| mitmdetection.services.mozilla.com/ | 54.230.111.23 | | 0 B |
URL mitmdetection.services.mozilla.com/ IP54.230.111.23:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Thu, 02 May 2024 23:13:24 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tQhIyMgjD226I1dvYAUWeYIEuet2iRzyeAL6yhgGnxVlZ9vXBwoXCQ==
X-Firefox-Spdy: h2
|
|
| 152.171.133.220/index.asp | 152.171.133.220 | | 1.6 kB |
URL 152.171.133.220/index.asp IP152.171.133.220:0 ASN#7303 Telecom Argentina S.A.
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hasha1990a104f3f65656681cb0a0c8d782b dd7a711968012c06091fde39b372bbfa87801663 589b52fe7ecf124b181e6e727891ef96ccad580c273a5bfe35998261154778f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index.asp HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:26 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 1577
Content-type: text/html
|
|
| 152.171.133.220/doc/script/jquery.cookie.js | 152.171.133.220 | 200 OK | 3.8 kB |
URL GET HTTP/1.0152.171.133.220/doc/script/jquery.cookie.js IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hasha479f46b2a66d5772f839cdf20c24898 dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1 087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery.cookie.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/index.asp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:29 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 3752
Content-type: application/x-javascript
|
|
| 152.171.133.220/doc/script/jquery-1.7.1.min.js | 152.171.133.220 | 200 OK | 94 kB |
URL GET HTTP/1.0152.171.133.220/doc/script/jquery-1.7.1.min.js IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery-1.7.1.min.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/index.asp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:30 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 93868
Content-type: application/x-javascript
|
|
| 152.171.133.220/doc/page/login.asp | 152.171.133.220 | 200 OK | 2.1 kB |
URL User Request GET HTTP/1.0152.171.133.220/doc/page/login.asp IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash23d1f6113e4ae1c7755d27ccba87f00d f1163b70314916735464c8f5c60dd6926b3f52d5 ea9f31819a7503a974619890edfbc4f2856e90caa8da505a586815c098456b96
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/page/login.asp HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/index.asp
Cookie: language=en; updateTips=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:33 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 2110
Content-type: text/html
|
|
| 152.171.133.220/doc/css/base.css | 152.171.133.220 | 200 OK | 933 B |
URL GET HTTP/1.0152.171.133.220/doc/css/base.css IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashc9f676955ddb0002f2cf9ae5c9859dfc 74ccdcdcb2bf5fae840cf6327db5660289c2d055 d22dc2e1a7a128730f7e3399a0ac3734f6ae4c499d09a705c90ece12f204201c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/css/base.css HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:34 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 933
Content-type: text/css
|
|
| 152.171.133.220/doc/css/login.css | 152.171.133.220 | 200 OK | 1.1 kB |
URL GET HTTP/1.0152.171.133.220/doc/css/login.css IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeASCII text, with CRLF line terminators Hash9e92089b4549cecdaa845826bae82620 3557726fdf5fd002aac9535ac7668915e8f1ea25 7b4223ddeb4f586881eeba585bdf55a66937486ec981ae702397f010512e6eca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/css/login.css HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:34 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 1096
Content-type: text/css
|
|
| 152.171.133.220/doc/script/jquery-1.7.1.min.js | 152.171.133.220 | 200 OK | 94 kB |
URL GET HTTP/1.0152.171.133.220/doc/script/jquery-1.7.1.min.js IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery-1.7.1.min.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:35 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 93868
Content-type: application/x-javascript
|
|
| 152.171.133.220/doc/script/login.js | 152.171.133.220 | 200 OK | 5.3 kB |
URL GET HTTP/1.0152.171.133.220/doc/script/login.js IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashb3db92981c688b307f0b8d4e2c286f48 a4b6e40b105abe07177da212ec7479b8301e5715 0415a5f68531693e39916b718918b4c9db304c002582918eda43671a438c727a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/login.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:36 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 5287
Content-type: application/x-javascript
|
|
| 152.171.133.220/doc/script/jquery.cookie.js | 152.171.133.220 | 200 OK | 3.8 kB |
URL GET HTTP/1.0152.171.133.220/doc/script/jquery.cookie.js IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hasha479f46b2a66d5772f839cdf20c24898 dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1 087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery.cookie.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:37 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 3752
Content-type: application/x-javascript
|
|
| 152.171.133.220/doc/script/common.js | 152.171.133.220 | 200 OK | 43 kB |
URL GET HTTP/1.0152.171.133.220/doc/script/common.js IP152.171.133.220:443 ASN#7303 Telecom Argentina S.A.
Requested byhttps://152.171.133.220/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1119), with CRLF line terminators Hash1d41f7aa18d4e0dfb47a1b3c651e83c6 abf743a59621fb7f2001c0f11ba59b31b1c3d336 4f9d5bb580bf04c6ddab512ee3d1472251c4ee483d965bb3824e53ce3ae3ff7b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/common.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Thu May 2 20:13:37 2024
Server: DVRDVS-Webs
Last-modified: Tue Mar 19 02:02:31 2013
Content-length: 43137
Content-type: application/x-javascript
|
|
| 152.171.133.220/doc/script/Translator.js | 0.0.0.0 | | 0 B |
URL GET 152.171.133.220/doc/script/Translator.js IP0.0.0.0:0
Requested byhttps://152.171.133.220/doc/page/login.asp
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/Translator.js HTTP/1.1
Host: 152.171.133.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://152.171.133.220/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|