| | 166.141.99.78 | 200 OK | 8.0 kB |
URL User Request GET HTTP/1.0IP166.141.99.78:80
File typeHTML document, ASCII text, with CRLF line terminators Hash9ede8bb34b229cf364cedd4d8efff722 84301c36077653de8f763b600eeef639ef810760 1a7bdc3685a37b88a535b4b161908d528693e0e4486f179bbfe2f0f65e208b5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index.html HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:16 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:57 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 7973
Content-type: text/html
|
|
| 166.141.99.78/theme/chosen.css | 166.141.99.78 | 200 OK | 13 kB |
URL GET HTTP/1.0166.141.99.78/theme/chosen.css IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hash3cdad26eacc5d6a1a900834ee0296ae9 db5412dc6e0a7fa4dd8747d021ce0a335a577e7e 756af3be97b5e769c2e2edc85ce1ec540b1de86cd0cf574201d407a711d90939
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/chosen.css HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:17 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:57 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 13328
Content-type: text/css
|
|
| 166.141.99.78/theme/app.css | 166.141.99.78 | 200 OK | 56 kB |
URL GET HTTP/1.0166.141.99.78/theme/app.css IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hash45ac40b6d06fe76566a15d08932c715e 1508411038b6558ce7f8206a55090ea85b967fed de0d805853d85c67ce9d49e24bbeb09a833b412f59948d407011427d67009c92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/app.css HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:17 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:57 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 55898
Content-type: text/css
|
|
| 166.141.99.78/theme/bootstrap.css | 166.141.99.78 | 200 OK | 132 kB |
URL GET HTTP/1.0166.141.99.78/theme/bootstrap.css IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeASCII text, with very long lines (540) Size132 kB (131641 bytes) Hash680b9a9c76438c79ac6a099c6017a9f0 bf9b567203e711ffc0fe2c71a30477b92ce6de1e 487720cf553c8f6e6a5e0bc1476ed6d5682f74a05d12fa10441a6e117f846658
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/bootstrap.css HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:17 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:57 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 131641
Content-type: text/css
|
|
| 166.141.99.78/img/sms_unread.png | 166.141.99.78 | 200 OK | 3.2 kB |
URL GET HTTP/1.0166.141.99.78/img/sms_unread.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typePNG image data, 36 x 30, 8-bit/color RGBA, non-interlaced Hashaf750a468a48554782bce906c43e14dc f62ed27502d4ab1b9e84e88a9373c4983c81f659 28f12fe42a6bbdbece883b55ac14f6ba21787c02f5b6bcc2f9184a14a3221421
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/sms_unread.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:19 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 3238
Content-type: text/plain
|
|
| | 166.141.99.78 | | 1.6 kB |
IP166.141.99.78:0
Hashae0364fc8ca981bc3d10ea82b9e3eea1 c07d5f60401cb7aa4887a257480da4932dcc8561 ac81d0cd25d7d1b2348c7210e5835553de56df03484c3117611edb75b33e5c3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Redirect
Server: Sanechips-Webs
Date: Fri Apr 26 16:58:15 2024
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Location: http://166.141.99.78/index.html
|
|
| 166.141.99.78/img/sms_full.gif | 166.141.99.78 | 200 OK | 1.1 kB |
URL GET HTTP/1.0166.141.99.78/img/sms_full.gif IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeGIF image data, version 89a, 36 x 30 Hash7d91a191ab1c2dc585d15e4973d8c7e6 acd0509dca610df1a3c43214dcfa13a04c9dd6d9 72bae340de55d91e090e3260ae733603d93beae9f42f489d0da41462811d345d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/sms_full.gif HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:19 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 1103
Content-type: image/gif
|
|
| 166.141.99.78/img/logo_zte_4gas.png | 166.141.99.78 | 200 OK | 17 kB |
URL GET HTTP/1.0166.141.99.78/img/logo_zte_4gas.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typePNG image data, 132 x 64, 8-bit/color RGBA, non-interlaced Hashfeb83b105c0f03e8223c3a041f0480eb fc1366ac39a515136774261fc2d5b363b911fe96 4e0f8f8590030373013080e3375fe6028190effd78d8a7e56710a3cc09f36bbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/logo_zte_4gas.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:19 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 17021
Content-type: text/plain
|
|
| 166.141.99.78/img/loading.gif | 166.141.99.78 | 200 OK | 15 kB |
URL GET HTTP/1.0166.141.99.78/img/loading.gif IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeGIF image data, version 89a, 72 x 75 Hashd345fa4feb08e68a0ee0d827a763dc64 92e10f5de107cdf95a2ef491af75251a6ea5d222 f132365254ba79ff47633bc9859986e1ea6b6924c65e0101394f121ee1085694
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/loading.gif HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:19 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 15408
Content-type: image/gif
|
|
| 166.141.99.78/js/lib/require/require-jquery.js | 166.141.99.78 | 200 OK | 333 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/require/require-jquery.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text Size333 kB (332952 bytes) Hash85abe81818fc947d11d990c7618e49d1 645bedaa34118c5cff10674c37614bdc7e06e5fd ac81d2feffbebe242c0009675b439e85fba1c980b524c2b63b6272af61cf06c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/require/require-jquery.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:17 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 332952
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/main.js | 166.141.99.78 | 200 OK | 2.7 kB |
IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashbf18fda6c447bc01a50b820c87913472 bf9c9b02b7f2609ea35aa876934e41e242dc0931 94b44704c1bdbc449ca8461046c6761810a5807c92aea423337c437fadaf4174
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/main.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:20 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 2722
Content-type: application/x-javascript
|
|
| 166.141.99.78/favicon.ico | 166.141.99.78 | 200 OK | 15 kB |
URL GET HTTP/1.0166.141.99.78/favicon.ico IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hashab7d0b990d953a17ff412fa2759e71bd c05ae3e8ed4ea6d8d1aff83930a5a47fa492b1c0 2c3620e30798a7d6d47828bf7aba24cf697313503d655a2dedae01d8e4e3669a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:21 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:56 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 15086
Content-type: text/plain
|
|
| 166.141.99.78/js/config/config.js | 166.141.99.78 | 200 OK | 32 kB |
URL GET HTTP/1.0166.141.99.78/js/config/config.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash5ee9f9e21b590f78e0619ced747b491f 72b1f3b6fd63c9916c633e73447e368008d88dec c99c3a602974010fd327249f8166ec0b6cfaeaeb8c302da8dc3a9e9f5898d8ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/config.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:21 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 32369
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/util.js | 166.141.99.78 | 200 OK | 43 kB |
IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash8591d8ebaadd212f7b3ddea96b964e0a 1c36486190de2ebf8ebadc03e073c2d767b6a744 30bc08e4973018c7743d650db230461d82e87aac6d95ec74e6c43a89fc4774c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/util.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:21 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 43018
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/config/ufi/config.js | 166.141.99.78 | 200 OK | 2.0 kB |
URL GET HTTP/1.0166.141.99.78/js/config/ufi/config.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ISO-8859 text, with CRLF line terminators Hash0c740bf7fb56ee5771241a7e8146cd3c 38645d258ba75a96e8f9518962dd97fa91fabbd7 406e2058650b1043feebe9b85fd6d1f5cb097fcfe50a9c852e77796cab51fdb1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/ufi/config.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:22 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 1986
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/service.js | 166.141.99.78 | 200 OK | 248 kB |
URL GET HTTP/1.0166.141.99.78/js/service.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (335), with CRLF line terminators Size248 kB (248191 bytes) Hash5994d3e8f5d023c079af7e0c5da79541 45661801d94e6234a55e1e99b2d2af01260b9e05 54174045cf6a68dcacc67034c783f15a61fbdde931d49e1e24385cf7d8b3266f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/service.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:21 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 248191
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/underscore/underscore.js | 166.141.99.78 | 200 OK | 105 B |
URL GET HTTP/1.0166.141.99.78/js/lib/underscore/underscore.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeASCII text, with CRLF line terminators Hasha42b37e455080773851ec1f68c4fdcd6 a0707c8edb9c425d7b3138389dd0bc30b25563be 38e7ee6a2bcdc13af03a41256a9cfc9060304b7de40e34bea865fe2a2506cba5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/underscore/underscore.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:23 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 105
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/underscore/underscore-min.js | 166.141.99.78 | 200 OK | 16 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/underscore/underscore-min.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text, with very long lines (16194), with CRLF line terminators Hasha80d6d78cd069d89df3ab704727d3fea afff4c1369f6ca34ec60823d853942eac9729eba edcfd7dceda1409bd09945eda3a34e8faa4a94568d141ff4208de4c4be4f8d45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/underscore/underscore-min.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:24 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 16454
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/config/ufi/menu.js | 166.141.99.78 | 200 OK | 11 kB |
URL GET HTTP/1.0166.141.99.78/js/config/ufi/menu.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashed9f8d6ab4a57373586464ac221b28c2 02ba51feb4c4603d1ce6c2b71cbcde748919e477 30c9771c8d992515055515a8860e32390a305da588ebf61d04b3592c48aee544
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/ufi/menu.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:24 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 10853
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/app.js | 166.141.99.78 | 200 OK | 473 B |
IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashb6523ac30ea6130fdd6827e231764f91 efad185417e33d1fc646be09a0586643be225ced 451777cee5758aa0e22f094de2d0aa58288b713542209f8e54749560a1959069
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:25 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 473
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/jquery/jquery.validate.js | 166.141.99.78 | 200 OK | 38 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/jquery/jquery.validate.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1238) Hashef9fd092b21404114ddcbc7d438a58ca b7f5f6b8ba60f06024be1d0f7454eafcfba3d48f 27446e198380575b02eb882767e18f4539e4d64beef34127286a852ee783d4ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/jquery/jquery.validate.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:25 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 38440
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/jquery/jquery.i18n.properties-1.0.9.js | 166.141.99.78 | 200 OK | 18 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/jquery/jquery.i18n.properties-1.0.9.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text Hash417498dcbf52e79939d446073272e715 c47c0dbfbf7101b49e8e1ab5da6e123ef5b4c252 57f388a1588b5bcaf9c15f1d5e6eadd4ef62ada8e87a69ffe152d21047b331af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/jquery/jquery.i18n.properties-1.0.9.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:25 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 17797
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/base64.js | 166.141.99.78 | 200 OK | 3.1 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/base64.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeAlgol 68 source, ASCII text Hash6d53c0ca3e453a72b5d89c26b374ca5d b24ad60a33c5aa16e5cfdd9864743b89d29a158d 8c4ce217ddb8e87bf3da9bb034418d511ef636530fc082366b4716e43a1bcc82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/base64.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 3102
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/config/menu.js | 166.141.99.78 | 200 OK | 8.4 kB |
URL GET HTTP/1.0166.141.99.78/js/config/menu.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash3d1e07c6794a47151f7086e16d67ed45 4c898c4d6855baf7085b7829d4bfd565a3c74e66 2d3d1f55542b2e319bf9a7fbca6e1e12dc4ac7b3622b7fb6bed39ba75a173f07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/menu.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 8444
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/language.js | 166.141.99.78 | 200 OK | 2.3 kB |
URL GET HTTP/1.0166.141.99.78/js/language.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash75789902a3a1bd7c8067f8ecf1727b4f ed69add9fd8108eacf7e298afd70ba769eb3e7a2 006763edaab7782a9431efe95a7e89aaf52cea8186da3f8fda894b3f7e084d36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/language.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 2314
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/jquery/translate.js | 166.141.99.78 | 200 OK | 3.3 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/jquery/translate.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hashdaa8b652bf62b575a52967d1011eedd9 63f9feba5a5b759e03ccd02f2c0816e6aa996585 97ffb1c7cae6bea00b4653cee4e0eb04bd89cb6e186f5aed2c31478ef180c310
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/jquery/translate.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 3255
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/bootstrap.js | 166.141.99.78 | 200 OK | 61 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/bootstrap.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text Hash3d2ed11c58d1a9a839e9703b229c2e4a f62c81ea3b0eac96f75a66458e8fbc0da19d82af 0ae91d6df6770b43f52b5dfd1fb8f7031b8f9b41fd980e3671119753a6d3ed5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/bootstrap.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 61118
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/logout.js | 166.141.99.78 | 200 OK | 2.0 kB |
URL GET HTTP/1.0166.141.99.78/js/logout.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashebfcc9b0bb0cb8b1f9605e759bc17622 b502f666a1748f14f6ce7b1e633775c99c8908b8 4ca264192dfe312928ef0b99a0180c07c03f0c0d99fc27b8ecc6ed9c6ef8abf5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/logout.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 1984
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/router.js | 166.141.99.78 | 200 OK | 10 kB |
URL GET HTTP/1.0166.141.99.78/js/router.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hashec534c0ea4ae73bea02722d92acea974 7afe5da5ae1b9e68d2cd4468be1c4c82f552451e e967af44790f9bbb0686b5beea0d32b483e9db0162010631780f25b08cb9146e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/router.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 10125
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/knockout/knockout.js | 166.141.99.78 | 200 OK | 564 B |
URL GET HTTP/1.0166.141.99.78/js/lib/knockout/knockout.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeASCII text, with CRLF line terminators Hash8e37acda1a431e8e2ae04e3eb6dc2f81 5a926588501aa01a3e28973c741a67ead828ca9b c5d157f2f5c0382496c0e2d3ed73b2fa671da3b297d6d347863b11e63ff5946a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/knockout/knockout.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 564
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/status/statusBar.js | 166.141.99.78 | 200 OK | 53 kB |
URL GET HTTP/1.0166.141.99.78/js/status/statusBar.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash816dbbc6588685aa46613d834aedbb30 4bf7dddb16544044dd85317288d8f7d6c1829776 8e0253f867ec72b449f6e0c21cc2a97407d1a9c375ae64d7ec46a7fb684c05e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/status/statusBar.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:54 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 53342
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/jquery/jquery.simplemodal-1.4.2.js | 166.141.99.78 | 200 OK | 23 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/jquery/jquery.simplemodal-1.4.2.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text, with CRLF line terminators Hash1a98e98a283a9c938d13a38252c89f18 876f30c548c7dcff49b55a7523773e2870c3131b 3720190b00b03174c681f649803a30b34c6e3046fd9b1d5b7a2b1099a014ed7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/jquery/jquery.simplemodal-1.4.2.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:26 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 23447
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/jquery/jquery.tmpl.min.js | 166.141.99.78 | 200 OK | 6.1 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/jquery/jquery.tmpl.min.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text, with very long lines (5869) Hash27bc9d7d86250652e125896d94b18764 c4671823949d127df1151ec12ece59833db7659d af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/jquery/jquery.tmpl.min.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:27 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 6121
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/login.js | 166.141.99.78 | 200 OK | 16 kB |
URL GET HTTP/1.0166.141.99.78/js/login.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash9db5711d4a55366ed874c75e37707872 2967685291ae34184e5a0a893975370cc4170692 87447af49a9616f954343efb97aff7b4ef0a727ee687624c484eab60d0d08373
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/login.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:27 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 15689
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/jquery/additional-methods.js | 166.141.99.78 | 200 OK | 29 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/jquery/additional-methods.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1239) Hash9700608356b8619c014410618620bab7 7f07c79253aa6c5253de33e09fe3e9d3bee39009 1c3af6f55f1f8f3a3ff5b91498a068439768f6f8a00a25d6c147b9be8554d0e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/jquery/additional-methods.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:27 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 29059
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/tooltip.js | 166.141.99.78 | 200 OK | 2.1 kB |
URL GET HTTP/1.0166.141.99.78/js/tooltip.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hashf7dbb6ee0df46f4dfe65859305c2ddb4 d447d75aa1773ed7fe37473f29538c481c0e378a df3a671ab125a863dc1ef3efddc42828121f7fe14ec9b6a0b923c9c399649edb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/tooltip.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:28 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:53 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 2112
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/knockout/knockout-3.4.2.js | 166.141.99.78 | 200 OK | 60 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/knockout/knockout-3.4.2.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text, with very long lines (644) Hashe956a74c005b7a243f0884d67e60f8f3 c4fda6eee21550785a1c89ce291a2d3072e0ed9b a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/knockout/knockout-3.4.2.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:28 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 60354
Content-type: application/x-javascript
|
|
| 166.141.99.78/js/lib/knockout/knockout.simpleGrid.js | 166.141.99.78 | 200 OK | 27 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/knockout/knockout.simpleGrid.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (449) Hash0b0d9531269927d97532440f584a980c d925b763bb6baf69b5d8f9e5e37699960cf83917 84d1872cf8c1c9fc0955a3bb0b9c13774726b0115507a5cdba79e5822c076be7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/knockout/knockout.simpleGrid.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:29 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 26573
Content-type: application/x-javascript
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168703740 | 166.141.99.78 | 200 OK | 79 kB |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168703740 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeNew Line Delimited JSON text data Hasha5d73618899d620dd22c5c6cac0f942e 1324740e03add9a7979a6e4574c3122145297afc 7f383401c4c3892fd2d499c59fbbd4cf74d10fd39c7e2cef76379de5fbe5a4c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168703740 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/js/lib/require/text.js | 166.141.99.78 | 200 OK | 3.1 kB |
URL GET HTTP/1.0166.141.99.78/js/lib/require/text.js IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeJavaScript source, ASCII text, with very long lines (524) Hash9c480990d09ac458e8589fbc5ca71fca bd1790f313edd6b2c0ffae10d9f5a19dfefb0f0c cdfa4ab2935f048afc465d600064c6ceb7a965f454be01156dacb6609e3aa835
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/lib/require/text.js HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:31 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:52 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 3122
Content-type: application/x-javascript
|
|
| 166.141.99.78/img/confirm.png | 166.141.99.78 | 200 OK | 5.3 kB |
URL GET HTTP/1.0166.141.99.78/img/confirm.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash64f36a8ee8159e8d5de8d1ba84e34244 c06ec34ab7e5bc319efd9592322bac091392aeaa 60754836faba121a9126a26bda04c107b3be3bfd11c02b5b0fd438bec945f30f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/confirm.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:31 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 5251
Content-type: text/plain
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168705384 | 166.141.99.78 | 200 OK | 4.7 kB |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168705384 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hash9958269351ac5de6983a541ad5395dee ff6dffc8b5bfe7f42617692367de46bba9152897 4336e75baed112b21fb5b2a02a2e761e116447300feec83eb0d694421f8d31cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168705384 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168707155 | 166.141.99.78 | 200 OK | 2.2 kB |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168707155 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hash5f7049e3d83df7f447a5f1000b39689c 32808ef19d8989f080fb5b1d33d3dbe298b5e0d8 fba113a935a7d5ce5bbe7de323d09030ac706c800cf72819a2f71ef96602c241
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168707155 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/img/login-bg.png | 166.141.99.78 | 200 OK | 14 kB |
URL GET HTTP/1.0166.141.99.78/img/login-bg.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typePNG image data, 1 x 518, 8-bit/color RGB, non-interlaced Hashe6aeb8998494917b2af716fd11abb760 75a17217299c0f43749fd3856c55ab014b305f01 47b10a678f87de10fd3cdff3de5446e90ff7c41b970513b49bb36722e7d6883e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/login-bg.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/theme/app.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:31 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 14524
Content-type: text/plain
|
|
| 166.141.99.78/tmpl/login.html | 166.141.99.78 | 200 OK | 5.7 kB |
URL GET HTTP/1.0166.141.99.78/tmpl/login.html IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeHTML document, ASCII text, with CRLF line terminators Hash463a951baff5a5da2cabbe1b1cf98ee0 c00d2f2d83db89a231979251ed0669b4b0812895 83e9a078448133ef2b361a4ca86da3de4c7b2db69565df2ab43f2fe8d1075fdc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tmpl/login.html HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:31 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:56 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 5656
Content-type: text/html
|
|
| 166.141.99.78/img/icon_red.png | 166.141.99.78 | 200 OK | 339 B |
URL GET HTTP/1.0166.141.99.78/img/icon_red.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typePNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced Hash01dd61774c0b87b200373da8668695af ba4b38517da5a0c82f120cfef59ae412ea35da14 eff5e832428b9fa79bd0581578870bf7705d10ce292cc88c1d8cc345e47efc43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icon_red.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:32 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:56 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 339
Content-type: text/plain
|
|
| 166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=update_type&_=1714168711504 | 166.141.99.78 | 200 OK | 3.1 kB |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=update_type&_=1714168711504 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hash9592059f88f99cc8b064a03b8a7e9bdc 682477a64eadbdee3271db7387d4cb9e921f0540 164e1dd10ad0476899e00b1fed21229f8e924defa8f95d36ff4618cc5f6ab93c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?isTest=false&cmd=update_type&_=1714168711504 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/img/battery_out.png | 166.141.99.78 | 200 OK | 3.0 kB |
URL GET HTTP/1.0166.141.99.78/img/battery_out.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typePNG image data, 40 x 30, 8-bit/color RGBA, non-interlaced Hash8144cf8d6f1e8da84938a24dbc1f8ec5 8c4f1771bd6b7432e8717a0bf26842a0bf599c3a 9a42dd8891d58b40ddfe02dcc25e677c536361c4be567c104da677f96d495154
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/battery_out.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:32 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 3036
Content-type: text/plain
|
|
| 166.141.99.78/img/sim_detected.png | 166.141.99.78 | 200 OK | 3.1 kB |
URL GET HTTP/1.0166.141.99.78/img/sim_detected.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hashf7f0455f96237d33df829877c704b808 626010fcb67aeb0fead92ba8deea7a166b57ff50 9b45989ad0c4b5b1c7bba9bd02c52b0cb73e6c83ea2e22c40ecdbf1e1b8820a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/sim_detected.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:32 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 3076
Content-type: text/plain
|
|
| 166.141.99.78/goform/goform_get_cmd_process?isTest=false&multi_data=1&cmd=blc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cppp_status%2Crj45_state%2Cethwan_mode&_=1714168708283 | 166.141.99.78 | 200 OK | 128 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?isTest=false&multi_data=1&cmd=blc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cppp_status%2Crj45_state%2Cethwan_mode&_=1714168708283 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with no line terminators Hash1ecc0363b705bd8032136083a23b7562 3da1b0cdacb92da9d5b0756e813fc170e5614414 830829071a36196095b669c15700013238d08088a6fea500b1e309dd2dfa4824
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?isTest=false&multi_data=1&cmd=blc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cppp_status%2Crj45_state%2Cethwan_mode&_=1714168708283 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/img/update.gif | 166.141.99.78 | 200 OK | 1.4 kB |
URL GET HTTP/1.0166.141.99.78/img/update.gif IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typeGIF image data, version 89a, 23 x 30 Hash24c04b1d48fe82b820dcaefe0e78a9a3 5b1e4dac2063374f024fb640bcf908b0866d6677 9ebe4720538a723de12d33f4cc354ab6a7ca3c657d9fab70cb0ab80bd4a6db23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/update.gif HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:19 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 1355
Content-type: image/gif
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168714887 | 0.0.0.0 | | 0 B |
URL GET 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168714887 IP0.0.0.0:0
Requested byhttp://166.141.99.78/index.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168714887 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 166.141.99.78/i18n/Messages_zh-cn.properties | 166.141.99.78 | 200 OK | 79 kB |
URL GET HTTP/1.0166.141.99.78/i18n/Messages_zh-cn.properties IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /i18n/Messages_zh-cn.properties HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:30 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:56 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 78999
Content-type: text/plain
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168710332 | 166.141.99.78 | 200 OK | 286 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168710332 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with very long lines (334), with no line terminators Hash6610884ac68eb037dcbf9f257bf88a2b f777c43021b7a1a3d2f0613c2a646cad803bd12c 44d21bae1b21f6bc6d10104e6106cc633ec67279b66914e8996f1c086fa0b330
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168710332 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=Language&multi_data=1&_=1714168708570 | 166.141.99.78 | 200 OK | 20 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=Language&multi_data=1&_=1714168708570 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with no line terminators Hash8275351b3a70a9ae4d664fecc9c5c84b 8d28277cf8174c9e56c746f3213b5c3713f8db43 f5b9f413453038be9500638211bfe5a106bd9c85756ea05531b0c1af716063e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?isTest=false&cmd=Language&multi_data=1&_=1714168708570 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168712047 | 166.141.99.78 | 200 OK | 286 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168712047 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with very long lines (334), with no line terminators Hash6610884ac68eb037dcbf9f257bf88a2b f777c43021b7a1a3d2f0613c2a646cad803bd12c 44d21bae1b21f6bc6d10104e6106cc633ec67279b66914e8996f1c086fa0b330
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168712047 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/img/info.png | 166.141.99.78 | 200 OK | 1.9 kB |
URL GET HTTP/1.0166.141.99.78/img/info.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hash16c3e1856d4419495388e8a8737b9274 eb2f7a7cf66beaafb0cce6da7c585e223873db32 457371ff59f8f393d90aa53dd4090d2a493eccd0399b10382f41a55d01cb80f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/info.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:31 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 1937
Content-type: text/plain
|
|
| 166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168713598 | 166.141.99.78 | 200 OK | 286 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168713598 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with very long lines (334), with no line terminators Hash6610884ac68eb037dcbf9f257bf88a2b f777c43021b7a1a3d2f0613c2a646cad803bd12c 44d21bae1b21f6bc6d10104e6106cc633ec67279b66914e8996f1c086fa0b330
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?multi_data=1&isTest=false&cmd=modem_main_state%2Cpin_status%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cloginfo%2Cfota_new_version_state%2Cfota_current_upgrade_state%2Cfota_upgrade_selector%2Cnetwork_provider%2Cis_mandatory%2Csta_count%2Cm_sta_count&_=1714168713598 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=modem_main_state%2Cpuknumber%2Cpinnumber%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cpsw_fail_num_str%2Clogin_lock_time&multi_data=1&_=1714168711194 | 166.141.99.78 | 200 OK | 173 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=modem_main_state%2Cpuknumber%2Cpinnumber%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cpsw_fail_num_str%2Clogin_lock_time&multi_data=1&_=1714168711194 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with no line terminators Hash4e40b866e97eb66770749b92a955df0e e42ec98afeadd26bdeff1aa2b15300a348cda1c5 e9987db8926a19c0202c3d0a500e09273ba89cdcaa5b7b78e3c141ed4de3e054
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?isTest=false&cmd=modem_main_state%2Cpuknumber%2Cpinnumber%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cpsw_fail_num_str%2Clogin_lock_time&multi_data=1&_=1714168711194 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=modem_main_state%2Cpuknumber%2Cpinnumber%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cpsw_fail_num_str%2Clogin_lock_time&multi_data=1&_=1714168711437 | 166.141.99.78 | 200 OK | 173 B |
URL GET HTTP/1.1166.141.99.78/goform/goform_get_cmd_process?isTest=false&cmd=modem_main_state%2Cpuknumber%2Cpinnumber%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cpsw_fail_num_str%2Clogin_lock_time&multi_data=1&_=1714168711437 IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
File typetroff or preprocessor input, ASCII text, with no line terminators Hash4e40b866e97eb66770749b92a955df0e e42ec98afeadd26bdeff1aa2b15300a348cda1c5 e9987db8926a19c0202c3d0a500e09273ba89cdcaa5b7b78e3c141ed4de3e054
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /goform/goform_get_cmd_process?isTest=false&cmd=modem_main_state%2Cpuknumber%2Cpinnumber%2Cblc_wan_mode%2Cblc_wan_auto_mode%2Cpsw_fail_num_str%2Clogin_lock_time&multi_data=1&_=1714168711437 HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sanechips-Webs
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
|
|
| 166.141.99.78/img/alert.png | 166.141.99.78 | 200 OK | 4.5 kB |
URL GET HTTP/1.0166.141.99.78/img/alert.png IP166.141.99.78:80
Requested byhttp://166.141.99.78/index.html
Hashc078e31fee375c5e1a7f8bc8491b9089 b93d234a37b649a34cef6d46972738a930b50658 4deebf70e66ad585900eaee63f03a827f6e27c593b2d8348b5992c032c7bab07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/alert.png HTTP/1.1
Host: 166.141.99.78
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://166.141.99.78/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Fri Apr 26 16:58:31 2024
Server: Sanechips-Webs
Last-modified: Fri Dec 31 18:02:55 1999
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-cache
Content-length: 4454
Content-type: text/plain
|
|