select2.min.js | 50.201.81.209 | 200 | 18 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/select2.min.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (32145) Hash1f7c499bbb351a2ba394b0fadcfe9b9f d5433ea66e98e14c47d98ef2a172f12ece09e465 8b54c7c7b788a31d600674d86decd7f27b5a7503c08ada71724ac82b0ab5a988
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/select2.min.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:27 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=42e27d6b-a5f1-439e-90fb-2bc186b10d00;path=/;priority=high
_zcsr_tmp=42e27d6b-a5f1-439e-90fb-2bc186b10d00;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"65979-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/client-encoder.js | 50.201.81.209 | 200 | 1.1 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/client-encoder.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeASCII text, with very long lines (324) Hash484af539554916f72c059569801fef67 ffe542acb167dc6c97ff9269769ab70d652da96a 3001cee171d8baf00decbc9b3464a1db3b56243e6ea494fa5f548fdf67c84fda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/client-encoder.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=6e6f5341-a8c9-4a58-b80c-6803918dc0ba;path=/;priority=high
_zcsr_tmp=6e6f5341-a8c9-4a58-b80c-6803918dc0ba;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"1114-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
Content-Type: text/javascript
Content-Length: 1114
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/style/select2.css?13001 | 50.201.81.209 | 200 | 3.3 kB |
URL GET HTTP/1.150.201.81.209:8080/style/select2.css?13001 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
Hash325dea764890fca47b179866283b1d3b cc11ee6ea2b53afd3c5ab5a941286bed617aa144 3618a7f377691d9d4327cd1f1ed47c3b5bc19d609d2eaed59183a2432c65b567
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style/select2.css?13001 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=3df5dd1d-ce9e-4bcf-8641-97f7be24b594;path=/;priority=high
_zcsr_tmp=3df5dd1d-ce9e-4bcf-8641-97f7be24b594;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"19665-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/css
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/esapi.js | 50.201.81.209 | 200 | 21 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/esapi.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (328) Hash17eb66be5a054e19f519ffc1a8322bee f0b912145cb90a3a61fe26b17503aa3e3af8cd39 94510ac1fe1ac18afe201b276125559fcd18f1bee1d0d0cd2ea9d3c4ca99b31e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/esapi.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=ca6ee479-3955-447d-bda7-351508b8366f;path=/;priority=high
_zcsr_tmp=ca6ee479-3955-447d-bda7-351508b8366f;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"112526-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/style/select2-bootstrap.css?13001 | 50.201.81.209 | 200 | 466 B |
URL GET HTTP/1.150.201.81.209:8080/style/select2-bootstrap.css?13001 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
Hash02ef71230659d75e15671e626d27a1b2 38b131daa1b1d528a494a201b1de7bc8b81aed0d e7aa313202b8caaa081afd6cd5d59c2090614ec5e116372af338bf7ec85af7a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style/select2-bootstrap.css?13001 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=035f75bf-de1c-433d-adf6-84720902864f;path=/;priority=high
_zcsr_tmp=035f75bf-de1c-433d-adf6-84720902864f;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"3348-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/css
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/style/loginstyle.css?13001 | 50.201.81.209 | 200 | 2.1 kB |
URL GET HTTP/1.150.201.81.209:8080/style/loginstyle.css?13001 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
Hashf3a72220fa64ef1232bd254ec0f2a231 317c01f47d177d45783ff6335ee268639c763938 e5f9b3e92dd43e825adcc8ead3f0f85347c100969de2f2804467a69f57bf8d13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style/loginstyle.css?13001 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=c4598e69-dd2e-483f-bb6f-aff7d56bdbaf;path=/;priority=high
_zcsr_tmp=c4598e69-dd2e-483f-bb6f-aff7d56bdbaf;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"7702-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/css
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/style/select2-overwrite.css?13001 | 50.201.81.209 | 200 | 1.2 kB |
URL GET HTTP/1.150.201.81.209:8080/style/select2-overwrite.css?13001 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeassembler source, ASCII text Hash5f15df389ce125c4a2f7eba3bfb32f79 4f5a1abbcefa51b25f0cdf9a119b6129ab915b3f b8f33996f877f0c69384f08f00255a5b514c50e158bd42fde043477a51be2049
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style/select2-overwrite.css?13001 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=4a8059a3-fcea-458f-8f91-4ec693949009;path=/;priority=high
_zcsr_tmp=4a8059a3-fcea-458f-8f91-4ec693949009;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"3968-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/css
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/Popup.js | 50.201.81.209 | 200 | 1.1 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/Popup.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
Hashbf4a8d94d99311cf796e1382baf3f28e 673399526e5fd003c06d86ba11172aba86bd9fdf bf5adb3620b4417c9a4d42708cd359daf6935aa573314452c8685683a924e57d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/Popup.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=defa2c66-2e76-4c11-bdbc-1ba3d6fe173f;path=/;priority=high
_zcsr_tmp=defa2c66-2e76-4c11-bdbc-1ba3d6fe173f;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"3604-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/MicrosoftTeams.min.js | 50.201.81.209 | 200 | 13 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/MicrosoftTeams.min.js IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (54699), with no line terminators Hash5bd4885dbc702b048eb175044fb94872 15713c75b03a9415d36f3a92e472383a77be2538 c20399c1a5db31a9a7a0af412e20f9c1db916c75ad3e1f4bea9433aa116e1210
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/MicrosoftTeams.min.js HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=478f2d92-3798-480f-a809-894552e1e2cd;path=/;priority=high
_zcsr_tmp=478f2d92-3798-480f-a809-894552e1e2cd;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"54699-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/Login.js?13001 | 50.201.81.209 | 200 | 8.0 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/Login.js?13001 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, ASCII text, with very long lines (400) Hasha83f06be2b21b5616ee9ea075c20d0eb 8c39ab6c93d45bda4503b57a19170156d626fdb4 5996241a89dec4fcc233e3d61230f19a1e22d82765260921c6fc509ae5188fea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/Login.js?13001 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=320fc99d-0583-425f-9d29-d57b7cc42123;path=/;priority=high
_zcsr_tmp=320fc99d-0583-425f-9d29-d57b7cc42123;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"39615-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/scripts/jsencrypt.min.js?13001 | 50.201.81.209 | 200 | 16 kB |
URL GET HTTP/1.150.201.81.209:8080/scripts/jsencrypt.min.js?13001 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (54915), with no line terminators Hash302469c5a7360489348d9d571c8c2abb ee40fe5a104ea86b96523b619584b9b1fc34cafe e31a8e9d716856c1703f058a6927da922323e7ac533115e192326e2f3aca3a2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/jsencrypt.min.js?13001 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Set-Cookie: sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039;path=/;priority=high
_zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039;path=/;SameSite=Strict;priority=high
Accept-Ranges: bytes
ETag: W/"54919-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/javascript
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/custom/login/Login.html?_=1715208148193 | 50.201.81.209 | 200 | 1.1 kB |
URL GET HTTP/1.150.201.81.209:8080/custom/login/Login.html?_=1715208148193 IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeHTML document, ASCII text, with very long lines (403) Hash4036f4385e3404b65a8ed6cc0ee2e27c 59d49a36ec9aef3761185a7124cfba211ccc2ae3 d8cafe64115bca2ac859ff5a4b89ca35cbf0973a301e57898ec173364f212783
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom/login/Login.html?_=1715208148193 HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Set-Cookie: SDPSESSIONID=34D4A42E2CC5A5157C83EEFC0AE8F639; Path=/custom; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Accept-Ranges: bytes
ETag: W/"2677-1646056484000"
Last-Modified: Mon, 28 Feb 2022 13:54:44 GMT
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/custom/login/log-logo.png | 50.201.81.209 | 200 | 5.7 kB |
URL GET HTTP/1.150.201.81.209:8080/custom/login/log-logo.png IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typePNG image data, 205 x 61, 8-bit/color RGBA, non-interlaced Hashd79c5f9a469e1735d1278a454d641e89 f6ce8a5deaf530edf30f4aa36667766f213fa41d aba94e60e2196fcbec7199978f6590c4ae346405b3b66d97fabb75b4176da943
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom/login/log-logo.png HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=34D4A42E2CC5A5157C83EEFC0AE8F639; SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Accept-Ranges: bytes
ETag: W/"5699-1646056484000"
Last-Modified: Mon, 28 Feb 2022 13:54:44 GMT
Content-Type: image/png
Content-Length: 5699
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/custom/customimages/login-bg.png | 50.201.81.209 | 200 | 398 B |
URL GET HTTP/1.150.201.81.209:8080/custom/customimages/login-bg.png IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typePNG image data, 14 x 14, 8-bit/color RGB, non-interlaced Hashf7c0043d6f6698b95a9c0077d7dfd2c2 97ccab3839589435460b5050397f26298b067c4c 4322399a56c363dbd79e35b6044f1b62e1f7caf4893ceac38bd0c75df6094a1b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom/customimages/login-bg.png HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=34D4A42E2CC5A5157C83EEFC0AE8F639; SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Accept-Ranges: bytes
ETag: W/"398-1646056484000"
Last-Modified: Mon, 28 Feb 2022 13:54:44 GMT
Content-Type: image/png
Content-Length: 398
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/custom/customimages/user.png | 50.201.81.209 | 200 | 1.2 kB |
URL GET HTTP/1.150.201.81.209:8080/custom/customimages/user.png IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hashc025a12105b6f3760d628ed43ad4a42a d4c3000e58fa652c76920c4855f4e0fa7ddc37bb d9640519b6fec530e0c8f20a4758339da5a7426644eac73b253234f8fd5dc161
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom/customimages/user.png HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/style/loginstyle.css?13001
Cookie: SDPSESSIONID=34D4A42E2CC5A5157C83EEFC0AE8F639; SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Accept-Ranges: bytes
ETag: W/"1178-1646056484000"
Last-Modified: Mon, 28 Feb 2022 13:54:44 GMT
Content-Type: image/png
Content-Length: 1178
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/custom/customimages/lock.png | 50.201.81.209 | 200 | 239 B |
URL GET HTTP/1.150.201.81.209:8080/custom/customimages/lock.png IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typePNG image data, 11 x 12, 8-bit/color RGB, non-interlaced Hash73c9b9a4cf3e443e147c5081311a7148 b6f60122679d1bd99d8c9104d9432e61fcc4f783 68d4d7df8257bd3f3f0c7c2c0fb78e2006ad53a0205216d7da8628990116b39f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom/customimages/lock.png HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/style/loginstyle.css?13001
Cookie: SDPSESSIONID=34D4A42E2CC5A5157C83EEFC0AE8F639; SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Accept-Ranges: bytes
ETag: W/"239-1646056484000"
Last-Modified: Mon, 28 Feb 2022 13:54:44 GMT
Content-Type: image/png
Content-Length: 239
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/custom/customimages/login-bg-top.png | 50.201.81.209 | 200 | 60 kB |
URL GET HTTP/1.150.201.81.209:8080/custom/customimages/login-bg-top.png IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typePNG image data, 1500 x 119, 8-bit/color RGBA, non-interlaced Hash9500516a89cf8c97fdbc713116cfb3ec 13943c6d76e6881a9f572dedcecec75d14ddff70 0f824ff3a91e2373cc90430b9988d5ca934c1ba4710bd08c9792aa1170031f2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom/customimages/login-bg-top.png HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=34D4A42E2CC5A5157C83EEFC0AE8F639; SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Expires: Thu, 09 May 2024 04:57:28 GMT
Cache-Control: public, max-age=8640000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Accept-Ranges: bytes
ETag: W/"59475-1646056484000"
Last-Modified: Mon, 28 Feb 2022 13:54:44 GMT
Content-Type: image/png
Content-Length: 59475
Date: Wed, 08 May 2024 22:42:27 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|
| 50.201.81.209:8080/images/favicon.ico | 50.201.81.209 | 200 | 1.4 kB |
URL GET HTTP/1.150.201.81.209:8080/images/favicon.ico IP50.201.81.209:8080
Requested byhttp://50.201.81.209:8080/
File typeMS Windows icon resource - 1 icon, 16x16, 8 bits/pixel Hashbfe9fed9218dc8722664ae5480ec3f28 7f636802597e0dcb26817eeed48417b11663ab27 2fe58bf72a15f1ea65df7f8e1cf7338a9f3d35f5eb42898489d20d2a941ea33f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/favicon.ico HTTP/1.1
Host: 50.201.81.209:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://50.201.81.209:8080/
Cookie: SDPSESSIONID=5EA45081F612551FEE6E02409A0CAA1B; sdpcsrfcookie=2061922d-a4b7-4e86-af76-ce3f8da54039; _zcsr_tmp=2061922d-a4b7-4e86-af76-ce3f8da54039
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Pragma: no-cache
Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges: bytes
ETag: W/"1406-1646056485000"
Last-Modified: Mon, 28 Feb 2022 13:54:45 GMT
Content-Length: 1406
Date: Wed, 08 May 2024 22:42:28 GMT
Keep-Alive: timeout=20
Connection: keep-alive
Server: -
|
|