| | 118.194.230.106 | 302 Found | 0 B |
URL User Request GET HTTP/2IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache,must-revalidate
set-cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; expires=Thu, 09-May-2024 09:28:55 GMT; Max-Age=144000; path=/
location: login
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 17:28:55 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| | 118.194.230.106 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (17299) Hash4f754b16b8828079bcce00c3bf3e6d3c f8eb028eedad88b2d37cede062cc2a49dbcb193f c9898c559eb3e064384d37834c353d10f600acd0a20565b0e860c9b5b8f691a1
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
set-cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; expires=Thu, 09-May-2024 09:28:55 GMT; Max-Age=144000; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 13598
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 17:28:55 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/app.08fda6cd.css | 118.194.230.106 | 200 OK | 892 B |
URL GET HTTP/2aplusrooter.net/merca/css/app.08fda6cd.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeASCII text, with very long lines (2754), with no line terminators Hashaa8386535dd3f014a02935c6ce88d430 ef213ae38ff3e2783fa9d0e9190777097ca12f57 1750eb5cab3be081c8fadf57cf3f0721a877d1f8c571009bda0799e37ca373e3
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/app.08fda6cd.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 Mar 2024 06:47:38 GMT
etag: "ac2-613e9bbb87680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 892
content-type: text/css
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/chunk-59a76fbc.ee42fe5e.css | 118.194.230.106 | 200 OK | 653 B |
URL GET HTTP/2aplusrooter.net/merca/css/chunk-59a76fbc.ee42fe5e.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeASCII text, with very long lines (2733), with no line terminators Hashfc58a011b6ccfebc0d1dbcb7515c7c9b 3ff8bcf1200b83c0dc8469ea96dd61097e441ead 0b3aebc5aa1bd4eac20ab9aca57d1daba3858f53569f7ba9aa6da22879625bd0
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/chunk-59a76fbc.ee42fe5e.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Mar 2024 06:17:44 GMT
etag: "aad-613fd6ea19200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 653
content-type: text/css
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/commons.css | 118.194.230.106 | 200 OK | 2.3 kB |
URL GET HTTP/2aplusrooter.net/merca/css/commons.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Hashbe6960c632c8de4c86394a9b68f91056 3198e65a8c31533415950a26bec127546dde13b7 ca8bed9a18705c223f6cec84187f043e7e33a9fc53bd36df631e7038637b7542
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/commons.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Mar 2024 03:44:36 GMT
etag: "28af-613fb4afbd100-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2285
content-type: text/css
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/img/dayuhao.png | 118.194.230.106 | 200 OK | 625 B |
URL GET HTTP/2aplusrooter.net/merca/img/dayuhao.png IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash5f84b63037666acab06f686d9232b707 1a756d8b419704d03dc004343ccd57fbbb45c6c5 cc1bf8759251b689ea48730ffb53cbe486133a710f5db2eed41e707520919b1b
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/img/dayuhao.png HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Mar 2024 03:29:46 GMT
etag: "271-613fb15ef7e80"
accept-ranges: bytes
content-length: 625
content-type: image/png
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/img/loading.gif | 118.194.230.106 | 200 OK | 162 kB |
URL GET HTTP/2aplusrooter.net/merca/img/loading.gif IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeGIF image data, version 89a, 512 x 512 Size162 kB (162262 bytes) Hash6022c6ef9692e00e2f9269db9f86d2d3 b9a7d6937e5061479a3bdf9a4d5d0e0e20317c6f 243741d0fd578219a8a40b166481845038610031528c5ae851783e228de53867
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/img/loading.gif HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Jan 2024 13:19:22 GMT
etag: "279d6-60f4c5407ea80"
accept-ranges: bytes
content-length: 162262
content-type: image/gif
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/img/logo_login.6761cf5f.svg | 118.194.230.106 | 200 OK | 1.1 kB |
URL GET HTTP/2aplusrooter.net/merca/img/logo_login.6761cf5f.svg IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeSVG Scalable Vector Graphics image Hash6761cf5f98cc93627bb2007b32a637b8 248123f5a1e59a195215596541f6628a058e97d1 f4c823301da0441f633837b7b207f4711269ff5c49e8d82f66df3324031a30cc
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/img/logo_login.6761cf5f.svg HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Sep 2021 04:00:10 GMT
etag: "933-5cc3d158a2680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1120
content-type: image/svg+xml
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/js/jquery-3.6.3.min.js | 118.194.230.106 | 200 OK | 31 kB |
URL GET HTTP/2aplusrooter.net/merca/js/jquery-3.6.3.min.js IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/js/jquery-3.6.3.min.js HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 Mar 2024 05:15:28 GMT
etag: "15f5b-613e8721b5c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 31079
content-type: text/javascript
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/chunk-33e067a3.3db98e59.css | 118.194.230.106 | 200 OK | 632 B |
URL GET HTTP/2aplusrooter.net/merca/css/chunk-33e067a3.3db98e59.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeASCII text, with very long lines (2337), with no line terminators Hash3ba043f06969f4e16bb409d92e423366 e52fa5e3e3e1b014429ac57afc7e3c85b9990781 90ab2ded2f280faad2c37bd34ac301e111c39c1563622b66a66d56aaab526d9e
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/chunk-33e067a3.3db98e59.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Mar 2024 07:07:06 GMT
etag: "921-613fe1f2e1a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 632
content-type: text/css
date: Tue, 07 May 2024 17:28:57 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/chunk-59a76fbc.ee42fe5e.css | 118.194.230.106 | 200 OK | 653 B |
URL GET HTTP/2aplusrooter.net/merca/css/chunk-59a76fbc.ee42fe5e.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeASCII text, with very long lines (2733), with no line terminators Hashfc58a011b6ccfebc0d1dbcb7515c7c9b 3ff8bcf1200b83c0dc8469ea96dd61097e441ead 0b3aebc5aa1bd4eac20ab9aca57d1daba3858f53569f7ba9aa6da22879625bd0
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/chunk-59a76fbc.ee42fe5e.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Mar 2024 06:17:44 GMT
etag: "aad-613fd6ea19200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 653
content-type: text/css
date: Tue, 07 May 2024 17:28:57 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/chunk-62172722.063c0a9d.css | 118.194.230.106 | 200 OK | 367 B |
URL GET HTTP/2aplusrooter.net/merca/css/chunk-62172722.063c0a9d.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeASCII text, with very long lines (883), with no line terminators Hashc98e5cdb06fcf84251695a812c212e2f 23ca350e7dd03cfc784feefec65e69b95d81310b 23a2ca7fbc35172a3e0e4b717530f08472326c6b1aad555f3acbbe5812e19729
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/chunk-62172722.063c0a9d.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Sep 2021 04:00:08 GMT
etag: "373-5cc3d156ba200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 367
content-type: text/css
date: Tue, 07 May 2024 17:28:57 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/favicon.ico | 118.194.230.106 | 200 OK | 2.7 kB |
URL GET HTTP/2aplusrooter.net/favicon.ico IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hasha8f8e6329dcef0d84b45e9b5dbfc3f4b 61751454af256ce0e5b55df8ab76839ba82719d2 077d769fbb4639fb418ded5c338ea223cb2ae11191bd40205565945d83246d3a
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2024 09:06:24 GMT
etag: "86be-6174caf2a4400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2696
content-type: image/x-icon
date: Tue, 07 May 2024 17:28:57 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 | 118.194.230.106 | 200 OK | 0 B |
URL POST HTTP/2aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
POST /ajax/online?it=91.90.42.154@2024:5:7:17:28:57 HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://aplusrooter.net
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
set-cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; expires=Thu, 09-May-2024 09:29:02 GMT; Max-Age=144000; path=/
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 17:29:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/chunk-vendors.663cee71.css | 118.194.230.106 | 200 OK | 42 kB |
URL GET HTTP/2aplusrooter.net/merca/css/chunk-vendors.663cee71.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
File typegzip compressed data, from Unix Hash30b413b38e1c655d71e3a6fcf079e9eb d42780503386f570495860394f9f55bbe4f3ba6c 961aea16af283645a399b0fe1dc8cd3ed1b38d6230a9c837b6f50dff7340f7ac
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/chunk-vendors.663cee71.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Sep 2021 04:00:10 GMT
etag: "141fc-5cc3d158a2680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 | 118.194.230.106 | 200 OK | 0 B |
URL POST HTTP/2aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
POST /ajax/online?it=91.90.42.154@2024:5:7:17:28:57 HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://aplusrooter.net
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
set-cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; expires=Thu, 09-May-2024 09:29:07 GMT; Max-Age=144000; path=/
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 17:29:07 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 | 118.194.230.106 | 200 OK | 0 B |
URL POST HTTP/2aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
POST /ajax/online?it=91.90.42.154@2024:5:7:17:28:57 HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://aplusrooter.net
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
set-cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; expires=Thu, 09-May-2024 09:29:12 GMT; Max-Age=144000; path=/
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 17:29:12 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 | 118.194.230.106 | 200 OK | 0 B |
URL POST HTTP/2aplusrooter.net/ajax/online?it=91.90.42.154@2024:5:7:17:28:57 IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
POST /ajax/online?it=91.90.42.154@2024:5:7:17:28:57 HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://aplusrooter.net
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; thinkphp_show_page_trace=0|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
set-cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828; expires=Thu, 09-May-2024 09:29:17 GMT; Max-Age=144000; path=/
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 17:29:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| aplusrooter.net/merca/css/app.149a721411fc68eaccc8.css | 118.194.230.106 | 200 OK | 420 kB |
URL GET HTTP/2aplusrooter.net/merca/css/app.149a721411fc68eaccc8.css IP118.194.230.106:443 ASN#135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Requested byhttps://aplusrooter.net/login CertificateIssuerLet's Encrypt Subjectaplusrooter.net FingerprintB1:4E:6E:F0:5D:6E:8D:7E:1A:A4:34:2F:3A:E7:EE:7E:4B:28:0C:FA ValidityFri, 03 May 2024 10:54:29 GMT - Thu, 01 Aug 2024 10:54:28 GMT
Size420 kB (419582 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Mercari | Quad9 DNS | malicious | Sinkholed |
GET /merca/css/app.149a721411fc68eaccc8.css HTTP/1.1
Host: aplusrooter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplusrooter.net/login
Cookie: PHPSESSID=b727e7b8c11ef45fdf55c216ffe71828
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 18 Mar 2024 05:17:40 GMT
etag: "666fe-613e879f98500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 07 May 2024 17:28:56 GMT
server: Apache
X-Firefox-Spdy: h2
|
|