| api.map.baidu.com/api?v=3.0&ak=iH90ZPltQZ86ag8VxPWhMVAv2OS1zP02 |  103.235.46.245 | 200 OK | 238 B |
URL GET HTTP/1.1api.map.baidu.com/api?v=3.0&ak=iH90ZPltQZ86ag8VxPWhMVAv2OS1zP02 IP103.235.46.245:80 ASN#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested byhttp://118.24.21.36:8082/login
File typeJavaScript source, ASCII text, with no line terminators Hash075f6bf4ab02dca342bfe93cd6e7a22c e36d6c648f077d687ef4b0443e264870833f153a 2770b4ea273127fabfa8b1ea3d41988a57a170677b1153bdf863c2026e14c9b4
GET /api?v=3.0&ak=iH90ZPltQZ86ag8VxPWhMVAv2OS1zP02 HTTP/1.1
Host: api.map.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 238
Content-Type: text/javascript;charset=utf-8
Date: Wed, 08 May 2024 10:07:12 GMT
Expires: Thu, 09 May 2024 10:07:12 GMT
Http_x_bd_logid: 0432732354
Http_x_bd_logid64: 0432732782377721610
Http_x_bd_product: map
Http_x_bd_subsys: apimap
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=4E4FD2CC756939D1550137E0CDB85A52:FG=1; expires=Thu, 08-May-25 10:07:12 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
BAIDUID=87D56A80ACB8BF1F9217CA05CFB54FC0:FG=1; expires=Thu, 08-May-25 10:07:12 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 04327323543868145674050818
|
|
| |  118.24.21.36 | 200 OK | 11 kB |
URL User Request GET HTTP/1.1IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
File typeHTML document, Unicode text, UTF-8 text, with very long lines (8814), with CRLF line terminators Hash5f73020c22f4382e8c2c036670443f61 27c72cc156ab8b7fd88f2fc8d84685e75e8f6ffc 2c6568ec0e0ff10b7a4d88c26c27540833956f3a7cef80ab275e3aced01bdc65
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:09 GMT
Content-Type: text/html
Content-Length: 11028
Last-Modified: Mon, 25 Dec 2023 03:36:30 GMT
Connection: keep-alive
ETag: "6588f8be-2b14"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/view-design/4.4.0/styles/iview.css?t=3 | 118.24.21.36 | 200 OK | 52 kB |
URL GET HTTP/1.1118.24.21.36:8082/plot/view-design/4.4.0/styles/iview.css?t=3 IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeUnicode text, UTF-8 text, with very long lines (65528), with no line terminators Hash7544af4d1cbe0c760918f2d105f7d5ba e8819e12b80d09eff6fa6482c6c62cb48eec1c98 52863797150bb158aad4c82e4d033d2fdf31f4a76dc66409781f80ac677b05fc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/view-design/4.4.0/styles/iview.css?t=3 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:12 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Dec 2023 03:34:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6588f842-516b7"
Content-Encoding: gzip
|
|
| 118.24.21.36:8082/assets/css/app.e9c6777c.css | 118.24.21.36 | 200 OK | 71 kB |
URL GET HTTP/1.1118.24.21.36:8082/assets/css/app.e9c6777c.css IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeUnicode text, UTF-8 text, with very long lines (65528), with no line terminators Hash9524f5376fcea024157151da005ca504 2ea247260263ce15124ebd4d0b44576f47fe8dbb d5b09c8868881f51bed48e88d71b298a5ed93487afe783747f1634cd0d884f3c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/css/app.e9c6777c.css HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:13 GMT
Content-Type: text/css
Content-Length: 71274
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-1166a"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/mqtt.min.js | 118.24.21.36 | 200 OK | 167 kB |
URL GET HTTP/1.1118.24.21.36:8082/plot/mqtt.min.js IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size167 kB (166845 bytes) Hash346dfa8dc81e145ed6f2fc5a31ddc37b 38d2e13eccccea722e72fd5f78ceb2c144806660 1648c17002b61520726efa0edccb5c058d4af13c81916ae887e3d09af48e6c15
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/mqtt.min.js HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:12 GMT
Content-Type: application/javascript
Content-Length: 166845
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-28bbd"
Accept-Ranges: bytes
|
|
| webapi.amap.com/maps?v=1.4.15&key=655650be9668650a7a4f331bfd5f0537 |  47.246.167.91 | 200 OK | 124 kB |
URL GET HTTP/2webapi.amap.com/maps?v=1.4.15&key=655650be9668650a7a4f331bfd5f0537 IP47.246.167.91:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://118.24.21.36:8082/login CertificateIssuerGlobalSign nv-sa Subject*.alibabacorp.com Fingerprint58:5B:90:00:C1:00:38:CF:91:76:3A:C2:3C:CA:2F:04:AA:23:D1:01 ValidityFri, 19 Apr 2024 05:57:02 GMT - Wed, 21 May 2025 05:51:03 GMT
File typegzip compressed data, from Unix Size124 kB (123703 bytes) Hash4ea64a666a9236633f45f9281b6fe0ec d8ccac15b24eae2463849f81841cc9d1ff2e5172 6f7d06919964b579a4aefb7a3ace75adefecb6b13811de73c5b12f6bbeb83fc4
GET /maps?v=1.4.15&key=655650be9668650a7a4f331bfd5f0537 HTTP/1.1
Host: webapi.amap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 10:07:14 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-server-id: 72446e765a0ee479614554419edfe3ec363ecad9edc12e0ca71aade7560ff3c391e04aa4e0c91a6343850c12aec5657f
etag: W/279e88cdafca7b96373c09a4ca55aabb
cache-control: max-age=0
x-readtime: 2
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 2102f5d217151628339447995e088d
strict-transport-security: max-age=0
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 118.24.21.36:8082/assets/css/chunk-vendors.8e0b16eb.css | 118.24.21.36 | 200 OK | 55 kB |
URL GET HTTP/1.1118.24.21.36:8082/assets/css/chunk-vendors.8e0b16eb.css IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeASCII text, with very long lines (65536), with no line terminators Hash5c7c654a6a4f663f63870a3ab46cf72c 00b063c482de14fc8405e223d0ed84cdc1b6b1aa 135a3b60f884e9f1c26420eb7356526acb86ad185257167db74b665d4321eb89
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/css/chunk-vendors.8e0b16eb.css HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:13 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6585402e-440d7"
Content-Encoding: gzip
|
|
| 118.24.21.36:8082/assets/js/app.f26115ef.js | 118.24.21.36 | 200 OK | 307 kB |
URL GET HTTP/1.1118.24.21.36:8082/assets/js/app.f26115ef.js IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64491), with no line terminators Size307 kB (307023 bytes) Hash0617a7bef251a6fcc2746ae63f698bcc c632c1c851c4d95e6bb4adddfd156346c9c6d017 6dca589d79fadba5cacf3b0cf25b6d92fe5d0a211abfbc8c9eefeda8499d6e00
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/app.f26115ef.js HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:13 GMT
Content-Type: application/javascript
Content-Length: 307023
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-4af4f"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/map/baidu/TextIconOverlay_min.js?t=1 | 118.24.21.36 | 200 OK | 9.2 kB |
URL GET HTTP/1.1118.24.21.36:8082/plot/map/baidu/TextIconOverlay_min.js?t=1 IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeJavaScript source, ASCII text, with very long lines (9188), with CRLF line terminators Hashabae33bab7b340fcb9b5d32b9d9409f8 8d654b461e8292fb5a6fb5460ffc72a9cf2f366d ac6866b4a32ea538c1c16e65cce853852e1fb717c48896649b47aebbe310ad45
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/map/baidu/TextIconOverlay_min.js?t=1 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:21 GMT
Content-Type: application/javascript
Content-Length: 9190
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-23e6"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/map/baidu/MarkerClusterer_min.js?t=1 | 118.24.21.36 | 200 OK | 19 kB |
URL GET HTTP/1.1118.24.21.36:8082/plot/map/baidu/MarkerClusterer_min.js?t=1 IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash9f427aa8bbaa99ff062ce51b740da627 d023e81f7ccd999ac53a4b9e5c3909c56e832cd1 4068d2f468f1f7bfe9fb6e0201503e2a18f68a87c83e7d3b9b4258bc464e556f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/map/baidu/MarkerClusterer_min.js?t=1 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:22 GMT
Content-Type: application/javascript
Content-Length: 19062
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-4a76"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/s2.min.js?t=18 | 118.24.21.36 | 200 OK | 448 kB |
URL GET HTTP/1.1118.24.21.36:8082/plot/s2.min.js?t=18 IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64320), with no line terminators Size448 kB (447734 bytes) Hash7576e92ef12cd7fa2a94b2238b31ff9f c771ee74bf196c3a481a611bebd849813a2b1069 d90b963d1c7441f90f3cc1ea1de70f632da9c8762e6c8af6a9af0e878a92ebe2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/s2.min.js?t=18 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:12 GMT
Content-Type: application/javascript
Content-Length: 447734
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-6d4f6"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/map/map.min.js?t=1 | 118.24.21.36 | 200 OK | 1.3 MB |
URL GET HTTP/1.1118.24.21.36:8082/plot/map/map.min.js?t=1 IP118.24.21.36:8082 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://118.24.21.36:8082/login
Size1.3 MB (1341623 bytes) Hasha8f2027d3dbe0827303afe1f7a03e439 9d90ff7ebcfec05b90b1085a5e3eeb5124e74318 1afdfbe1744898f5c4903f5973023e19fbe0f1d4f4f0c894781038ae9206b1ca
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/map/map.min.js?t=1 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:13 GMT
Content-Type: application/javascript
Content-Length: 1341623
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-1478b7"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/view-design/4.4.0/iview.min.js?t=12 |  0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/plot/view-design/4.4.0/iview.min.js?t=12 IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/view-design/4.4.0/iview.min.js?t=12 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:31 GMT
Content-Type: application/javascript
Content-Length: 776859
Last-Modified: Mon, 25 Dec 2023 03:34:07 GMT
Connection: keep-alive
ETag: "6588f82f-bda9b"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/g6.min.js | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/plot/g6.min.js IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/g6.min.js HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:12 GMT
Content-Type: application/javascript
Content-Length: 2124356
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-206a44"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/iavs/ezuikit.js?t=2 | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/plot/iavs/ezuikit.js?t=2 IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/iavs/ezuikit.js?t=2 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:22 GMT
Content-Type: application/javascript
Content-Length: 1559779
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-17cce3"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/g6ChartPlugin.min.js?t=1 | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/plot/g6ChartPlugin.min.js?t=1 IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/g6ChartPlugin.min.js?t=1 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:12 GMT
Content-Type: application/javascript
Content-Length: 933062
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-e3cc6"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/plot/g6Plot.min.js?t=1 | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/plot/g6Plot.min.js?t=1 IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /plot/g6Plot.min.js?t=1 HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:23 GMT
Content-Type: application/javascript
Content-Length: 1524658
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-1743b2"
Accept-Ranges: bytes
|
|
| 118.24.21.36:8082/svg/loading-spin.svg | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/svg/loading-spin.svg IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /svg/loading-spin.svg HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
|
|
| 118.24.21.36:8082/favicon.ico | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/favicon.ico IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
|
|
| 118.24.21.36:8082/assets/js/chunk-vendors.e0fca737.js | 0.0.0.0 | | 0 B |
URL GET 118.24.21.36:8082/assets/js/chunk-vendors.e0fca737.js IP0.0.0.0:0
Requested byhttp://118.24.21.36:8082/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/chunk-vendors.e0fca737.js HTTP/1.1
Host: 118.24.21.36:8082
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.24.21.36:8082/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 10:07:20 GMT
Content-Type: application/javascript
Content-Length: 2708856
Last-Modified: Fri, 22 Dec 2023 07:52:14 GMT
Connection: keep-alive
ETag: "6585402e-295578"
Accept-Ranges: bytes
|
|