Report - 152.253.123.144/

Report Overview

Submitted URL
152.253.123.144/
IP
152.253.123.144
ASN
#26599 TELEFONICA BRASIL S.A
Submitted
2024-05-04 10:24:28
Access
public
Website Title
Faça login no seu MDVR
Final URL
152.253.123.144/login/default.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
152.253.123.144	unknown	unknown	No data	No data	15 kB	511 kB	152.253.123.144

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed
2024-05-04	medium	152.253.123.144	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	152.253.123.144/login/default.html	0 B	2023-03-07	2024-05-18
Pretty URL 152.253.123.144/login/default.html IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 06:17:46 Times Seen37771079 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	152.253.123.144/language/portuguese/lang.js?_=N9M2.0_2024050410241062	164 kB	2024-05-04	2024-05-04
Pretty URL 152.253.123.144/language/portuguese/lang.js?_=N9M2.0_2024050410241062 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 12:24:35 Last Seen2024-05-04 12:24:35 Times Seen1 Hash 75b0764445f2ab5e4252c5830d132864 562b842e3a17e165ef0ab29c317acf439f5a6b09 2a6923a7d1db5838dae117b6313045eaed42d90fa663b93290e20e3d5c6ca945 Loading...

	152.253.123.144/third-resource/public.js?_=V357	3.5 kB	2024-05-04	2024-05-04
Pretty URL 152.253.123.144/third-resource/public.js?_=V357 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 12:24:35 Last Seen2024-05-04 12:24:35 Times Seen3 Hash 5940f81dbb29bff0ab7bf95da6a38427 de5a1ebe780ea8197e08c7471e35120348d6a7a1 01598c5c133792648b9333825cac724de0dae32be5d307c400ba6536908a72ae Loading...

	152.253.123.144/login/default.html	0 B	2023-03-07	2024-05-18
Pretty URL 152.253.123.144/login/default.html IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 06:17:46 Times Seen37771079 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836	97 kB	2023-03-07	2024-05-18
Pretty URL 152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-18 04:53:54 Times Seen119825 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887	116 kB	2023-12-22	2024-05-04
Pretty URL 152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 23:29:02 Last Seen2024-05-04 12:24:35 Times Seen3 Hash 0d78a94c3480d28fcabb74545a86015d 9d8e5caa82f30077c5522bc620324a348997f576 502df2ed606ce8f9c98f3ee9c8c551041ba1778a8677090ab89df5ea9ff3efed Loading...

	152.253.123.144/login/script/default.js?_=N9M2.0_2024050410240960	4.0 kB	2023-12-22	2024-05-04
Pretty URL 152.253.123.144/login/script/default.js?_=N9M2.0_2024050410240960 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 23:29:02 Last Seen2024-05-04 12:24:35 Times Seen6 Hash 9431749956e8df379979080819a049dd 7f1963ba0e988ed25d750b621ac4e766f1ae37ac d205dff4129966f60a357cb6f442bcd5955e6ff1b079f7c8b31f567d08e8a14f Loading...

	152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240966	54 kB	2024-05-04	2024-05-04
Pretty URL 152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240966 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 12:24:35 Last Seen2024-05-04 12:24:35 Times Seen3 Hash a63034c9ca567e5dc339e314e6068f9c f92d03f570e7c79aa6167e055dfa536cad17476b e72e257285e3e3a157215e9eac1c82df65bdcf0c85d68d08b37392e287363935 Loading...

	152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240992	9.4 kB	2023-12-22	2024-05-04
Pretty URL 152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240992 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 23:29:02 Last Seen2024-05-04 12:24:35 Times Seen9 Hash 644321977ec1ece2ef2ab2ed97344506 afdbf33df03c4bd53f017cb40c8dfacceed8d557 b93e2ee92a3a617eb7f41678603d820773251d5aaa1498320b1c4eb3eb1b0815 Loading...

	152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240952	8.0 kB	2024-05-04	2024-05-04
Pretty URL 152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240952 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 12:24:35 Last Seen2024-05-04 12:24:35 Times Seen3 Hash ea9f6904052ce6c06b7e3c9f9a23acf9 242228d0b5f68b57f18688574bb3c7b2d949d45c 60c6d4d2d7fa8308e8fa2252c8d08a1644f4cf2b0bd2d06d9f571e1495de8513 Loading...

	152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240960	25 kB	2023-12-22	2024-05-04
Pretty URL 152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240960 IP 152.253.123.144 ASN #26599 TELEFONICA BRASIL S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 23:29:02 Last Seen2024-05-04 12:24:35 Times Seen9 Hash e210a158f85f5ce718800f6be51b79f9 8d63d64041d5844c8bf28ccc1a137190160ea41e 9355959f21bb55e21f25f643d9f696ab2b26859d6be00d7dea4c4b8f5574232a Loading...

		Size	First Seen	Last Seen
	#1 Write - 52a3f6482b9319999450841b1b696cfb	117 B	2023-03-13	2024-05-04
Pretty Observations First Seen2023-03-13 05:40:20 Last Seen2024-05-04 12:24:35 Times Seen4 Hash 52a3f6482b9319999450841b1b696cfb dfc8ba23db4562c5605ae227ca05404b9d328e40 ece9add2596b4e24283599321b4c348cd52aac53383e473fe172e9268a96026d Loading...

HTTP Transactions (38)

URL IP Response Size

152.253.123.144/

152.253.123.144

1.3 kB

URL
152.253.123.144/
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1345 bytes)
Hash
9741860d6858e8da6551fac12b236428
9ae2c80ac360e212ca82eacde053934d06f5f783
ab7d2392b16cef13340f267a31a7f0facddf713730d389dc10335c7952038d53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: text/html
Content-Length: 1345
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-541"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/public.js?_=V357

152.253.123.144

200 OK

1.4 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/public.js?_=V357
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (3517), with no line terminators
Size
1.4 kB (1427 bytes)
Hash
5940f81dbb29bff0ab7bf95da6a38427
de5a1ebe780ea8197e08c7471e35120348d6a7a1
01598c5c133792648b9333825cac724de0dae32be5d307c400ba6536908a72ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/public.js?_=V357 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: application/javascript
Content-Length: 1427
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-593"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240430

152.253.123.144

2.9 kB

URL
152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240430
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (12742), with no line terminators
Size
2.9 kB (2921 bytes)
Hash
4a2f647ec3ef7a7bec7d8ab9a4612bfa
ab342d6e49f7c2c0a06cd4242027062a2a651f68
151241637335fab86dfb1cde2f30f5cdca89148f4efefc8ddef29d389a99eff2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240430 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: text/css
Content-Length: 2921
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b69"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458

152.253.123.144

6.9 kB

URL
152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (30362)
Size
6.9 kB (6854 bytes)
Hash
3b6bc888fd2831221332309b94d8adc8
f31bfecadfc05f0c4de17fe63c9f1ce143e1deea
5edba368450cfa6a4a61e20c5b0b5ca64abb41eb905b6b608dbdbc8acadfee42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: text/css
Content-Length: 6854
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1ac6"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240444

152.253.123.144

4.6 kB

URL
152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240444
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (25003), with no line terminators
Size
4.6 kB (4646 bytes)
Hash
5c36402baf74fc4d67a158dc72431c2b
28d0c584a7a90614286998c71b313e705afe8502
34343057b5fd086f9d49a9bd74fa45ebca18184d32b2f12749e0381aaf8f57d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/components.css?_=N9M2.0_2024050410240444 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/css
Content-Length: 4646
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1226"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/index/style/default.css?_=N9M2.0_2024050410240493

152.253.123.144

470 B

URL
152.253.123.144/index/style/default.css?_=N9M2.0_2024050410240493
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (1057), with no line terminators
Size
470 B (470 bytes)
Hash
1dfa956b81173b21a2ef996573d23d62
bdf64bd4b684bfe3bce6434534888c333fda8245
edb4d3da1536f006f42f02ce573bbfd957212d6d5c6d024e6ca09cd3ea8c50a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/style/default.css?_=N9M2.0_2024050410240493 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/css
Content-Length: 470
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1d6"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240498

152.253.123.144

2.0 kB

URL
152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240498
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (10541), with no line terminators
Size
2.0 kB (1983 bytes)
Hash
56bcd0917b69e97fe526759e26779906
e5be5c04dbb9f5b83a361cf101e409a2fe91d981
bed5006479975a87b876cebccc615d7c90d3ba6811229b81b959afb0188b5fda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240498 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/css
Content-Length: 1983
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7bf"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240429

152.253.123.144

34 kB

URL
152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240429
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33759 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240429 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: application/javascript
Content-Length: 33759
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-83df"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/favicon.ico

152.253.123.144

404 Not Found

169 B

URL GET HTTP/1.1
152.253.123.144/favicon.ico
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
ca8bba226fc38384d4e889ff1e5f0b02
8dc2ae5a396686aba485bec7815e8fc8a6e12be5
6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240556

152.253.123.144

30 kB

URL
152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240556
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
HTML document, Unicode text, UTF-8 text, with very long lines (32123)
Size
30 kB (29464 bytes)
Hash
729db381e762609d7925e40558797a1e
6477a214126fa9345a6ffd0a3cb16afefa0271dd
31ae3d40a3fcb9024eb6247a5753d280f16cf1e998cdecc5ec8383e22eb152b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240556 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: application/javascript
Content-Length: 29464
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7318"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

152.253.123.144

200 OK

77 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77197 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: application/octet-stream
Content-Length: 77197
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-12d8d"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240647

152.253.123.144

2.9 kB

URL
152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240647
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
JavaScript source, ASCII text, with very long lines (9424), with no line terminators
Size
2.9 kB (2919 bytes)
Hash
644321977ec1ece2ef2ab2ed97344506
afdbf33df03c4bd53f017cb40c8dfacceed8d557
b93e2ee92a3a617eb7f41678603d820773251d5aaa1498320b1c4eb3eb1b0815

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/app.js?_=N9M2.0_2024050410240647 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 2919
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b67"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240670

152.253.123.144

1.4 kB

URL
152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240670
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
JavaScript source, ASCII text, with very long lines (8006), with no line terminators
Size
1.4 kB (1361 bytes)
Hash
ea9f6904052ce6c06b7e3c9f9a23acf9
242228d0b5f68b57f18688574bb3c7b2d949d45c
60c6d4d2d7fa8308e8fa2252c8d08a1644f4cf2b0bd2d06d9f571e1495de8513

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/app-product.js?_=N9M2.0_2024050410240670 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 1361
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-551"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240698

152.253.123.144

8.0 kB

URL
152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240698
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (25364), with no line terminators
Size
8.0 kB (7950 bytes)
Hash
e210a158f85f5ce718800f6be51b79f9
8d63d64041d5844c8bf28ccc1a137190160ea41e
9355959f21bb55e21f25f643d9f696ab2b26859d6be00d7dea4c4b8f5574232a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/securitymethod.js?_=N9M2.0_2024050410240698 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 7950
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-1f0e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/index/script/default.js?_=N9M2.0_2024050410240666

152.253.123.144

2.6 kB

URL
152.253.123.144/index/script/default.js?_=N9M2.0_2024050410240666
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
JavaScript source, ASCII text, with very long lines (7999), with no line terminators
Size
2.6 kB (2590 bytes)
Hash
efc06cf8ff906c1686b4e220c11b2c1f
21122671183c70c585b7e14bd5a519c4a4f30047
e1efcd25be60c6e046fdb6ae7c23d86919d70be57c352463f6e8c3fdf874be1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/script/default.js?_=N9M2.0_2024050410240666 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 2590
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-a1e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240655

152.253.123.144

15 kB

URL
152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240655
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
JavaScript source, ASCII text, with very long lines (32035)
Size
15 kB (14626 bytes)
Hash
a63034c9ca567e5dc339e314e6068f9c
f92d03f570e7c79aa6167e055dfa536cad17476b
e72e257285e3e3a157215e9eac1c82df65bdcf0c85d68d08b37392e287363935

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/app-config.js?_=N9M2.0_2024050410240655 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 14626
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-3922"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/app-dvrplug.js?_=N9M2.0_2024050410240659

152.253.123.144

1.4 kB

URL
152.253.123.144/common/app-dvrplug.js?_=N9M2.0_2024050410240659
IP
152.253.123.144:0
ASN
#26599 TELEFONICA BRASIL S.A

File type
ASCII text, with very long lines (5952), with no line terminators
Size
1.4 kB (1398 bytes)
Hash
15616bfe6fe84507f633cb74ca9294f2
4e65923db3c243694fdec7c9b2f8178710fdf3bf
3391cbccd51835d27f212f042136786a01e512a9a8f05a83b33001b18701a362

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/app-dvrplug.js?_=N9M2.0_2024050410240659 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 1398
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-576"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/login/default.html

152.253.123.144

200 OK

862 B

URL User Request GET HTTP/1.1
152.253.123.144/login/default.html
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

File type
HTML document, ASCII text
Size
862 B (862 bytes)
Hash
f05a2fae34cb7d7e50d9e000c099eb7b
590e7f8652150e52d70928bfdf3c261c2d3d292f
d80d87c072016ef4bd76eb3b387c3a93ead6e9c90937bbc41e418de7f6367442

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login/default.html HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://152.253.123.144/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:08 GMT
Content-Type: text/html
Content-Length: 862
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-35e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/public.js?_=V357

152.253.123.144

200 OK

1.4 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/public.js?_=V357
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (3517), with no line terminators
Size
1.4 kB (1427 bytes)
Hash
5940f81dbb29bff0ab7bf95da6a38427
de5a1ebe780ea8197e08c7471e35120348d6a7a1
01598c5c133792648b9333825cac724de0dae32be5d307c400ba6536908a72ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/public.js?_=V357 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:08 GMT
Content-Type: application/javascript
Content-Length: 1427
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-593"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240876

152.253.123.144

200 OK

2.9 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240876
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
ASCII text, with very long lines (12742), with no line terminators
Size
2.9 kB (2921 bytes)
Hash
4a2f647ec3ef7a7bec7d8ab9a4612bfa
ab342d6e49f7c2c0a06cd4242027062a2a651f68
151241637335fab86dfb1cde2f30f5cdca89148f4efefc8ddef29d389a99eff2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240876 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 2921
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b69"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828

152.253.123.144

200 OK

6.9 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
ASCII text, with very long lines (30362)
Size
6.9 kB (6854 bytes)
Hash
3b6bc888fd2831221332309b94d8adc8
f31bfecadfc05f0c4de17fe63c9f1ce143e1deea
5edba368450cfa6a4a61e20c5b0b5ca64abb41eb905b6b608dbdbc8acadfee42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 6854
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1ac6"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240852

152.253.123.144

200 OK

4.6 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240852
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
ASCII text, with very long lines (25003), with no line terminators
Size
4.6 kB (4646 bytes)
Hash
5c36402baf74fc4d67a158dc72431c2b
28d0c584a7a90614286998c71b313e705afe8502
34343057b5fd086f9d49a9bd74fa45ebca18184d32b2f12749e0381aaf8f57d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/components.css?_=N9M2.0_2024050410240852 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 4646
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1226"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/login/style/default.css?_=N9M2.0_2024050410240861

152.253.123.144

200 OK

580 B

URL GET HTTP/1.1
152.253.123.144/login/style/default.css?_=N9M2.0_2024050410240861
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
ASCII text, with very long lines (1267), with no line terminators
Size
580 B (580 bytes)
Hash
20b0406d238f81af41f2c780cfda1fb5
9af08fbef068e38e4c9dc9f356916e47a1cef55e
03015a2762d0f4a6ea7fddb9e1d440571bb48db40dff865cfbd2ed3d2b3247db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login/style/default.css?_=N9M2.0_2024050410240861 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 580
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-244"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240831

152.253.123.144

200 OK

2.0 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240831
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
ASCII text, with very long lines (10541), with no line terminators
Size
2.0 kB (1983 bytes)
Hash
56bcd0917b69e97fe526759e26779906
e5be5c04dbb9f5b83a361cf101e409a2fe91d981
bed5006479975a87b876cebccc615d7c90d3ba6811229b81b959afb0188b5fda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240831 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 1983
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7bf"
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836

152.253.123.144

200 OK

34 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33759 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: application/javascript
Content-Length: 33759
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-83df"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/favicon.ico

152.253.123.144

404 Not Found

169 B

URL GET HTTP/1.1
152.253.123.144/favicon.ico
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
ca8bba226fc38384d4e889ff1e5f0b02
8dc2ae5a396686aba485bec7815e8fc8a6e12be5
6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887

152.253.123.144

200 OK

30 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
HTML document, Unicode text, UTF-8 text, with very long lines (32123)
Size
30 kB (29464 bytes)
Hash
729db381e762609d7925e40558797a1e
6477a214126fa9345a6ffd0a3cb16afefa0271dd
31ae3d40a3fcb9024eb6247a5753d280f16cf1e998cdecc5ec8383e22eb152b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: application/javascript
Content-Length: 29464
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7318"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240992

152.253.123.144

200 OK

2.9 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240992
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (9424), with no line terminators
Size
2.9 kB (2919 bytes)
Hash
644321977ec1ece2ef2ab2ed97344506
afdbf33df03c4bd53f017cb40c8dfacceed8d557
b93e2ee92a3a617eb7f41678603d820773251d5aaa1498320b1c4eb3eb1b0815

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/app.js?_=N9M2.0_2024050410240992 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 2919
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b67"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240952

152.253.123.144

200 OK

1.4 kB

URL GET HTTP/1.1
152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240952
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (8006), with no line terminators
Size
1.4 kB (1361 bytes)
Hash
ea9f6904052ce6c06b7e3c9f9a23acf9
242228d0b5f68b57f18688574bb3c7b2d949d45c
60c6d4d2d7fa8308e8fa2252c8d08a1644f4cf2b0bd2d06d9f571e1495de8513

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/app-product.js?_=N9M2.0_2024050410240952 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 1361
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-551"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240966

152.253.123.144

200 OK

15 kB

URL GET HTTP/1.1
152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240966
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (32035)
Size
15 kB (14626 bytes)
Hash
a63034c9ca567e5dc339e314e6068f9c
f92d03f570e7c79aa6167e055dfa536cad17476b
e72e257285e3e3a157215e9eac1c82df65bdcf0c85d68d08b37392e287363935

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/app-config.js?_=N9M2.0_2024050410240966 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 14626
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-3922"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/login/script/default.js?_=N9M2.0_2024050410240960

152.253.123.144

200 OK

1.6 kB

URL GET HTTP/1.1
152.253.123.144/login/script/default.js?_=N9M2.0_2024050410240960
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JavaScript source, ASCII text, with very long lines (4020), with no line terminators
Size
1.6 kB (1562 bytes)
Hash
9431749956e8df379979080819a049dd
7f1963ba0e988ed25d750b621ac4e766f1ae37ac
d205dff4129966f60a357cb6f442bcd5955e6ff1b079f7c8b31f567d08e8a14f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login/script/default.js?_=N9M2.0_2024050410240960 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 1562
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-61a"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240960

152.253.123.144

200 OK

8.0 kB

URL GET HTTP/1.1
152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240960
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
ASCII text, with very long lines (25364), with no line terminators
Size
8.0 kB (7950 bytes)
Hash
e210a158f85f5ce718800f6be51b79f9
8d63d64041d5844c8bf28ccc1a137190160ea41e
9355959f21bb55e21f25f643d9f696ab2b26859d6be00d7dea4c4b8f5574232a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common/securitymethod.js?_=N9M2.0_2024050410240960 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 7950
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-1f0e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/devapi/v1/basic/systemconfig?_=1714818248971

152.253.123.144

200 OK

22 kB

URL GET HTTP/1.1
152.253.123.144/devapi/v1/basic/systemconfig?_=1714818248971
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JSON text data
Size
22 kB (21493 bytes)
Hash
5c62b4f34b30107cac10fd019940d6b6
b92103c12b0d0d0b0697d4c7f98aeeef1d2c7bc6
5d300640a64f1b5d2021d8605622b9f4715e86712d3c7b5a576f957150430a2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /devapi/v1/basic/systemconfig?_=1714818248971 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive

152.253.123.144/devapi/v1/basic/getsystemconfig?_=1714818248972

152.253.123.144

200 OK

3.4 kB

URL GET HTTP/1.1
152.253.123.144/devapi/v1/basic/getsystemconfig?_=1714818248972
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
JSON text data
Size
3.4 kB (3446 bytes)
Hash
b7f207b80969457c63c1fb8c54d83c23
664fc3c150f746bf4704713a138cf73d2c74a7be
122eaaf8e7eacc189297e7089bb1e9b7e9c38e6645590283ed6bbaf086fc8581

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /devapi/v1/basic/getsystemconfig?_=1714818248972 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive

152.253.123.144/login/image/login_logo.png?_=N9M2.0_2024050410241030

152.253.123.144

200 OK

45 kB

URL GET HTTP/1.1
152.253.123.144/login/image/login_logo.png?_=N9M2.0_2024050410241030
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
PNG image data, 250 x 195, 8-bit/color RGBA, non-interlaced
Size
45 kB (45033 bytes)
Hash
1df4c5672fd336474d99759040c8609b
604945f085993c7312e6eb276f9338eb711d89b8
4414e59ac9666a175894b2a6466d69cd8b623e8e84ff99d49a095fc61340f733

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login/image/login_logo.png?_=N9M2.0_2024050410241030 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Content-Type: image/png
Content-Length: 45033
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-afe9"
Accept-Ranges: bytes

152.253.123.144/devapi/v1/basic/getTSStatus?_=1714818248973

152.253.123.144

404 Not Found

0 B

URL GET HTTP/1.1
152.253.123.144/devapi/v1/basic/getTSStatus?_=1714818248973
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /devapi/v1/basic/getTSStatus?_=1714818248973 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive

152.253.123.144/language/portuguese/lang.js?_=N9M2.0_2024050410241062

152.253.123.144

200 OK

51 kB

URL GET HTTP/1.1
152.253.123.144/language/portuguese/lang.js?_=N9M2.0_2024050410241062
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
Unicode text, UTF-8 text, with very long lines (64165), with no line terminators
Size
51 kB (50875 bytes)
Hash
767acb0d85bc7a5dbb481c5b76756031
0a57d00ab5432cd8194e4904eb3b1d7e9976b6df
0202ffe60f34699740b80984b00a3e95a75a8a2a4036ba9de4437784c8f3b843

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /language/portuguese/lang.js?_=N9M2.0_2024050410241062 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Content-Type: application/javascript
Content-Length: 50875
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-c6bb"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes

152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

152.253.123.144

200 OK

77 kB

URL GET HTTP/1.1
152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
152.253.123.144:80
ASN
#26599 TELEFONICA BRASIL S.A

Requested by
http://152.253.123.144/login/default.html

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77197 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:12 GMT
Content-Type: application/octet-stream
Content-Length: 77197
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-12d8d"
Content-Encoding: gzip
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML