| | 42.63.13.198 | 200 OK | 2.7 kB |
URL User Request GET HTTP/1.1IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash450335c9757663f2f3d033d5e6c1f75d 2f9deb452965e91809256479ead46d76044cba2f c4e5677467620da57e4f0b93fe8845fb28e14ed0f98455b910f2dbb78e4b46d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:29 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6; Path=/; HttpOnly
Content-Encoding: gzip
vary: accept-encoding
Cache-Control: no-store
Pragma: no-cache
|
|
| 42.63.13.198:8080/assets/css/font-awesome.min.css | 42.63.13.198 | 200 OK | 4.4 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/css/font-awesome.min.css IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeASCII text, with very long lines (668) Hash61b8f14e3074c617ab344ad052f04bef 4cd59f39ff1dd409f4d48e3c0a2585296404a374 3f81f9e1ee3a815899de8d6f6b2afad2eaf0d0f714b129d4a26fdb6b8354c10d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/font-awesome.min.css HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"22119-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:29 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/assets/css/ace-rtl.min.css | 42.63.13.198 | 200 OK | 6.5 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/css/ace-rtl.min.css IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeASCII text, with very long lines (36873), with no line terminators Hash78df1b15700117ef2c3e425485de8be3 eb97e990f560848d9029c1b85822af816228988d be72a2621f281f07d32abb393aa9d6e606f3f31ec54c9cb4aaeb74d2e6970185
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/ace-rtl.min.css HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"36873-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:30 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/assets/css/bootstrap.min.css | 42.63.13.198 | 200 OK | 16 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/css/bootstrap.min.css IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeASCII text, with very long lines (65317) Hash5875a3f07a87bb4f0e378de5928fb0ea abd75e22ecf284c34473be9a105fa546bc045688 a9bbc7df80a2dfb2026572ddad15f13a1507d7c83ffbb97b281e630316d1d52e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"96272-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:29 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/assets/js/crypto-js.min.js | 42.63.13.198 | 200 OK | 16 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/js/crypto-js.min.js IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeJavaScript source, ASCII text, with very long lines (32008) Hasha39fc84fa7659e1d898bbcddf20aa989 5989527a378b55011a59522f41eeb3981518325c bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/crypto-js.min.js HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"47943-1668349315000"
Last-Modified: Sun, 13 Nov 2022 14:21:55 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:30 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/assets/js/jquery-2.0.3.min.js | 42.63.13.198 | 200 OK | 29 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/js/jquery-2.0.3.min.js IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeJavaScript source, ASCII text, with very long lines (32023) Hash0a6e846b954e345951e710cd6ce3440e fbf9c77d0c4e3c34a485980c1e5316b6212160c8 b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/jquery-2.0.3.min.js HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"83612-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:30 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/assets/css/ace.min.css | 42.63.13.198 | 200 OK | 44 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/css/ace.min.css IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeASCII text, with very long lines (65536), with no line terminators Hashef1d571afc85dde18357ee2be07f41d9 a3af398e163f82219d951332a94b9b221db94e0b 72ccda77ddebd134e7e4cb261791305c5a0875f7ad914ab85ee28633ea185790
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/ace.min.css HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"271482-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:29 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/images/logo3.png | 42.63.13.198 | 200 OK | 1.6 kB |
URL GET HTTP/1.142.63.13.198:8080/images/logo3.png IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typePNG image data, 621 x 520, 8-bit/color RGBA, non-interlaced Hash92985770e1ade0cf32080c9e5dba37b1 b3c8d9c589bd1195201cb841a8f3ef992884ed4f 8246b846821e429e9d71e7ac89d45aa8c5d3cfcf90a5223b7cab6c11c56ad43f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/logo3.png HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"4692-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:30 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/validateImage?st=1713958530807 | 42.63.13.198 | 200 OK | 1.2 kB |
URL GET HTTP/1.142.63.13.198:8080/validateImage?st=1713958530807 IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 60x20, components 3 Hashab2a18f35079fef376eb890ab7077966 e2ab5a1ef607220daadf504c999a64b24e987b2c b6071a8bb34b2d826b917ac28650c64a57cb8aafa33904cde4895986558b79ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /validateImage?st=1713958530807 HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline
Content-Encoding: gzip
vary: accept-encoding
Cache-Control: no-store
Pragma: no-cache
|
|
| 42.63.13.198:8080/assets/font/fontawesome-webfont.woff?v=3.2.1 | 42.63.13.198 | 200 OK | 44 kB |
URL GET HTTP/1.142.63.13.198:8080/assets/font/fontawesome-webfont.woff?v=3.2.1 IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeWeb Open Font Format, TrueType, length 43572, version 1.0 Hashb683029bafe0305ac2234038a03e1541 12f8c193902e99348493ace32e498031bf79b654 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/font/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/assets/css/font-awesome.min.css
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: font/woff
Content-Length: 43572
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"43572-1616748931000"
Last-Modified: Fri, 26 Mar 2021 08:55:31 GMT
Cache-Control: no-store
Pragma: no-cache
|
|
| 42.63.13.198:8080/images/bg03.jpg | 42.63.13.198 | 200 OK | 37 kB |
URL GET HTTP/1.142.63.13.198:8080/images/bg03.jpg IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x312, components 3 Hashcbc10b26eae4000b898b0a4459079a13 e5440992a78ce239d0e36ab446323fbe99e260b0 6f758afbfd36fcd0a445a9321683edf7eebce332f740b219da82ddf720a43181
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/bg03.jpg HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"37158-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:30 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/favicon.png | 42.63.13.198 | 200 OK | 1.3 kB |
URL GET HTTP/1.142.63.13.198:8080/favicon.png IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Hash4a2a3e100b1bac94dea51fc2a294d606 b028582feb41cda580edd1835dafa4692f9e6423 c2a0e6567c9f4754092475678ab5efeb2513baa0bb1141056560c6b25d28bc9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.png HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"67646-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:31 GMT
Cache-Control: max-age=604800
|
|
| 42.63.13.198:8080/images/bg02.png | 42.63.13.198 | 200 OK | 1.5 MB |
URL GET HTTP/1.142.63.13.198:8080/images/bg02.png IP42.63.13.198:8080 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttp://42.63.13.198:8080/login
File typePNG image data, 1000 x 667, 8-bit/color RGBA, non-interlaced Size1.5 MB (1474186 bytes) Hashbbcda5d4e6d67c2478430333e73ea18b a734fdf4dc2a8347061229a4fe01c13ba7255b6b 08a7e716959ce69dc95eacfcf5eaabd04ff4a363560fde6cdcf78572ae7a60c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/bg02.png HTTP/1.1
Host: 42.63.13.198:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.63.13.198:8080/login
Cookie: JSESSIONID=C10F90614178B3CFCA89DC98833112D6
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.2
Date: Wed, 24 Apr 2024 11:35:30 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"1477631-1616750733000"
Last-Modified: Fri, 26 Mar 2021 09:25:33 GMT
Content-Encoding: gzip
vary: accept-encoding
Expires: Wed, 01 May 2024 11:35:30 GMT
Cache-Control: max-age=604800
|
|