| 152.253.123.144/ | 152.253.123.144 | | 1.3 kB |
IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash9741860d6858e8da6551fac12b236428 9ae2c80ac360e212ca82eacde053934d06f5f783 ab7d2392b16cef13340f267a31a7f0facddf713730d389dc10335c7952038d53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: text/html
Content-Length: 1345
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-541"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/public.js?_=V357 | 152.253.123.144 | 200 OK | 1.4 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/public.js?_=V357 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (3517), with no line terminators Hash5940f81dbb29bff0ab7bf95da6a38427 de5a1ebe780ea8197e08c7471e35120348d6a7a1 01598c5c133792648b9333825cac724de0dae32be5d307c400ba6536908a72ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/public.js?_=V357 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: application/javascript
Content-Length: 1427
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-593"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240430 | 152.253.123.144 | | 2.9 kB |
URL 152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240430 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (12742), with no line terminators Hash4a2f647ec3ef7a7bec7d8ab9a4612bfa ab342d6e49f7c2c0a06cd4242027062a2a651f68 151241637335fab86dfb1cde2f30f5cdca89148f4efefc8ddef29d389a99eff2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240430 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: text/css
Content-Length: 2921
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b69"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458 | 152.253.123.144 | | 6.9 kB |
URL 152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (30362) Hash3b6bc888fd2831221332309b94d8adc8 f31bfecadfc05f0c4de17fe63c9f1ce143e1deea 5edba368450cfa6a4a61e20c5b0b5ca64abb41eb905b6b608dbdbc8acadfee42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:05 GMT
Content-Type: text/css
Content-Length: 6854
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1ac6"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240444 | 152.253.123.144 | | 4.6 kB |
URL 152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240444 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (25003), with no line terminators Hash5c36402baf74fc4d67a158dc72431c2b 28d0c584a7a90614286998c71b313e705afe8502 34343057b5fd086f9d49a9bd74fa45ebca18184d32b2f12749e0381aaf8f57d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/components.css?_=N9M2.0_2024050410240444 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/css
Content-Length: 4646
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1226"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/index/style/default.css?_=N9M2.0_2024050410240493 | 152.253.123.144 | | 470 B |
URL 152.253.123.144/index/style/default.css?_=N9M2.0_2024050410240493 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (1057), with no line terminators Hash1dfa956b81173b21a2ef996573d23d62 bdf64bd4b684bfe3bce6434534888c333fda8245 edb4d3da1536f006f42f02ce573bbfd957212d6d5c6d024e6ca09cd3ea8c50a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/style/default.css?_=N9M2.0_2024050410240493 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/css
Content-Length: 470
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1d6"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240498 | 152.253.123.144 | | 2.0 kB |
URL 152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240498 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (10541), with no line terminators Hash56bcd0917b69e97fe526759e26779906 e5be5c04dbb9f5b83a361cf101e409a2fe91d981 bed5006479975a87b876cebccc615d7c90d3ba6811229b81b959afb0188b5fda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240498 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/css
Content-Length: 1983
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7bf"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240429 | 152.253.123.144 | | 34 kB |
URL 152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240429 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeJavaScript source, ASCII text, with very long lines (32077) Hash4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240429 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: application/javascript
Content-Length: 33759
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-83df"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/favicon.ico | 152.253.123.144 | 404 Not Found | 169 B |
URL GET HTTP/1.1152.253.123.144/favicon.ico IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeHTML document, ASCII text, with CRLF line terminators Hashca8bba226fc38384d4e889ff1e5f0b02 8dc2ae5a396686aba485bec7815e8fc8a6e12be5 6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
|
|
| 152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240556 | 152.253.123.144 | | 30 kB |
URL 152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240556 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeHTML document, Unicode text, UTF-8 text, with very long lines (32123) Hash729db381e762609d7925e40558797a1e 6477a214126fa9345a6ffd0a3cb16afefa0271dd 31ae3d40a3fcb9024eb6247a5753d280f16cf1e998cdecc5ec8383e22eb152b0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240556 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: application/javascript
Content-Length: 29464
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7318"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 | 152.253.123.144 | 200 OK | 77 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240458
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:06 GMT
Content-Type: application/octet-stream
Content-Length: 77197
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-12d8d"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240647 | 152.253.123.144 | | 2.9 kB |
URL 152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240647 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeJavaScript source, ASCII text, with very long lines (9424), with no line terminators Hash644321977ec1ece2ef2ab2ed97344506 afdbf33df03c4bd53f017cb40c8dfacceed8d557 b93e2ee92a3a617eb7f41678603d820773251d5aaa1498320b1c4eb3eb1b0815
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/app.js?_=N9M2.0_2024050410240647 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 2919
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b67"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240670 | 152.253.123.144 | | 1.4 kB |
URL 152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240670 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeJavaScript source, ASCII text, with very long lines (8006), with no line terminators Hashea9f6904052ce6c06b7e3c9f9a23acf9 242228d0b5f68b57f18688574bb3c7b2d949d45c 60c6d4d2d7fa8308e8fa2252c8d08a1644f4cf2b0bd2d06d9f571e1495de8513
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/app-product.js?_=N9M2.0_2024050410240670 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 1361
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-551"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240698 | 152.253.123.144 | | 8.0 kB |
URL 152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240698 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (25364), with no line terminators Hashe210a158f85f5ce718800f6be51b79f9 8d63d64041d5844c8bf28ccc1a137190160ea41e 9355959f21bb55e21f25f643d9f696ab2b26859d6be00d7dea4c4b8f5574232a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/securitymethod.js?_=N9M2.0_2024050410240698 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 7950
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-1f0e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/index/script/default.js?_=N9M2.0_2024050410240666 | 152.253.123.144 | | 2.6 kB |
URL 152.253.123.144/index/script/default.js?_=N9M2.0_2024050410240666 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeJavaScript source, ASCII text, with very long lines (7999), with no line terminators Hashefc06cf8ff906c1686b4e220c11b2c1f 21122671183c70c585b7e14bd5a519c4a4f30047 e1efcd25be60c6e046fdb6ae7c23d86919d70be57c352463f6e8c3fdf874be1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/script/default.js?_=N9M2.0_2024050410240666 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 2590
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-a1e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240655 | 152.253.123.144 | | 15 kB |
URL 152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240655 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeJavaScript source, ASCII text, with very long lines (32035) Hasha63034c9ca567e5dc339e314e6068f9c f92d03f570e7c79aa6167e055dfa536cad17476b e72e257285e3e3a157215e9eac1c82df65bdcf0c85d68d08b37392e287363935
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/app-config.js?_=N9M2.0_2024050410240655 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 14626
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-3922"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/app-dvrplug.js?_=N9M2.0_2024050410240659 | 152.253.123.144 | | 1.4 kB |
URL 152.253.123.144/common/app-dvrplug.js?_=N9M2.0_2024050410240659 IP152.253.123.144:0 ASN#26599 TELEFONICA BRASIL S.A
File typeASCII text, with very long lines (5952), with no line terminators Hash15616bfe6fe84507f633cb74ca9294f2 4e65923db3c243694fdec7c9b2f8178710fdf3bf 3391cbccd51835d27f212f042136786a01e512a9a8f05a83b33001b18701a362
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/app-dvrplug.js?_=N9M2.0_2024050410240659 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:07 GMT
Content-Type: application/javascript
Content-Length: 1398
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-576"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/login/default.html | 152.253.123.144 | 200 OK | 862 B |
URL User Request GET HTTP/1.1152.253.123.144/login/default.html IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
File typeHTML document, ASCII text Hashf05a2fae34cb7d7e50d9e000c099eb7b 590e7f8652150e52d70928bfdf3c261c2d3d292f d80d87c072016ef4bd76eb3b387c3a93ead6e9c90937bbc41e418de7f6367442
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login/default.html HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://152.253.123.144/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:08 GMT
Content-Type: text/html
Content-Length: 862
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-35e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/public.js?_=V357 | 152.253.123.144 | 200 OK | 1.4 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/public.js?_=V357 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (3517), with no line terminators Hash5940f81dbb29bff0ab7bf95da6a38427 de5a1ebe780ea8197e08c7471e35120348d6a7a1 01598c5c133792648b9333825cac724de0dae32be5d307c400ba6536908a72ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/public.js?_=V357 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:08 GMT
Content-Type: application/javascript
Content-Length: 1427
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-593"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240876 | 152.253.123.144 | 200 OK | 2.9 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240876 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeASCII text, with very long lines (12742), with no line terminators Hash4a2f647ec3ef7a7bec7d8ab9a4612bfa ab342d6e49f7c2c0a06cd4242027062a2a651f68 151241637335fab86dfb1cde2f30f5cdca89148f4efefc8ddef29d389a99eff2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/lava/css/plugins.css?_=N9M2.0_2024050410240876 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 2921
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b69"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828 | 152.253.123.144 | 200 OK | 6.9 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeASCII text, with very long lines (30362) Hash3b6bc888fd2831221332309b94d8adc8 f31bfecadfc05f0c4de17fe63c9f1ce143e1deea 5edba368450cfa6a4a61e20c5b0b5ca64abb41eb905b6b608dbdbc8acadfee42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 6854
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1ac6"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240852 | 152.253.123.144 | 200 OK | 4.6 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/components.css?_=N9M2.0_2024050410240852 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeASCII text, with very long lines (25003), with no line terminators Hash5c36402baf74fc4d67a158dc72431c2b 28d0c584a7a90614286998c71b313e705afe8502 34343057b5fd086f9d49a9bd74fa45ebca18184d32b2f12749e0381aaf8f57d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/components.css?_=N9M2.0_2024050410240852 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 4646
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-1226"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/login/style/default.css?_=N9M2.0_2024050410240861 | 152.253.123.144 | 200 OK | 580 B |
URL GET HTTP/1.1152.253.123.144/login/style/default.css?_=N9M2.0_2024050410240861 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeASCII text, with very long lines (1267), with no line terminators Hash20b0406d238f81af41f2c780cfda1fb5 9af08fbef068e38e4c9dc9f356916e47a1cef55e 03015a2762d0f4a6ea7fddb9e1d440571bb48db40dff865cfbd2ed3d2b3247db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login/style/default.css?_=N9M2.0_2024050410240861 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 580
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-244"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240831 | 152.253.123.144 | 200 OK | 2.0 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240831 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeASCII text, with very long lines (10541), with no line terminators Hash56bcd0917b69e97fe526759e26779906 e5be5c04dbb9f5b83a361cf101e409a2fe91d981 bed5006479975a87b876cebccc615d7c90d3ba6811229b81b959afb0188b5fda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/themes/device.css?_=N9M2.0_2024050410240831 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/css
Content-Length: 1983
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7bf"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836 | 152.253.123.144 | 200 OK | 34 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/jquery-1.12.4.min.js?_=N9M2.0_2024050410240836 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: application/javascript
Content-Length: 33759
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-83df"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/favicon.ico | 152.253.123.144 | 404 Not Found | 169 B |
URL GET HTTP/1.1152.253.123.144/favicon.ico IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeHTML document, ASCII text, with CRLF line terminators Hashca8bba226fc38384d4e889ff1e5f0b02 8dc2ae5a396686aba485bec7815e8fc8a6e12be5 6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
|
|
| 152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887 | 152.253.123.144 | 200 OK | 30 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeHTML document, Unicode text, UTF-8 text, with very long lines (32123) Hash729db381e762609d7925e40558797a1e 6477a214126fa9345a6ffd0a3cb16afefa0271dd 31ae3d40a3fcb9024eb6247a5753d280f16cf1e998cdecc5ec8383e22eb152b0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/lava/js/plugins.js?_=N9M2.0_2024050410240887 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:09 GMT
Content-Type: application/javascript
Content-Length: 29464
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-7318"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240992 | 152.253.123.144 | 200 OK | 2.9 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/app.js?_=N9M2.0_2024050410240992 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (9424), with no line terminators Hash644321977ec1ece2ef2ab2ed97344506 afdbf33df03c4bd53f017cb40c8dfacceed8d557 b93e2ee92a3a617eb7f41678603d820773251d5aaa1498320b1c4eb3eb1b0815
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/app.js?_=N9M2.0_2024050410240992 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 2919
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-b67"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240952 | 152.253.123.144 | 200 OK | 1.4 kB |
URL GET HTTP/1.1152.253.123.144/common/app-product.js?_=N9M2.0_2024050410240952 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (8006), with no line terminators Hashea9f6904052ce6c06b7e3c9f9a23acf9 242228d0b5f68b57f18688574bb3c7b2d949d45c 60c6d4d2d7fa8308e8fa2252c8d08a1644f4cf2b0bd2d06d9f571e1495de8513
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/app-product.js?_=N9M2.0_2024050410240952 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 1361
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-551"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240966 | 152.253.123.144 | 200 OK | 15 kB |
URL GET HTTP/1.1152.253.123.144/common/app-config.js?_=N9M2.0_2024050410240966 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (32035) Hasha63034c9ca567e5dc339e314e6068f9c f92d03f570e7c79aa6167e055dfa536cad17476b e72e257285e3e3a157215e9eac1c82df65bdcf0c85d68d08b37392e287363935
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/app-config.js?_=N9M2.0_2024050410240966 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 14626
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-3922"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/login/script/default.js?_=N9M2.0_2024050410240960 | 152.253.123.144 | 200 OK | 1.6 kB |
URL GET HTTP/1.1152.253.123.144/login/script/default.js?_=N9M2.0_2024050410240960 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeJavaScript source, ASCII text, with very long lines (4020), with no line terminators Hash9431749956e8df379979080819a049dd 7f1963ba0e988ed25d750b621ac4e766f1ae37ac d205dff4129966f60a357cb6f442bcd5955e6ff1b079f7c8b31f567d08e8a14f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login/script/default.js?_=N9M2.0_2024050410240960 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 1562
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-61a"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240960 | 152.253.123.144 | 200 OK | 8.0 kB |
URL GET HTTP/1.1152.253.123.144/common/securitymethod.js?_=N9M2.0_2024050410240960 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeASCII text, with very long lines (25364), with no line terminators Hashe210a158f85f5ce718800f6be51b79f9 8d63d64041d5844c8bf28ccc1a137190160ea41e 9355959f21bb55e21f25f643d9f696ab2b26859d6be00d7dea4c4b8f5574232a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common/securitymethod.js?_=N9M2.0_2024050410240960 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:10 GMT
Content-Type: application/javascript
Content-Length: 7950
Last-Modified: Tue, 28 Nov 2023 03:32:36 GMT
Connection: keep-alive
ETag: "65655f54-1f0e"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/devapi/v1/basic/systemconfig?_=1714818248971 | 152.253.123.144 | 200 OK | 22 kB |
URL GET HTTP/1.1152.253.123.144/devapi/v1/basic/systemconfig?_=1714818248971 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
Hash5c62b4f34b30107cac10fd019940d6b6 b92103c12b0d0d0b0697d4c7f98aeeef1d2c7bc6 5d300640a64f1b5d2021d8605622b9f4715e86712d3c7b5a576f957150430a2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /devapi/v1/basic/systemconfig?_=1714818248971 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| 152.253.123.144/devapi/v1/basic/getsystemconfig?_=1714818248972 | 152.253.123.144 | 200 OK | 3.4 kB |
URL GET HTTP/1.1152.253.123.144/devapi/v1/basic/getsystemconfig?_=1714818248972 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
Hashb7f207b80969457c63c1fb8c54d83c23 664fc3c150f746bf4704713a138cf73d2c74a7be 122eaaf8e7eacc189297e7089bb1e9b7e9c38e6645590283ed6bbaf086fc8581
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /devapi/v1/basic/getsystemconfig?_=1714818248972 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| 152.253.123.144/login/image/login_logo.png?_=N9M2.0_2024050410241030 | 152.253.123.144 | 200 OK | 45 kB |
URL GET HTTP/1.1152.253.123.144/login/image/login_logo.png?_=N9M2.0_2024050410241030 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typePNG image data, 250 x 195, 8-bit/color RGBA, non-interlaced Hash1df4c5672fd336474d99759040c8609b 604945f085993c7312e6eb276f9338eb711d89b8 4414e59ac9666a175894b2a6466d69cd8b623e8e84ff99d49a095fc61340f733
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login/image/login_logo.png?_=N9M2.0_2024050410241030 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Content-Type: image/png
Content-Length: 45033
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-afe9"
Accept-Ranges: bytes
|
|
| 152.253.123.144/devapi/v1/basic/getTSStatus?_=1714818248973 | 152.253.123.144 | 404 Not Found | 0 B |
URL GET HTTP/1.1152.253.123.144/devapi/v1/basic/getTSStatus?_=1714818248973 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /devapi/v1/basic/getTSStatus?_=1714818248973 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| 152.253.123.144/language/portuguese/lang.js?_=N9M2.0_2024050410241062 | 152.253.123.144 | 200 OK | 51 kB |
URL GET HTTP/1.1152.253.123.144/language/portuguese/lang.js?_=N9M2.0_2024050410241062 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeUnicode text, UTF-8 text, with very long lines (64165), with no line terminators Hash767acb0d85bc7a5dbb481c5b76756031 0a57d00ab5432cd8194e4904eb3b1d7e9976b6df 0202ffe60f34699740b80984b00a3e95a75a8a2a4036ba9de4437784c8f3b843
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /language/portuguese/lang.js?_=N9M2.0_2024050410241062 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/login/default.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:11 GMT
Content-Type: application/javascript
Content-Length: 50875
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-c6bb"
Cache-Control: no-store
pragma: no-store
expires: 0
Content-Encoding: gzip
Accept-Ranges: bytes
|
|
| 152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 | 152.253.123.144 | 200 OK | 77 kB |
URL GET HTTP/1.1152.253.123.144/third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 IP152.253.123.144:80 ASN#26599 TELEFONICA BRASIL S.A
Requested byhttp://152.253.123.144/login/default.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /third-resource/lavaui/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 152.253.123.144
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://152.253.123.144/third-resource/lavaui/plugins/font-awesome/css/font-awesome.min.css?_=N9M2.0_2024050410240828
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 04 May 2024 10:24:12 GMT
Content-Type: application/octet-stream
Content-Length: 77197
Last-Modified: Tue, 28 Nov 2023 03:32:37 GMT
Connection: keep-alive
ETag: "65655f55-12d8d"
Content-Encoding: gzip
Accept-Ranges: bytes
|
|