Report - 49.124.149.52/

Report Overview

Submitted URL
49.124.149.52/
IP
49.124.149.52
ASN
#4818 DiGi Telecommunications Sdn. Bhd.
Submitted
2024-04-23 23:38:25
Access
public
Website Title
M51C-IPC登陆
Final URL
49.124.149.52/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
49.124.149.52	unknown	unknown	No data	No data	3.5 kB	153 kB	49.124.149.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed
2024-04-23	medium	49.124.149.52	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	49.124.149.52/lib/layui-v2.6.3/layui.js	286 kB	2024-02-23	2024-04-24
Pretty URL 49.124.149.52/lib/layui-v2.6.3/layui.js IP 49.124.149.52 ASN #4818 DiGi Telecommunications Sdn. Bhd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-23 18:18:02 Last Seen2024-04-24 01:38:31 Times Seen6 Hash 82ba54a7c85614a6559a0d1bf702d1f7 ebc2f6e444177adb1df90ad196405da566b0abeb ef3073debdb16cb38d7853becd99ec0bf35f35c4e149325ea9d919a727861b2d Loading...

	49.124.149.52/	0 B	2023-03-07	2024-05-05
Pretty URL 49.124.149.52/ IP 49.124.149.52 ASN #4818 DiGi Telecommunications Sdn. Bhd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 23:42:35 Times Seen37371198 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (10)

URL IP Response Size

49.124.149.52/

49.124.149.52

9.2 kB

URL User Request GET
49.124.149.52/
IP
49.124.149.52:0
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
Size
9.2 kB (9185 bytes)
Hash
9499cc2659a3b65ab556fa8fbd56956b
b3ea350563cc2a9d15d8f1d616f8bccf8c451315
cf5d1ddf46fecd40c1c6e7739f44504b841e42d9a60aa1e5e5b8fef99a92c66b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:03 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/html
Accept-Range: bytes
Content-Length: 9185
filename: /opt/web/ipchtml/page/login.html

49.124.149.52/

49.124.149.52

9.2 kB

URL User Request GET
49.124.149.52/
IP
49.124.149.52:0
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
Size
9.2 kB (9185 bytes)
Hash
9499cc2659a3b65ab556fa8fbd56956b
b3ea350563cc2a9d15d8f1d616f8bccf8c451315
cf5d1ddf46fecd40c1c6e7739f44504b841e42d9a60aa1e5e5b8fef99a92c66b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:07 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/html
Accept-Range: bytes
Content-Length: 9185
filename: /opt/web/ipchtml/page/login.html

49.124.149.52/lib/layui-v2.6.3/css/layui.css

49.124.149.52

200 OK

14 kB

URL GET HTTP/1.1
49.124.149.52/lib/layui-v2.6.3/css/layui.css
IP
49.124.149.52:80
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

Requested by
http://49.124.149.52/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
14 kB (14294 bytes)
Hash
769a3698fc4ec64cf15323b5b0e30d03
984facd95a0ed720d8059d985f54985522c8b1c1
1d6839ad97a8bcb03ddb58bc07f75242c1c2890244dc99d379f1091fd39e1e76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/layui-v2.6.3/css/layui.css HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:09 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/css
Accept-Range: bytes
Content-Length: 14294
Content-Encoding: gzip
filename: /opt/web/ipchtml/lib/layui-v2.6.3/css/layui.css.gz

49.124.149.52/lib/layui-v2.6.3/layui.js

49.124.149.52

200 OK

92 kB

URL GET HTTP/1.1
49.124.149.52/lib/layui-v2.6.3/layui.js
IP
49.124.149.52:80
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

Requested by
http://49.124.149.52/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65202), with CRLF line terminators
Size
92 kB (92520 bytes)
Hash
82ba54a7c85614a6559a0d1bf702d1f7
ebc2f6e444177adb1df90ad196405da566b0abeb
ef3073debdb16cb38d7853becd99ec0bf35f35c4e149325ea9d919a727861b2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/layui-v2.6.3/layui.js HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:14 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/javascript
Accept-Range: bytes
Content-Length: 92520
Content-Encoding: gzip
filename: /opt/web/ipchtml/lib/layui-v2.6.3/layui.js.gz

49.124.149.52/lib/layui-v2.6.3/css/modules/laydate/default/laydate.css?v=5.2.1

49.124.149.52

200 OK

7.1 kB

URL GET HTTP/1.1
49.124.149.52/lib/layui-v2.6.3/css/modules/laydate/default/laydate.css?v=5.2.1
IP
49.124.149.52:80
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

Requested by
http://49.124.149.52/

File type
ASCII text, with very long lines (7122), with no line terminators
Size
7.1 kB (7122 bytes)
Hash
460c5ba2c579e29fb3ae00fe9bc52edf
e6a162ebf8779cb5f15db42a96b018fa4b0be3f3
5b1f57d046af79e32fc0b1a630f6144fd994186739a67bd194f8d3e357fff28c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/layui-v2.6.3/css/modules/laydate/default/laydate.css?v=5.2.1 HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:16 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/css
Accept-Range: bytes
Content-Length: 7122
filename: /opt/web/ipchtml/lib/layui-v2.6.3/css/modules/laydate/default/laydate.css

49.124.149.52/lib/layui-v2.6.3/css/modules/code.css?v=1

49.124.149.52

200 OK

1.3 kB

URL GET HTTP/1.1
49.124.149.52/lib/layui-v2.6.3/css/modules/code.css?v=1
IP
49.124.149.52:80
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

Requested by
http://49.124.149.52/

File type
ASCII text, with very long lines (1319), with no line terminators
Size
1.3 kB (1319 bytes)
Hash
986d0d70b033a195fc1bd1527b06993b
69ea79bb09bddd3b988db70ef8b10be9ed0f0065
3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/layui-v2.6.3/css/modules/code.css?v=1 HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:17 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/css
Accept-Range: bytes
Content-Length: 1319
filename: /opt/web/ipchtml/lib/layui-v2.6.3/css/modules/code.css

49.124.149.52/lib/layui-v2.6.3/css/modules/layer/default/layer.css?v=3.3.0

49.124.149.52

200 OK

14 kB

URL GET HTTP/1.1
49.124.149.52/lib/layui-v2.6.3/css/modules/layer/default/layer.css?v=3.3.0
IP
49.124.149.52:80
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

Requested by
http://49.124.149.52/

File type
ASCII text, with very long lines (14345), with no line terminators
Size
14 kB (14345 bytes)
Hash
c3fc7f335d28bd01e17a86a4d83a5d5d
8ffab5461a857aab5314bf01eaabf2d7ae438133
7e39ff98d4f7934336d2d61640e4de1cd6a0345a260c1b2da80609fc8524ec32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/layui-v2.6.3/css/modules/layer/default/layer.css?v=3.3.0 HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:17 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/css
Accept-Range: bytes
Content-Length: 14345
filename: /opt/web/ipchtml/lib/layui-v2.6.3/css/modules/layer/default/layer.css

49.124.149.52/images/icon-login.png

49.124.149.52

200 OK

2.8 kB

URL GET HTTP/1.1
49.124.149.52/images/icon-login.png
IP
49.124.149.52:80
ASN
#4818 DiGi Telecommunications Sdn. Bhd.

Requested by
http://49.124.149.52/

File type
PNG image data, 148 x 142, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2791 bytes)
Hash
21ca4721b87313eff3c61fecb9c35abc
c08d1a3c4a2b0ba35e45c5d45959c978afd05de9
7d2eeb972174c5cd9eb67cf190973e2c3219187daf5bc10c7c607d7f54910f94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/icon-login.png HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:38:18 GMT
Server: IpcWeb
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
Accept-Range: bytes
Content-Length: 2791
filename: /opt/web/ipchtml/images/icon-login.png

49.124.149.52/favicon.ico

0.0.0.0

0 B

URL GET
49.124.149.52/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
http://49.124.149.52/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

49.124.149.52/images/loginbg.png

0.0.0.0

0 B

URL GET
49.124.149.52/images/loginbg.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://49.124.149.52/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loginbg.png HTTP/1.1
Host: 49.124.149.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.124.149.52/
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type