| 200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX | 200.6.168.204 | 200 OK | 8.1 kB |
URL User Request GET HTTP/1.1200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash2de217e20c80cc5a9d62555cd2d4c08b 4be78fc1db15a1952dad00d065e71021a8e6345c d6c48726d2cb2e9897e700f855ad371777849c9f8b7134f4fc5bf4cce6ba20c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/login.php?message=Welcome%20to%20iQ-WEBX HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; path=/
X-SECURE=67e152fbbd; expires=Sun, 26-Mar-2034 11:15:59 GMT; Max-Age=315360000; path=/
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=
|
|
| 200.6.168.204/pacs/_script/createAccount.js | 200.6.168.204 | 200 OK | 1.9 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_script/createAccount.js IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeASCII text, with CRLF line terminators Hash2056f4a7682a0ffdb4e788939aa499d7 c20c339ce9fdd2128f635ac56046950ce5f5cb0b 108fb642ead4d35d8e3ade9fd9389ec8e925ba2d3497da361a00ae9dd34a7dca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_script/createAccount.js HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "75f-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 1887
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 200.6.168.204/pacs/vendor/owasp/csrf-protector-php/js/csrfprotector.js | 200.6.168.204 | 200 OK | 12 kB |
URL GET HTTP/1.1200.6.168.204/pacs/vendor/owasp/csrf-protector-php/js/csrfprotector.js IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeJavaScript source, ASCII text, with CRLF line terminators Hash5ab01e2fb2367c8229780a5303ede338 6e2593fea964b6f445b1a8efea7868c4cbf04116 0918f20c2a6bd372207cc2b6cfee9ced181e6450acabe3e316e7b097729faeab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/vendor/owasp/csrf-protector-php/js/csrfprotector.js HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:06 GMT
ETag: "2e66-5c72e9fbdea80"
Accept-Ranges: bytes
Content-Length: 11878
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 200.6.168.204/pacs/_css/template_style.css | 200.6.168.204 | 200 OK | 24 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_css/template_style.css IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeASCII text, with CRLF line terminators Hashbf2883032eea5d5ac36e3ba978bf7cf1 cde9dc441345f80d0dc114d7b7088cf19ceefa13 2180d8b7d15efc1f56a233cdfedd5470306413268abfce44fb3834b2e1f1e744
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_css/template_style.css HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "5d64-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 23908
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 200.6.168.204/pacs/_script/toastNotification.js | 200.6.168.204 | 200 OK | 435 B |
URL GET HTTP/1.1200.6.168.204/pacs/_script/toastNotification.js IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeJavaScript source, ASCII text, with CRLF line terminators Hash197d732c1415790cfd2265063aad2a19 204add99ab80c262b313d993cb4ba34811bf0b32 f8bb0edc57b6531c33e64fe864bd412bd3ff2ade066102629be34ab7289f70f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_script/toastNotification.js HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "1b3-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 435
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 200.6.168.204/pacs/_css/template_style.css | 200.6.168.204 | 200 OK | 24 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_css/template_style.css IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeASCII text, with CRLF line terminators Hashbf2883032eea5d5ac36e3ba978bf7cf1 cde9dc441345f80d0dc114d7b7088cf19ceefa13 2180d8b7d15efc1f56a233cdfedd5470306413268abfce44fb3834b2e1f1e744
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_css/template_style.css HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "5d64-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 23908
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 200.6.168.204/pacs/_script/fingerprint2/fingerprint2.js | 200.6.168.204 | 200 OK | 62 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_script/fingerprint2/fingerprint2.js IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeJavaScript source, ASCII text, with very long lines (329), with CRLF line terminators Hashfa795c8c79def8e99cfacb74e871eb12 f557ae70087f15731ec997a0fd9291b16e372869 9765f9106c8dd1095d6931130d88ea56130ab9a06362bc0af0c47b15834c0814
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_script/fingerprint2/fingerprint2.js HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:15:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "f283-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 62083
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 200.6.168.204/pacs/_img/loginSplash.jpg | 200.6.168.204 | 200 OK | 86 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_img/loginSplash.jpg IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2020:04:14 14:15:45], baseline, precision 8, 650x400, components 3 Hash1954ec012914cd1a7062386547a3b89b cea9476d11be0697602165a65aaeeadd1b5a53bc 2c79524d5f9c2f78bd1a7987d4a8d4fd52dd4b7e9a35bec2345c9e430c06f93d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_img/loginSplash.jpg HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:16:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "14e8b-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 85643
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 200.6.168.204/pacs/_img/favicon.ico | 200.6.168.204 | 200 OK | 17 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_img/favicon.ico IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeMS Windows icon resource - 4 icons, 16x16, 24 bits/pixel, 48x48, 32 bits/pixel Hash52a220f4ad00ec0271fcb5e035b39fb2 3e3516d81f06aea10801d50cb06d61ba8230dd89 9dbd43f74e691033e877ef2e762fb5bc7c5ff82d5670ba5603d2602f5ac3f250
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_img/favicon.ico HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:16:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "4386-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 17286
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| 200.6.168.204/pacs/_css/CenturyGothic.woff | 200.6.168.204 | 200 OK | 70 kB |
URL GET HTTP/1.1200.6.168.204/pacs/_css/CenturyGothic.woff IP200.6.168.204:80 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttp://200.6.168.204/pacs/login.php?message=Welcome%20to%20iQ-WEBX
File typeWeb Open Font Format, TrueType, length 70108, version 2.35 Hashb5875fe4dc24505bdee3c2dc6a63b991 25e927d83de55b58df00fa1b8880b7b4f9eedf4e 3e59dd9e92cb2a9ab092dd755f431b52547929f16bd532d03d6f9a4521144737
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pacs/_css/CenturyGothic.woff HTTP/1.1
Host: 200.6.168.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://200.6.168.204/pacs/_css/template_style.css
Cookie: PHPSESSID=svjkaito8rqsk90dpc2j9elsf3; X-SECURE=67e152fbbd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 11:16:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 15 Jul 2021 19:39:02 GMT
ETag: "111dc-5c72e9f80e180"
Accept-Ranges: bytes
Content-Length: 70108
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
|
|