49.0.80.62/
49.0.80.62 45 B IP 49.0.80.62:0
File type HTML document, ASCII text, with no line terminators
Hash 82c8f5e8636b100030c8725a98052fe4
51c4af11fa196607fb00a3b3582fb5bfb1651770
a159bdf9d37ff8276b307c34b7da13494e854b702cd744484e53953a3630ca97
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:44 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Content-Length: 45
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
49.0.80.62/intranet/index.php
49.0.80.62 45 B URL 49.0.80.62/intranet/index.php
IP 49.0.80.62:0
File type HTML document, ASCII text, with no line terminators
Hash 82c8f5e8636b100030c8725a98052fe4
51c4af11fa196607fb00a3b3582fb5bfb1651770
a159bdf9d37ff8276b307c34b7da13494e854b702cd744484e53953a3630ca97
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/index.php HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:45 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Set-Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 45
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
49.0.80.62/
49.0.80.62 45 B IP 49.0.80.62:0
File type HTML document, ASCII text, with no line terminators
Hash 82c8f5e8636b100030c8725a98052fe4
51c4af11fa196607fb00a3b3582fb5bfb1651770
a159bdf9d37ff8276b307c34b7da13494e854b702cd744484e53953a3630ca97
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:48 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Content-Length: 45
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
49.0.80.62/intranet/login.php
49.0.80.62200 OK 3.8 kB URL User Request GET HTTP/1.1 49.0.80.62/intranet/login.php
IP 49.0.80.62:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 0d5600657f203d556de4c88c9bafe8d0
67adf1ccafd38b49ccc0b21d3bb79d718c0ced4e
cc6165a4a75e099dba7c05dee36215a8798f925e9c6ecf941c8a3e43467741d8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/login.php HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://49.0.80.62/intranet/index.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 3758
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
49.0.80.62/intranet/vendor/animate/animate.css
49.0.80.62200 OK 24 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/animate/animate.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
Hash 57db4a2811f951ff841fb4f77220d95b
b6fd60d18ef742ea5f6979df0cddb35791c4fbe5
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/animate/animate.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 31 Aug 2017 06:02:26 GMT
ETag: "200000001afdd-5d28-5580663810080"
Accept-Ranges: bytes
Content-Length: 23848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/vendor/css-hamburgers/hamburgers.min.css
49.0.80.62200 OK 20 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/css-hamburgers/hamburgers.min.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with very long lines (19499), with CRLF line terminators
Hash f4e16dee11e867f501b9aed5878fe1f3
240a14f6f25bfd3338354f36574c617bb4edc6d7
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Wed, 16 Aug 2017 15:45:52 GMT
ETag: "200000001aff4-4ce6-556e0ca678c00"
Accept-Ranges: bytes
Content-Length: 19686
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/vendor/select2/select2.min.css
49.0.80.62200 OK 15 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/select2/select2.min.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with very long lines (15195)
Hash d44571114a90b9226cd654d3c7d9442c
83b595db66fbf173436fbca475b8b695ef48eb8e
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/select2/select2.min.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Wed, 23 Aug 2017 14:52:38 GMT
ETag: "200000001affa-3b5c-5576cdcea9980"
Accept-Ranges: bytes
Content-Length: 15196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/vendor/bootstrap/css/bootstrap.min.css
49.0.80.62200 OK 125 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/bootstrap/css/bootstrap.min.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with very long lines (65320)
Size 125 kB (124962 bytes)
Hash 3ffbab350748e841d3768b5d1ca48933
262e04cab3c1a51024d4f3960c72ebd3968476a7
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 10 Aug 2017 14:52:12 GMT
ETag: "200000001afea-1e822-55667576dff00"
Accept-Ranges: bytes
Content-Length: 124962
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/vendor/jquery/jquery-3.2.1.min.js
49.0.80.62200 OK 87 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/jquery/jquery-3.2.1.min.js
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type JavaScript source, ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Fri, 28 Jul 2017 05:24:16 GMT
ETag: "200000001aff6-15283-55559e467a000"
Accept-Ranges: bytes
Content-Length: 86659
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
49.0.80.62/intranet/css/main.css
49.0.80.62200 OK 11 kB URL GET HTTP/1.1 49.0.80.62/intranet/css/main.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with CRLF line terminators
Hash 16dabffe077b57b0e16ba1675573cdf6
307560fef1b06a1b9d26a394ddc4e2487feb5d9b
94237ea5e4422013e86b3d639d223e730cf39d403633d8c57f4c4f8c60abcb2d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/css/main.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:51 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Wed, 20 Dec 2017 02:50:24 GMT
ETag: "200000001a2e0-2b84-560bca51fdc00"
Accept-Ranges: bytes
Content-Length: 11140
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/fonts/Linearicons-Free-v1.0.0/icon-font.min.css
49.0.80.62200 OK 7.4 kB URL GET HTTP/1.1 49.0.80.62/intranet/fonts/Linearicons-Free-v1.0.0/icon-font.min.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with very long lines (7191)
Hash ec26292e52e5bc20624b029974bd0adf
3756375bb053b0f3f62303597d844f70cef1b5e0
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/fonts/Linearicons-Free-v1.0.0/icon-font.min.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:52 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Mon, 27 Nov 2017 10:43:30 GMT
ETag: "200000001a39d-1cba-55ef492b63880"
Accept-Ranges: bytes
Content-Length: 7354
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/fonts/font-awesome-4.7.0/css/font-awesome.min.css
49.0.80.62200 OK 31 kB URL GET HTTP/1.1 49.0.80.62/intranet/fonts/font-awesome-4.7.0/css/font-awesome.min.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:52 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Tue, 23 May 2017 10:43:54 GMT
ETag: "200000001a375-7918-5502ea9f9ee80"
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
49.0.80.62/intranet/css/util.css
49.0.80.62200 OK 87 kB URL GET HTTP/1.1 49.0.80.62/intranet/css/util.css
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type ASCII text, with CRLF line terminators
Hash 9cabf2d2ce5a30ae04a9a78140e4b73e
1cb5c5c9760ff75c095c00a93ec0887b2f093b94
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/css/util.css HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:49 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Wed, 13 Dec 2017 08:44:00 GMT
ETag: "200000001a2f5-1531e-56034c4ceb400"
Accept-Ranges: bytes
Content-Length: 86814
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
169.150.247.35200 OK 22 kB URL GET HTTP/2 cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
IP 169.150.247.35:443
ASN #60068 Datacamp Limited
Requested by http://49.0.80.62/intranet/login.php
Certificate IssuerLet's Encrypt
Subjectcdn.linearicons.com
FingerprintAB:0B:5D:57:36:30:15:D9:9E:B0:5C:F0:DD:10:FB:07:81:9A:C1:7B
ValidityWed, 17 Apr 2024 03:11:23 GMT - Tue, 16 Jul 2024 03:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 21780, version 1.0
Hash 03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
GET /free/1.0.0/Linearicons-Free.woff2 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://49.0.80.62
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:15:00 GMT
content-type: application/font-woff2
content-length: 21780
server: BunnyCDN-DE1-1078
cdn-pullzone: 1459430
cdn-uid: dd4aa74a-23b0-4a02-a963-0a23a001f729
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET
cache-control: public, max-age=31919000
etag: "03e91f122aa5fd425abbe23c85546eb0"
last-modified: Thu, 18 Jun 2015 09:10:36 GMT
cdn-cachedat: 10/31/2023 18:51:21
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 2b5196d40aa34b9fe409122f0629f40c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
49.0.80.62/intranet/js/main.js
49.0.80.62200 OK 1.4 kB URL GET HTTP/1.1 49.0.80.62/intranet/js/main.js
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 83f939e65cb96bfc2d4776a3bbefa31f
63caaf6d695a4428a966221f6b233b2e6160faa6
a8e98b651f82ffb90e8c87af9e02bfd70e4c4c20869b58f0b172494316cfff39
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/js/main.js HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:54 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Mon, 18 Dec 2017 03:56:24 GMT
ETag: "200000001a574-58c-560955579ea00"
Accept-Ranges: bytes
Content-Length: 1420
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
49.0.80.62/intranet/vendor/bootstrap/js/bootstrap.min.js
49.0.80.62200 OK 51 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/bootstrap/js/bootstrap.min.js
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type JavaScript source, ASCII text, with very long lines (50904)
Hash baaadea4492b059f284187d75af46063
7326bf5e023f871afcf6ebb18cb89109f81a7708
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:53 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 10 Aug 2017 14:51:22 GMT
ETag: "200000001afee-c7c7-5566754730e80"
Accept-Ranges: bytes
Content-Length: 51143
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
49.0.80.62/intranet/vendor/bootstrap/js/popper.js
49.0.80.62200 OK 82 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/bootstrap/js/popper.js
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (337)
Hash 426ce17eeabd071e85b0bb50e5a18c6c
00e2321a61daaf93f57669a81f0484d75eca8158
a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/bootstrap/js/popper.js HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:53 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Wed, 27 Sep 2017 11:59:16 GMT
ETag: "200000001afef-13f06-55a2a855acd00"
Accept-Ranges: bytes
Content-Length: 81670
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
49.0.80.62/intranet/images/img-01.png
49.0.80.62200 OK 13 kB URL GET HTTP/1.1 49.0.80.62/intranet/images/img-01.png
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type PNG image data, 1280 x 939, 8-bit/color RGBA, non-interlaced
Hash 66fe947f57ff48b455587c06373aa2c0
bde614f55916fe751770a30d14b07fcc60bcbdc5
7e5f31dd2c3dc9ec3084c3cc830188149787f1bb883e03df7b73301013c54db5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/images/img-01.png HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/css/main.css
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:54 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Sun, 17 Dec 2017 19:03:12 GMT
ETag: "200000001a543-3140-5608de29abc00"
Accept-Ranges: bytes
Content-Length: 12608
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
49.0.80.62/intranet/vendor/select2/select2.min.js
49.0.80.62200 OK 67 kB URL GET HTTP/1.1 49.0.80.62/intranet/vendor/select2/select2.min.js
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (32091)
Hash e87ca4c3554f7b9e693605ce12d3a234
fffd0bf48918d33bc612be1fefc120ee23b1a1ee
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/vendor/select2/select2.min.js HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:53 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Wed, 23 Aug 2017 14:52:52 GMT
ETag: "200000001affb-10468-5576cddc03900"
Accept-Ranges: bytes
Content-Length: 66664
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
49.0.80.62/intranet/images/icons/favicon.ico
49.0.80.62200 OK 32 kB URL GET HTTP/1.1 49.0.80.62/intranet/images/icons/favicon.ico
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel
Hash 7d4140c76bf7648531683bfa4f7f8c22
c072bf985086c9a05c7ecede6eedaa02f76a840c
4d663e7a6b4e495a7261593d9d5e66489adbf75e029604ff6e65c4f0fcd97cd0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/images/icons/favicon.ico HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/login.php
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:58 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 21 Jan 2016 04:45:32 GMT
ETag: "200000001a540-7d26-529d0c5cc7300"
Accept-Ranges: bytes
Content-Length: 32038
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
49.0.80.62/intranet/fonts/raleway/Raleway-Black.ttf
49.0.80.62200 OK 181 kB URL GET HTTP/1.1 49.0.80.62/intranet/fonts/raleway/Raleway-Black.ttf
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type TrueType Font data, digitally signed, 17 tables, 1st "DSIG", 24 names, Macintosh, Copyright (c) 2010 - 2013, Matt McInerney (matt@pixelspread.com), Pablo Impallari (impallari@gma
Size 181 kB (180592 bytes)
Hash 3fc090e7188efb11fe2fef586bbb1a44
3e7c10abbe63b044af1264f4afed017c8f7e65e1
5d2aec83bf60483dc15a92e393a12be3f19245e82fa913c3a55df4dd810c405c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/fonts/raleway/Raleway-Black.ttf HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/css/main.css
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:54 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 06 Sep 2012 18:00:00 GMT
ETag: "200000001a3cd-2c170-4c90c428a6800"
Accept-Ranges: bytes
Content-Length: 180592
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/plain
49.0.80.62/intranet/fonts/raleway/Raleway-SemiBold.ttf
49.0.80.62200 OK 180 kB URL GET HTTP/1.1 49.0.80.62/intranet/fonts/raleway/Raleway-SemiBold.ttf
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type TrueType Font data, digitally signed, 17 tables, 1st "DSIG", 24 names, Macintosh, Copyright (c) 2010 - 2013, Matt McInerney (matt@pixelspread.com), Pablo Impallari (impallari@gma
Size 180 kB (180492 bytes)
Hash 17ba6410cbc694808961a988fd4426de
eba085cb0997e4a07420fedba782f92ae95e8062
b7680f30199f65ce3b2620713f7cb27a175560ea7402e0b4cba01c5d54508a17
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/fonts/raleway/Raleway-SemiBold.ttf HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/css/main.css
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:54 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 06 Sep 2012 18:00:00 GMT
ETag: "200000001a3db-2c10c-4c90c428a6800"
Accept-Ranges: bytes
Content-Length: 180492
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
49.0.80.62/intranet/fonts/poppins/Poppins-Regular.ttf
49.0.80.62200 OK 145 kB URL GET HTTP/1.1 49.0.80.62/intranet/fonts/poppins/Poppins-Regular.ttf
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular3.010;ITFO;Pop
Size 145 kB (145312 bytes)
Hash 731a28a413d642522667a2de8681ff35
440dc8992517a306d66e55cb0afed0cfe9b971b5
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/fonts/poppins/Poppins-Regular.ttf HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/css/main.css
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:54 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Tue, 02 Jun 2015 18:00:00 GMT
ETag: "200000001a3c6-237a0-5178cb6020800"
Accept-Ranges: bytes
Content-Length: 145312
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
49.0.80.62/intranet/fonts/raleway/Raleway-Bold.ttf
49.0.80.62200 OK 179 kB URL GET HTTP/1.1 49.0.80.62/intranet/fonts/raleway/Raleway-Bold.ttf
IP 49.0.80.62:80
Requested by http://49.0.80.62/intranet/login.php
File type TrueType Font data, digitally signed, 17 tables, 1st "DSIG", 22 names, Macintosh, Copyright (c) 2010 - 2013, Matt McInerney (matt@pixelspread.com), Pablo Impallari (impallari@gma
Size 179 kB (179244 bytes)
Hash 575e4317521b381ac94c0c8207c81979
7da5bcf0f8ce1caa4806f535ea123ff77f3b3c0a
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /intranet/fonts/raleway/Raleway-Bold.ttf HTTP/1.1
Host: 49.0.80.62
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.0.80.62/intranet/css/main.css
Cookie: PHPSESSID=ca8bdea45aa2596af34344596a2d6b29
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:14:54 GMT
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Last-Modified: Thu, 06 Sep 2012 18:00:00 GMT
ETag: "200000001a3cf-2bc2c-4c90c428a6800"
Accept-Ranges: bytes
Content-Length: 179244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain