| | 104.36.166.28 | 200 | 6.3 kB |
URL User Request GET HTTP/1.1IP104.36.166.28:8080
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash0280df59e5066961dc9d170ecfed87c8 82818ec17c6b59a5d523724bc45f36547f770b91 fed335e7280caed3cd275383466163f9a355749d186dead5a0d2c6c40fd3848d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Thu, 28 Mar 2024 14:42:07 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,600,700 | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,600,700 IP142.250.74.106:443
Requested byhttp://104.36.166.28:8080/login CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typegzip compressed data, max compression Hash02ea68716b778fa4132ce8348e64b45b e49955b76bed8bfe89705ff46be944ee87c60fe9 faa759a5687bf44ffd5a18ee1ed555647c06b9f59a4bbcf9bc65c89258f2caf5
GET /css?family=Roboto:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 14:42:58 GMT
date: Thu, 28 Mar 2024 14:42:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 104.36.166.28:8080/js/general.js | 104.36.166.28 | 200 | 1.0 kB |
URL GET HTTP/1.1104.36.166.28:8080/js/general.js IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashec4a3da07a8a912a1681c95ea9a9d56c 0f03cfd79beff447d54c721317af45c07a61d3ef ca3de1464344aff5226bf0f4bca24bd9ebdcb2a564f1982c32f7d66130aa95c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/general.js HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Length: 1015
Date: Thu, 28 Mar 2024 14:42:07 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/plugins/global/plugins.bundle.css | 104.36.166.28 | 200 | 557 kB |
URL GET HTTP/1.1104.36.166.28:8080/plugins/global/plugins.bundle.css IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typeASCII text, with CRLF line terminators Size557 kB (556836 bytes) Hashad9836cabacadb48b114aac61d3c2973 037ef3ae24e42c21d43577b86f79b7920a8c6ecf 74af3391b1058f7fdbc8d1dc7a73128c843bc704a8e596fdb56f53e3a6e67802
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /plugins/global/plugins.bundle.css HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: text/css
Content-Length: 556836
Date: Thu, 28 Mar 2024 14:42:07 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/js/scripts.bundle.js | 104.36.166.28 | 200 | 215 kB |
URL GET HTTP/1.1104.36.166.28:8080/js/scripts.bundle.js IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typeJavaScript source, ASCII text, with CRLF line terminators Size215 kB (214832 bytes) Hashd3c3693f477cf6b65f248f530b239f1c dc162debc7b3df2cd295fb61afcd410c6a562997 3c9d568235b596c6bb2d8a8ea19ab6b16c737bd8b7941364caedcee044322a3a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/scripts.bundle.js HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Length: 214832
Date: Thu, 28 Mar 2024 14:42:07 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/css/style.bundle.css | 104.36.166.28 | 200 | 1.3 MB |
URL GET HTTP/1.1104.36.166.28:8080/css/style.bundle.css IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typeUnicode text, UTF-8 text, with very long lines (560), with CRLF line terminators Size1.3 MB (1265453 bytes) Hash29dc6aa0ac67905e99133ed523c6a5a3 514ecf46b76af4965cb3cb100f172c16bd80df46 9a4dc24c1102d5b5d483c9fb0e12b06998b642b0b087532e8d5d344f2c796262
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/style.bundle.css HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: text/css
Content-Length: 1265453
Date: Thu, 28 Mar 2024 14:42:07 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/img/Walmart.png | 104.36.166.28 | 200 | 6.6 kB |
URL GET HTTP/1.1104.36.166.28:8080/img/Walmart.png IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typePNG image data, 781 x 208, 8-bit colormap, non-interlaced Hasha96da07cc17d42e69aefc6ae25d5ad3c dd8cef30140065eef8474b0b9be9765906246359 39eb7d26b9e66b17b749c9b2759f303157632d75200fb928cc58c1875f87730f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/Walmart.png HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: image/png
Content-Length: 6616
Date: Thu, 28 Mar 2024 14:42:08 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/plugins/global/plugins.bundle.js | 104.36.166.28 | 200 | 3.7 MB |
URL GET HTTP/1.1104.36.166.28:8080/plugins/global/plugins.bundle.js IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typeJavaScript source, ASCII text, with CRLF line terminators Size3.7 MB (3732901 bytes) Hash25a3bcc730a20c0a9c986de5de0f87e5 32fd848480ab4379e1dde61073c5c9a68e52ad36 55b348edd3fa5b5e88ae0843b24554babd7b9858528c1656b63ef152e2eb12cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /plugins/global/plugins.bundle.js HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Length: 3732901
Date: Thu, 28 Mar 2024 14:42:07 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/plugins/global/fonts/Bogle-Regular.otf | 104.36.166.28 | 200 | 68 kB |
URL GET HTTP/1.1104.36.166.28:8080/plugins/global/fonts/Bogle-Regular.otf IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
Hash30c8604a89b4a3fd2dd61c9b39d71f3c 5b966f5c602c0cda15e7ea2efdbccc7a8b4dfa27 5f2b8cb69f0c677e3f94883ec6a4dbfae14246e174dd87c3c8583b424d84d4ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /plugins/global/fonts/Bogle-Regular.otf HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/css/style.bundle.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/x-font-opentype
Content-Length: 68344
Date: Thu, 28 Mar 2024 14:42:08 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/img/caleb-ruiter-EmEQ6kK_5P0-unsplash%201.png | 104.36.166.28 | 200 | 783 kB |
URL GET HTTP/1.1104.36.166.28:8080/img/caleb-ruiter-EmEQ6kK_5P0-unsplash%201.png IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typePNG image data, 658 x 840, 8-bit/color RGBA, non-interlaced Size783 kB (782759 bytes) Hash89ea2f205cbd99ce064c03bfee41e1b9 c3f8bf8dbd1703ecfbb70d8134a6ce5b6d16ddd4 9d88c3d58e10b52dd77b2aa0a8d9c1196de2507f29f5166af3f5e49964ad4096
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/caleb-ruiter-EmEQ6kK_5P0-unsplash%201.png HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: image/png
Content-Length: 782759
Date: Thu, 28 Mar 2024 14:42:08 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|
| 104.36.166.28:8080/img/walmart_ico.ico | 104.36.166.28 | 200 | 68 kB |
URL GET HTTP/1.1104.36.166.28:8080/img/walmart_ico.ico IP104.36.166.28:8080
Requested byhttp://104.36.166.28:8080/login
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Hash580376ddbd1173cde2c22068210daff3 9cea8386b967419b0803be02033de01a033eefc5 7405b43cae8e47358e4e2101a86a084c95780b4b6b7fd5e6c82be418db281663
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/walmart_ico.ico HTTP/1.1
Host: 104.36.166.28:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.36.166.28:8080/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 04 Mar 2024 21:32:33 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: image/x-icon
Content-Length: 67646
Date: Thu, 28 Mar 2024 14:42:08 GMT
Keep-Alive: timeout=60
Connection: keep-alive
|
|