| | 58.18.174.3 | 200 | 20 kB |
URL User Request GET HTTP/1.1IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2945), with CRLF line terminators Hash405d90f72849e8ac35f2a8c6c31f759f faafb29e3b41f70e38e02dbec8ae75ad4fd03dea bec47a9d40258b8bfcfd492a05ff080fd870b57caab8e008845d2fafda1ebfe3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: zh-CN
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/css/login.min-e083520af0f37cb5f93912e72bc0e506.css | 58.18.174.3 | 200 | 2.8 kB |
URL GET HTTP/1.158.18.174.3:8088/css/login.min-e083520af0f37cb5f93912e72bc0e506.css IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (2808), with no line terminators Hash436413f9a23c73fd22048396f7b1c611 1ce6356e32689ce54aeed9f50a40c3e32a3a2870 37ed57138efb5cb90bf0a2fa30aafc8c727ad270f9ce52036ab8dcd4df0e15d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/login.min-e083520af0f37cb5f93912e72bc0e506.css HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Type: text/css
Content-Length: 2808
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/static/file/open/css/index.css | 58.18.174.3 | 200 | 0 B |
URL GET HTTP/1.158.18.174.3:8088/static/file/open/css/index.css IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/file/open/css/index.css HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-CODE: NDU2NDRkM2I1NDc4NGM3NWEyNzU5ZWMyYWI2NzUzY2IxYTFkNWJmYzM0NzYwYjY2OGQzOGY1ZTJiNWRlNmQyOWU2Y2M5NzE3ZmI3ZTM2OTM4NTc0NzFmNjEzMDA0MTg1NDE3OGNjM2M4OGRkNWYxYjM2M2Y3OGVjNjk0YzNkZjg0NDIzNTdjYWZhNDEyMWMwYTgwOTIxNGRjMWJlNzQ2MA==
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/js/jquery.min-67f7749f3dce3eb11b2d6d6ec431c370.js | 58.18.174.3 | 200 | 86 kB |
URL GET HTTP/1.158.18.174.3:8088/js/jquery.min-67f7749f3dce3eb11b2d6d6ec431c370.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators Hash67f7749f3dce3eb11b2d6d6ec431c370 d8a7a869ca958381ba62dc74f715facdfd00017c 3bd2ee80a23747c4c07bb48fb32cb329db0f1ae7b2e135c44866009b40809414
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min-67f7749f3dce3eb11b2d6d6ec431c370.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Type: application/javascript
Content-Length: 85588
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "67f7749f3dce3eb11b2d6d6ec431c370"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/css/font-awesome.min-a0e784c4ca94c271b0338dfb02055be6.css | 58.18.174.3 | 200 | 31 kB |
URL GET HTTP/1.158.18.174.3:8088/css/font-awesome.min-a0e784c4ca94c271b0338dfb02055be6.css IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (30825), with CRLF line terminators Hash2edfa2d43298a627ea8e39f85a82de15 4567a3aed3fd8a2fa4fde3311f7e4f7f55775f33 294008ce7f4495d0c28a2d29a42b2e5cd0b35aa8598a4bf912a1cdef11990172
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/font-awesome.min-a0e784c4ca94c271b0338dfb02055be6.css HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Type: text/css
Content-Length: 30992
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/uworker/css/ui-cdb4973f47922c6e3846fa8580596de9.css?v=4.6.0 | 58.18.174.3 | 200 | 28 kB |
URL GET HTTP/1.158.18.174.3:8088/uworker/css/ui-cdb4973f47922c6e3846fa8580596de9.css?v=4.6.0 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash707485bd33df0bcd19d5f07a54afa1ed 36f4c52b7a44667f2330bf2af252154ac4557e2d 55d277a553ce1b65f9b36ccbd0427116fb9e6c6647b520ef752f8fd70ffc1737
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uworker/css/ui-cdb4973f47922c6e3846fa8580596de9.css?v=4.6.0 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Type: text/css
Content-Length: 27695
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/validate/jquery.validate.min-0909b4a0efdadf7a2a679e1f43d7d7cf.js | 58.18.174.3 | 200 | 22 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/validate/jquery.validate.min-0909b4a0efdadf7a2a679e1f43d7d7cf.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (21388), with CRLF line terminators Hash0909b4a0efdadf7a2a679e1f43d7d7cf be2ec5f330a7b537b6752283c3d99ea5651116bb f01f5ea5ff71b32da6759fb193943622b2d04e19a8d4017e8528e0bb1f248fde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/validate/jquery.validate.min-0909b4a0efdadf7a2a679e1f43d7d7cf.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: application/javascript
Content-Length: 21530
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "0909b4a0efdadf7a2a679e1f43d7d7cf"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/js/bootstrap.min-93a1f823d90b3c0b0c92c7eaa9669754.js | 58.18.174.3 | 200 | 39 kB |
URL GET HTTP/1.158.18.174.3:8088/js/bootstrap.min-93a1f823d90b3c0b0c92c7eaa9669754.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, ASCII text, with very long lines (38738), with CRLF line terminators Hash93a1f823d90b3c0b0c92c7eaa9669754 c5656ed696219cc6b7dceed19a34bb4d9f6faab1 761b0a0362022aec0c1d121ea530ea547e2773e01aabe56cf3180236973e0af8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/bootstrap.min-93a1f823d90b3c0b0c92c7eaa9669754.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: application/javascript
Content-Length: 38868
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "93a1f823d90b3c0b0c92c7eaa9669754"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/css/style.min-15a8b136e3fce7ce1d7cdc369cd944eb.css | 58.18.174.3 | 200 | 102 kB |
URL GET HTTP/1.158.18.174.3:8088/css/style.min-15a8b136e3fce7ce1d7cdc369cd944eb.css IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (65536), with no line terminators Size102 kB (101610 bytes) Hash219226cd031d426943a1c20a79927431 ba06aff500a357387ec848bff70a1f61cc468dc2 2590a4d70c4397f4f7d126d183bf7faa92c6c1a98f999baa934afd3eb65e25e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/style.min-15a8b136e3fce7ce1d7cdc369cd944eb.css HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:28 GMT
Content-Type: text/css
Content-Length: 101610
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layui/layui-210a8b1c979a8ff8d8036c3bab6e3b46.js | 58.18.174.3 | 200 | 291 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layui/layui-210a8b1c979a8ff8d8036c3bab6e3b46.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size291 kB (291146 bytes) Hash210a8b1c979a8ff8d8036c3bab6e3b46 40ed39b8c127b1f1307c142e94cc8f9e0c36e31b fef3fe945718e6caef2f72dc7c89080374cfd74e59576746e477de017c1ef0ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layui/layui-210a8b1c979a8ff8d8036c3bab6e3b46.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: application/javascript
Content-Length: 291146
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "210a8b1c979a8ff8d8036c3bab6e3b46"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layer/layer.min-b4b722614d6d4b6b5f345361b8e5355f.js | 58.18.174.3 | 200 | 22 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layer/layer.min-b4b722614d6d4b6b5f345361b8e5355f.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (22032), with CRLF line terminators Hashb4b722614d6d4b6b5f345361b8e5355f f91dfc32558f2fe1347babbe11f644bd486d7c3e 3cb403b2abfeaf137ebf64eabb0107a01136d1831923b489d6835af431985544
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layer/layer.min-b4b722614d6d4b6b5f345361b8e5355f.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: application/javascript
Content-Length: 22117
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "b4b722614d6d4b6b5f345361b8e5355f"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/validate/messages_zh.min-2e53acbf6518a85fcad23b41db2c7425.js | 58.18.174.3 | 200 | 1.4 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/validate/messages_zh.min-2e53acbf6518a85fcad23b41db2c7425.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash2e53acbf6518a85fcad23b41db2c7425 2d5e7474ba6509a478d6600acab1103db5f07c4b 569a2be4832b1ebf6244b6e2b219daf8705782a2c94d23dd932ceef4d69148c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/validate/messages_zh.min-2e53acbf6518a85fcad23b41db2c7425.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: application/javascript
Content-Length: 1435
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "2e53acbf6518a85fcad23b41db2c7425"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/css/bootstrap.min-c950184719c17775293537cbd5ec8fc3.css | 58.18.174.3 | 200 | 121 kB |
URL GET HTTP/1.158.18.174.3:8088/css/bootstrap.min-c950184719c17775293537cbd5ec8fc3.css IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (65367), with CRLF line terminators Size121 kB (121146 bytes) Hash357678f468f1ce704a8beb2bc3bbc891 8f3146a460f98f8223f28ba8cb9a1fc3e1320b31 a23fcda42c97016ad459ef054bef0eb40a72a42c8677b4c1b13c09701769fb1a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/bootstrap.min-c950184719c17775293537cbd5ec8fc3.css HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: text/css
Content-Length: 121146
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/blockUI/jquery.blockUI-d1b570f6154466b04656d6bf82f83334.js | 58.18.174.3 | 200 | 21 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/blockUI/jquery.blockUI-d1b570f6154466b04656d6bf82f83334.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashd1b570f6154466b04656d6bf82f83334 ff13abea09fce7cac97c9a8799edcdef7b33b998 fe71ac0177ef82f38e030cca3ad8074377479ec82701d38ac6db1e476ea83c8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/blockUI/jquery.blockUI-d1b570f6154466b04656d6bf82f83334.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: application/javascript
Content-Length: 20641
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "d1b570f6154466b04656d6bf82f83334"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/uworker/login-d0b107d3ca876ff2c7eddf86baf404b1.js | 58.18.174.3 | 200 | 6.5 kB |
URL GET HTTP/1.158.18.174.3:8088/uworker/login-d0b107d3ca876ff2c7eddf86baf404b1.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (539), with CRLF line terminators Hashd0b107d3ca876ff2c7eddf86baf404b1 641bf81115d1e5dc17301fc803dee02c4322a23e 8213292d85c6e96839a297160091e31d78b3d28957d722b01d569d3c985101af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uworker/login-d0b107d3ca876ff2c7eddf86baf404b1.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:30 GMT
Content-Type: application/javascript
Content-Length: 6523
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "d0b107d3ca876ff2c7eddf86baf404b1"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/static/file/open/js/index.js | 58.18.174.3 | 200 | 0 B |
URL GET HTTP/1.158.18.174.3:8088/static/file/open/js/index.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/file/open/js/index.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:30 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-CODE: NDU2NDRkM2I1NDc4NGM3NWEyNzU5ZWMyYWI2NzUzY2IxYTFkNWJmYzM0NzYwYjY2OGQzOGY1ZTJiNWRlNmQyOWU2Y2M5NzE3ZmI3ZTM2OTM4NTc0NzFmNjEzMDA0MTg1NDE3OGNjM2M4OGRkNWYxYjM2M2Y3OGVjNjk0YzNkZjg0NDIzNTdjYWZhNDEyMWMwYTgwOTIxNGRjMWJlNzQ2MA==
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/uworker/js/ui-57e168c3c67714fff5882c6b2182b67d.js?v=4.6.0 | 58.18.174.3 | 200 | 219 kB |
URL GET HTTP/1.158.18.174.3:8088/uworker/js/ui-57e168c3c67714fff5882c6b2182b67d.js?v=4.6.0 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (337), with CRLF line terminators Size219 kB (218887 bytes) Hash57e168c3c67714fff5882c6b2182b67d 710471f0dd5f96e1ea0457b0f76afcfa7831b1da 5c30ea627a321456141fcf95f3ebb46c1017d5641ce50aca097a8c96fce02f28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uworker/js/ui-57e168c3c67714fff5882c6b2182b67d.js?v=4.6.0 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:30 GMT
Content-Type: application/javascript
Content-Length: 218887
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "57e168c3c67714fff5882c6b2182b67d"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/js/encrypt-5b75c524729309cef729defc70c1625f.js | 58.18.174.3 | 200 | 55 kB |
URL GET HTTP/1.158.18.174.3:8088/js/encrypt-5b75c524729309cef729defc70c1625f.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJavaScript source, ISO-8859 text, with very long lines (54916), with no line terminators Hash5b75c524729309cef729defc70c1625f f6185fd589d7a169f5693efa1d8811a2d7e369ec aeda356a25d3428e92f927e8486ab3bbc1635e4d06e68eba0861f10eaa18f552
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/encrypt-5b75c524729309cef729defc70c1625f.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:30 GMT
Content-Type: application/javascript
Content-Length: 54916
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
ETag: "5b75c524729309cef729defc70c1625f"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layui/css/layui-4c1682a9884d403c9c3a85ea1048e98e.css?v=20210202 | 58.18.174.3 | 200 | 481 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layui/css/layui-4c1682a9884d403c9c3a85ea1048e98e.css?v=20210202 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (65536), with no line terminators Size481 kB (480641 bytes) Hash47069f9c835a872573bcf8f74c03f5db bf6a28300e91f0c1f25ffc382e296428ffa32d34 9247b38c80eef0993ca086a637e63fb8adf64c4effcb66ee10786539760a11cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layui/css/layui-4c1682a9884d403c9c3a85ea1048e98e.css?v=20210202 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:29 GMT
Content-Type: text/css
Content-Length: 480641
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/captcha/captchaImage?type=math | 58.18.174.3 | 200 | 2.9 kB |
URL GET HTTP/1.158.18.174.3:8088/captcha/captchaImage?type=math IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x60, components 3 Hasha258901a771cfc5a686fee57eed44841 f8a008f02b786140d585bd092a52f332eecabcda bfab7631fec41f64094599319df86d79d6430fe8836e9fd4d547af9c1225d8fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /captcha/captchaImage?type=math HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Set-Cookie: JSESSIONID=16f48b18-7f14-4c13-8a64-d114813000ca; Path=/; Max-Age=2592000; Expires=Fri, 07-Jun-2024 12:23:30 GMT; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/img/icon-login.png | 58.18.174.3 | 200 | 2.8 kB |
URL GET HTTP/1.158.18.174.3:8088/img/icon-login.png IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typePNG image data, 148 x 142, 8-bit/color RGBA, non-interlaced Hash21ca4721b87313eff3c61fecb9c35abc c08d1a3c4a2b0ba35e45c5d45959c978afd05de9 7d2eeb972174c5cd9eb67cf190973e2c3219187daf5bc10c7c607d7f54910f94
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icon-login.png HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: image/png
Content-Length: 2791
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layui/css/modules/layer/default/layer.css?v=3.5.1 | 58.18.174.3 | 200 | 15 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layui/css/modules/layer/default/layer.css?v=3.5.1 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (14581), with no line terminators Hashc3980bab884c975848afaa0348470b5e 45e0a716614ccbb2d01c1b38b7dbb7ad2095578b e8c323746afaba89945530321349fa3f3c80bf6de2a4be10df2f95aab365546b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: text/css
Content-Length: 14581
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layui/css/modules/laydate/default/laydate.css?v=5.3.1 | 58.18.174.3 | 200 | 7.8 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layui/css/modules/laydate/default/laydate.css?v=5.3.1 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (7787), with no line terminators Hash965ecf4e5b007d28c7813d295310c9f8 85850be545bf1b7e5856988633b40184cd776449 68e2983e63097dc51336bd69da10365ce29d723d7dfdab3796a29bcfe5aaa335
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: text/css
Content-Length: 7787
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layui/css/modules/code.css?v=3 | 58.18.174.3 | 200 | 1.7 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layui/css/modules/code.css?v=3 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeASCII text, with very long lines (1738), with no line terminators Hash9e6c47f424536b7039ede0093cc8a153 0e994c799db4c0f0de38cef2ea4bda958813cf87 e5fa94378e76c854bbf3572f9e090f1fa5d8260c3e93d8a864a74941b540034e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layui/css/modules/code.css?v=3 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: text/css
Content-Length: 1738
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/static/file/open/js/index.js | 58.18.174.3 | 200 | 0 B |
URL GET HTTP/1.158.18.174.3:8088/static/file/open/js/index.js IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/file/open/js/index.js HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-CODE: NDU2NDRkM2I1NDc4NGM3NWEyNzU5ZWMyYWI2NzUzY2IxYTFkNWJmYzM0NzYwYjY2OGQzOGY1ZTJiNWRlNmQyOWU2Y2M5NzE3ZmI3ZTM2OTM4NTc0NzFmNjEzMDA0MTg1NDE3OGNjM2M4OGRkNWYxYjM2M2Y3OGVjNjk0YzNkZjg0NDIzNTdjYWZhNDEyMWMwYTgwOTIxNGRjMWJlNzQ2MA==
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/ajax/libs/layui/font/iconfont.woff2?v=256 | 58.18.174.3 | 200 | 26 kB |
URL GET HTTP/1.158.18.174.3:8088/ajax/libs/layui/font/iconfont.woff2?v=256 IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeWeb Open Font Format (Version 2), TrueType, length 25964, version 1.0 Hashd8c214c89e33a7bea93d656bd865e869 c188dbfc6951b7c305940ac3a279227aeb5617f4 bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/layui/font/iconfont.woff2?v=256 HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/ajax/libs/layui/css/layui-4c1682a9884d403c9c3a85ea1048e98e.css?v=20210202
Cookie: JSESSIONID=16f48b18-7f14-4c13-8a64-d114813000ca
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: application/font-woff2
Content-Length: 25964
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/favicon.ico | 58.18.174.3 | 200 | 4.3 kB |
URL GET HTTP/1.158.18.174.3:8088/favicon.ico IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hashd3cb0ac180f393e03e822823cd268f9e d820bd95b09b75d7ac157120d9af9e8807ae91f1 ee0dc208f7707b883322c5d277089aada2304c2d50a5619362c5b7291797a204
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Cookie: JSESSIONID=16f48b18-7f14-4c13-8a64-d114813000ca
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| 58.18.174.3:8088/img/loginbg.png | 58.18.174.3 | 200 | 687 kB |
URL GET HTTP/1.158.18.174.3:8088/img/loginbg.png IP58.18.174.3:8088 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://58.18.174.3:8088/login
File typePNG image data, 1920 x 964, 8-bit colormap, non-interlaced Size687 kB (687033 bytes) Hashc67fb6fc643415d1cf440f6b23065ce5 d244a3ceab24cdcc04f0827fc16dc65347b53abb 85a159576e8a51a84106bc19c7d09fc40341556a891282ac0ef7ca47b818521c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/loginbg.png HTTP/1.1
Host: 58.18.174.3:8088
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.18.174.3:8088/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 08 May 2024 12:23:31 GMT
Content-Type: image/png
Content-Length: 687033
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Wed, 26 Jul 2023 06:58:31 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|