| 185.160.182.120/~sixtowns/webapp/login.php/ | 185.160.182.120 | 200 OK | 162 B |
URL User Request GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/ IP185.160.182.120:443 ASN#61323 Ans Academy Limited
CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/ HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 07 May 2024 13:41:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://185.160.182.120/~sixtowns/webapp/login.php/
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/ | 185.160.182.120 | 200 OK | 12 kB |
URL User Request GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/ IP185.160.182.120:443 ASN#61323 Ans Academy Limited
CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/ HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2; path=/
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/fonts/font-awesome-4.7.0/css/font-awesome.min.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/fonts/font-awesome-4.7.0/css/font-awesome.min.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/animate.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/animate.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/animate.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/screen.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/screen.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/screen.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/jquery-ui-1.10.1.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/jquery-ui-1.10.1.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/jquery-ui-1.10.1.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/grid.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/grid.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/grid.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/base.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/base.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/base.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/nav.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/nav.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/nav.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/slider.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/slider.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/slider.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/forms.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/forms.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/forms.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/css/melon2.datepicker.css | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/css/melon2.datepicker.css IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/css/melon2.datepicker.css HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/includes/jquery-2.1.4.min.js | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/includes/jquery-2.1.4.min.js IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/includes/jquery-2.1.4.min.js HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/includes/slider-min.js | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/includes/slider-min.js IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/includes/slider-min.js HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/includes/jquery.validate.min.js | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/includes/jquery.validate.min.js IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/includes/jquery.validate.min.js HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/includes/datemask.js | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/includes/datemask.js IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/includes/datemask.js HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/images/logo.png | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/images/logo.png IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/images/logo.png HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,600i,700,700i,900,900i | 142.250.74.106 | 200 OK | 1.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,600i,700,700i,900,900i IP142.250.74.106:443
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash75ea63cce71e63d8af965cf23f7da24d 964a77177af60c3714955cee27d8a9a32b5bc9c1 c55ee350e758f70d406399a3805d19762a3a7b21a9997d86c2ee9a0048ff4ef2
GET /css?family=Source+Sans+Pro:300,400,400i,600,600i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 13:41:50 GMT
date: Tue, 07 May 2024 13:41:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/includes/validate-on-line.js | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/includes/validate-on-line.js IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/includes/validate-on-line.js HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/images/favicons/apple-touch-icon.png | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/images/favicons/apple-touch-icon.png IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/images/favicons/apple-touch-icon.png HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|
| 185.160.182.120/~sixtowns/webapp/login.php/images/favicons//favicon-16x16.png | 185.160.182.120 | 200 OK | 12 kB |
URL GET HTTP/1.1185.160.182.120/~sixtowns/webapp/login.php/images/favicons//favicon-16x16.png IP185.160.182.120:443 ASN#61323 Ans Academy Limited
Requested byhttps://185.160.182.120/~sixtowns/webapp/login.php/ CertificateIssuerSectigo Limited Subjectsecurecuserver.co.uk Fingerprint43:77:4F:FE:99:CD:42:CF:A6:20:35:B4:5E:FE:A8:FC:DF:81:13:0B ValidityWed, 26 Oct 2022 00:00:00 GMT - Fri, 03 Nov 2023 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashc41c14e3b554e22fbfeed241916381e3 4127e9bb66dceb195c6e02f3e9ef3add06d1a42e afe54d91ee911d93bbc2f288fc0741823494f7ee2d25da89535191731eedde9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~sixtowns/webapp/login.php/images/favicons//favicon-16x16.png HTTP/1.1
Host: 185.160.182.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://185.160.182.120/~sixtowns/webapp/login.php/
Cookie: PHPSESSID=ph2mhg1pfq29au9df583svj6c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 13:41:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
MS-Author-Via: DAV
X-Powered-By: PHP/5.3.3, PleskLin
|
|