| | 158.64.40.100 | 200 OK | 6.3 kB |
URL User Request GET HTTP/1.1IP158.64.40.100:80 ASN#2602 Fondation RESTENA
File typeHTML document, ASCII text, with very long lines (342), with CRLF, LF line terminators Hasha94962eb570c44b4ba917788da2f7224 089f9db37470514d8e9931c2052a8cb6acd79e70 2a5ecfd5b2e0beb1ad9291d1540efbbd7f7e531a1fc2ea8d0b5d96490d50ab1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:54 GMT
Server: Apache
X-UA-Compatible: IE=edge
Set-Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43; expires=Thu, 09-May-2024 10:26:54 GMT; Max-Age=86400; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: deny
Content-Length: 6290
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
|
|
| 158.64.40.100/DSKnet.css | 158.64.40.100 | 200 OK | 37 kB |
IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeISO-8859 text, with CRLF line terminators Hash64f0408447b2440166bdb4de112a0c26 f0c237aa42e482a691e15fe01c5af65cdc812bba d543f8ca2bab895d41de475d91ca1dbd415ee676497c4596c7f44a78f87a36b7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /DSKnet.css HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 14:07:04 GMT
ETag: "8ee6-5a45a58993200"
Accept-Ranges: bytes
Content-Length: 36582
X-Frame-Options: deny
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 158.64.40.100/java/jquery/css/ui-lightness/jquery-ui-1.8.19.custom.css | 158.64.40.100 | 200 OK | 34 kB |
URL GET HTTP/1.1158.64.40.100/java/jquery/css/ui-lightness/jquery-ui-1.8.19.custom.css IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeASCII text, with very long lines (1472), with CRLF line terminators Hasha272985a21e576cab53c916e3804bf9f 2ed43a859c87a101c773987343119d7b5c37466d a16e21041084672359bf0a50940e6e54d37150ab0d762de6014d4ebcf680da69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /java/jquery/css/ui-lightness/jquery-ui-1.8.19.custom.css HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "8641-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 34369
X-Frame-Options: deny
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 158.64.40.100/menu/stmenu.js | 158.64.40.100 | 200 OK | 26 kB |
URL GET HTTP/1.1158.64.40.100/menu/stmenu.js IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeASCII text, with very long lines (599), with CRLF line terminators Hash923edf9a679285bdd98e70d586bf2549 df2c8687adbcd76e0529f15a0f8181fa2a35efd8 911147d5767796f45f4fd2d916904e6af04692d364ff8e9c2730d60df42dc8ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /menu/stmenu.js HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "640c-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 25612
X-Frame-Options: deny
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 158.64.40.100/java/jquery/jquery-ui-sliderAccess.js | 158.64.40.100 | 200 OK | 2.8 kB |
URL GET HTTP/1.1158.64.40.100/java/jquery/jquery-ui-sliderAccess.js IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeJavaScript source, ASCII text, with CRLF line terminators Hashb5a01f3d29043d2281ae0902f3b02019 85df94ad842bf9a24d2e08fb9e3c3c7e1c609235 055b20d6a8f1dcb7a3aa6d89c54c959688cac287b9ebf4c1c3ecdbe611396c91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /java/jquery/jquery-ui-sliderAccess.js HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "af5-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 2805
X-Frame-Options: deny
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 158.64.40.100/java/jquery/jquery-ui-timepicker-addon.js | 158.64.40.100 | 200 OK | 51 kB |
URL GET HTTP/1.1158.64.40.100/java/jquery/jquery-ui-timepicker-addon.js IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeJavaScript source, ASCII text, with CRLF line terminators Hash820680f988899635d191fb9315600bf8 b166ab2ae36c123e9fa1b1afeca5b8318b59c89e 41f4ed44c3afa7619153da3a7d280c80eaa09ac4f7770abada5b96fe53328903
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /java/jquery/jquery-ui-timepicker-addon.js HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "c6d4-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 50900
X-Frame-Options: deny
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 158.64.40.100/java/jquery/jquery-1.7.2.min.js | 158.64.40.100 | 200 OK | 95 kB |
URL GET HTTP/1.1158.64.40.100/java/jquery/jquery-1.7.2.min.js IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32780), with CRLF line terminators Hashfea0ee20da1cbdc0cce15bbd906d0c21 c152dbf92d680e103d618e817eef8948fc2244e6 0b1e3988c0bd43078e0e0c167455febce25b83d590a26a9b9eb9ff04fb63e05e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /java/jquery/jquery-1.7.2.min.js HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "17286-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 94854
X-Frame-Options: deny
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 158.64.40.100/java/jquery/jquery-ui-1.8.19.custom.min.js | 158.64.40.100 | 200 OK | 207 kB |
URL GET HTTP/1.1158.64.40.100/java/jquery/jquery-ui-1.8.19.custom.min.js IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeJavaScript source, ASCII text, with very long lines (18578), with CRLF line terminators Size207 kB (206787 bytes) Hash25e67e3ec12a14fb9e472b89af0a8a18 7198fd1366a46d8e5e899b6181176e6f5d6941ee 48fb2ac4d93c4bd12f12686b8cb2d7e58a343496a1e7ae67214c6c3367ce5d9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /java/jquery/jquery-ui-1.8.19.custom.min.js HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "327c3-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 206787
X-Frame-Options: deny
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 158.64.40.100/menu/stcode.js | 158.64.40.100 | 200 OK | 95 kB |
URL GET HTTP/1.1158.64.40.100/menu/stcode.js IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeASCII text, with very long lines (4877), with CRLF line terminators Hash471201ebab6e64c740057a13fec21456 0c1ffd24aa01c7226b9d20b05a0d2f67bc0cab56 7c89b71d9af831b74da2cf5e647f2165b54cbb435ab77c7ddac5092b2063b169
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /menu/stcode.js HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:55 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "1732c-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 95020
X-Frame-Options: deny
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 158.64.40.100/menu/blank.gif | 158.64.40.100 | 200 OK | 49 B |
URL GET HTTP/1.1158.64.40.100/menu/blank.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 1 x 1 Hash1184485f130fd0fe785dc2a2d0c2fc0c d4642139451c29a56e1dc9f91e7a054e2db1b9cd 4a962a349a505265aeb57099df429a871d1cdc7d3056f317c5c686820ac8e7d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /menu/blank.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "31-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 49
X-Frame-Options: deny
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_top_fill.gif | 158.64.40.100 | 200 OK | 149 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_top_fill.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 1 x 22 Hash107826163c3e132f80c3200a310796d8 baceca1b66782cbc77a6a197f9eaca0a10e97b46 356a2f65aa867f16244f14569a04b977f69c7962f9dd670ec9a30b2a6518742c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_top_fill.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "95-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 149
X-Frame-Options: deny
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_menu_left.gif | 158.64.40.100 | 200 OK | 348 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_menu_left.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 22 Hashb702b4da079ffff8437ad45f8dc35f21 a0c8af43963061cad34713aa759047a83a31c751 9c3381b64d5a1ce4bc27b9bf6d918bdf58087230f3b06906701a0c2c24922117
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_menu_left.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "15c-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 348
X-Frame-Options: deny
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_top_header.gif | 158.64.40.100 | 200 OK | 272 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_top_header.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 1 x 49 Hash58e67f753788464c74fd078aba7a2696 fe81a9459795df01c66b2d2e416153586c99d517 a1f7e9cdd144cd0513a0065e97a3713999ab128f247ca6ef5a4fe36e13c0b863
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_top_header.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "110-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 272
X-Frame-Options: deny
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_menu_right.gif | 158.64.40.100 | 200 OK | 352 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_menu_right.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 22 Hash9a8b5acc8018fad9c13f6083edcee61a 16594b27a6b4e5527a1ecf3b054e1564c6f300f4 915584d61345b1942b935325a713e8bc5e4f6522d9f85586c0bb4c6ce316209b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_menu_right.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "160-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 352
X-Frame-Options: deny
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_corner_left_top.gif | 158.64.40.100 | 200 OK | 283 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_corner_left_top.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 8 Hash5724f7d947949e70780e728381856509 f0d0588a0f7c411cecd955300bc6a3af034d9553 437c3037a0528a85f4bdef1e6be67eab5d932797b2c57240c973c910da0ff117
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_corner_left_top.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "11b-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 283
X-Frame-Options: deny
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_top.gif | 158.64.40.100 | 200 OK | 260 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_top.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 273 x 8 Hash0716295359448dc31a3aa7606e6bb711 7c18cf2a5c4058484a259e2b23cf58163c687aea e6237540522d07c2744496d99f6e4cfd9a93f13d07a43fbb1608188a9723857e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_top.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "104-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 260
X-Frame-Options: deny
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_corner_right_top.gif | 158.64.40.100 | 200 OK | 283 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_corner_right_top.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 8 Hash4f8aab977bd37b3a3c0df244b94fbb09 4b5e9da35eaa9d4b7a8cf47bd98e71d8f195e69e 396ddd087fa430b4bed7a323b10879db2a16a0ad3206e92a7ada361d375f1d02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_corner_right_top.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "11b-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 283
X-Frame-Options: deny
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_title_left.gif | 158.64.40.100 | 200 OK | 129 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_title_left.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 22 Hashb610dc2adde4038d8774e6517021ee5a 64576d28833b87f01a3878aa7bacfcba8ecc9f6a 003bdf57fe907fb70f128ca3761e19cd698d1d17442e40f15fc1178394511ed5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_title_left.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "81-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 129
X-Frame-Options: deny
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_title_fill.gif | 158.64.40.100 | 200 OK | 46 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_title_fill.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 1 x 22 Hash262d85c4a1caecdef4a9eecfdaffbb1f b9f791aa89240b79a5d8c764c3b3463a2ba392e8 e6f7ad6143c3194930cf35c821d24e05005703844ec05ccfd590d1e410a3b2a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_title_fill.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "2e-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 46
X-Frame-Options: deny
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_title_right.gif | 158.64.40.100 | 200 OK | 186 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_title_right.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 22 Hash6204cb88646398fe8c1209bfe8698cbf 1d27453221b55a62fa02982bd9a0f8b3ef165061 484fa01e23cd417f22adf35e003f1fef024064b6312e5ff661db1e3917a3b440
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_title_right.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "ba-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 186
X-Frame-Options: deny
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_titlefill_right.gif | 158.64.40.100 | 200 OK | 96 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_titlefill_right.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 24 Hash89252105dc79bce62aa38a6e0e42d1e1 a55dda0c6befbf12613d8508e90e5e4919699c89 03a9ac59293627564589a7205f6d6c388b00996e2e3a72888b05576f6bda2618
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_titlefill_right.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "60-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 96
X-Frame-Options: deny
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_right.gif | 158.64.40.100 | 200 OK | 255 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_right.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 118 Hash2d8844f957c0e2a251901c8c6a0e0ecd 80f15c26b726cd4563c2e1b96c8149bd08649405 70affa7fc5d7daf18bc29d1633c42b0320bd343e36e475d5ea48990756c4e118
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_right.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "ff-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 255
X-Frame-Options: deny
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_left.gif | 158.64.40.100 | 200 OK | 255 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_left.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 118 Hashf341c03b8274be45fed73a44b7f35000 caf03676a75ab854e2c2a49d2b476a7469d30acb b4534f3809fa609c7e6f944ba72624fdd665b5d3d3607fe6181a9bcb5ddb27d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_left.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "ff-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 255
X-Frame-Options: deny
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_corner_left_bottom.gif | 158.64.40.100 | 200 OK | 283 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_corner_left_bottom.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 8 Hash4fad4536107af6fb6ec9f02dee08f45d 37a7ecb06671df1c773714213bce8082ae288c07 d002847e9a513da84e8930dc60efe9d61335d7f62bbbb589c207cfe0e796f98e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_corner_left_bottom.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "11b-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 283
X-Frame-Options: deny
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_bottom.gif | 158.64.40.100 | 200 OK | 260 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_bottom.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 273 x 8 Hashc9875f4eb0c2753320e78a5a42909e7b 2757769dc7beae963b2a8772a6ece6931ce82def 88853b956e06fe31ef1a2cc96b2775554b77dcf1aba5fa7acca837683ee6b51c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_bottom.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "104-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 260
X-Frame-Options: deny
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/images/dsknet/ico_box_corner_right_bottom.gif | 158.64.40.100 | 200 OK | 283 B |
URL GET HTTP/1.1158.64.40.100/images/dsknet/ico_box_corner_right_bottom.gif IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeGIF image data, version 89a, 8 x 8 Hash7c7c0b51f25d51a1fd0e44e68c617686 1d3b29c4354f666b16f79be0046e18e8987d4915 f4d6f85429a44d9a6133f957ca949cd7c3fc1bebde5000e4586be088caab29ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/dsknet/ico_box_corner_right_bottom.gif HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/DSKnet.css
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "11b-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 283
X-Frame-Options: deny
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 158.64.40.100/favicon.ico | 158.64.40.100 | 200 OK | 1.1 kB |
URL GET HTTP/1.1158.64.40.100/favicon.ico IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeMS Windows icon resource - 1 icon, 15x16, 32 bits/pixel Hashc9cb3855afb89e829dcf308e40a98fad 0a6695c2125db71e77921c1648bb227fa5282718 559e04cc7d7b1c37509bc5dba0ef200ce73e936c2bab235e787db6822d5b44be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 13:54:46 GMT
ETag: "43e-5a354a8ac5580"
Accept-Ranges: bytes
Content-Length: 1086
X-Frame-Options: deny
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| 158.64.40.100/Img/icon.png | 158.64.40.100 | 403 Forbidden | 221 B |
URL GET HTTP/1.1158.64.40.100/Img/icon.png IP158.64.40.100:80 ASN#2602 Fondation RESTENA
Requested byhttp://158.64.40.100/login.php
File typeHTML document, ASCII text Hash0398e3dc538bce24fbe115ea53216514 e0873ff1592192d08220e517a4f112ac3d4321d6 ca29b6d7ceafd93629d2bd9b442540467fedac708ceb7367cf2aa29ab86b4c73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Img/icon.png HTTP/1.1
Host: 158.64.40.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://158.64.40.100/login.php
Cookie: DSKNet=usr196e5nkdglicdk9ljhb8v43
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 10:26:56 GMT
Server: Apache
Content-Length: 221
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|