| 59.68.64.61:8080/tpl/css/mylib.css | 59.68.64.61 | 200 OK | 3.2 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/css/mylib.css IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeASCII text, with CRLF line terminators Hashad1748b899d2f2cb6238bb04173d9a14 6a6930c147f4805f45074dd2a9852372416cafb7 800ace76552305746da07f2d6ca8cad5fd17a295eec61a710117d6bbfbf2295d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/mylib.css HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:24:59 GMT
ETag: "c78-55bf2048a8d87"
Accept-Ranges: bytes
Content-Length: 3192
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 59.68.64.61:8080/tpl/css/ui-lightness/jquery-ui.css | 59.68.64.61 | 200 OK | 36 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/css/ui-lightness/jquery-ui.css IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeASCII text, with very long lines (2363) Hashc4a88ec0cb998929a670c0c58d7dc526 03135a88e8dbc36020dd453d1e7407ce9a3a2cc2 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/ui-lightness/jquery-ui.css HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Sat, 16 Dec 2017 09:05:27 GMT
ETag: "8c85-560716b14801e"
Accept-Ranges: bytes
Content-Length: 35973
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 59.68.64.61:8080/tpl/js/highlighter.js | 59.68.64.61 | 200 OK | 3.4 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/js/highlighter.js IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashb249b5976884a68b36f795c33ff38ca9 cf79267de7b4f7db0dc8939cdd4af527bf725cab c54a19ab79b65cf0142d5df83a9b9179c9a5f881a8a4d7a51f55fdd3739037da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/highlighter.js HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:09 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "d73-55bf204b37ecc"
Accept-Ranges: bytes
Content-Length: 3443
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 59.68.64.61:8080/reader/login.php | 59.68.64.61 | 200 OK | 7.8 kB |
URL User Request GET HTTP/1.159.68.64.61:8080/reader/login.php IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash6e83c5fe13c2e9ef3bf3b06f62bcee13 74fe695c423573de5975859cf633a79e3e909f41 304b26eae11ad27064773ead03b6316876185473f97ef1ffd79fc914af625a53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /reader/login.php HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610; path=/; HttpOnly
HttpOnly;Secure
Content-Length: 7765
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 59.68.64.61:8080/tpl/js/md5.js | 59.68.64.61 | 200 OK | 8.8 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/js/md5.js IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeASCII text, with CRLF line terminators Hashee3a962f93b0031161f08e7c6503f961 742ebc274ad08267f56e51e585c8720a32c9e3a5 dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/md5.js HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "227b-55bf204b37ecc"
Accept-Ranges: bytes
Content-Length: 8827
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 59.68.64.61:8080/tpl/js/base64.js | 59.68.64.61 | 200 OK | 6.8 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/js/base64.js IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeJavaScript source, ASCII text Hash0c282d9ab2bb518b96a918b05b2d44c6 86ca53325faf2d6f0367a9abc7db09a244214ebf 04ae29c937820b9b3b79bd8cfae6fabf6cc3f4fc14690ae40106189f23b63990
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/base64.js HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "1a8b-55bf204b37ecc"
Accept-Ranges: bytes
Content-Length: 6795
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 59.68.64.61:8080/tpl/css/font-awesome.css | 59.68.64.61 | 200 OK | 25 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/css/font-awesome.css IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typetroff or preprocessor input, ASCII text, with very long lines (305) Hashe4e5f0ff7d97d2851d8f06c26a4e302b 15e5b5a9c81e2cf89c768a80cd06c6180f35ab04 305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/font-awesome.css HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:24:59 GMT
ETag: "626d-55bf2048a8d87"
Accept-Ranges: bytes
Content-Length: 25197
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 59.68.64.61:8080/tpl/css/style.css | 59.68.64.61 | 200 OK | 47 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/css/style.css IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeUnicode text, UTF-8 text, with very long lines (735), with CRLF line terminators Hash1380df5f40d8d5fdfe477d5ea5b0d9e5 e417bd55f4b9ab63d1ae13056c9f67affab6d585 8dcfa5f9b881791012e8f03665228234931cef964643963a4c6bb00321397e04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/style.css HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Thu, 28 May 2020 02:18:23 GMT
ETag: "b6d4-5a6abf1642a52"
Accept-Ranges: bytes
Content-Length: 46804
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 59.68.64.61:8080/tpl/js/jquery.js | 59.68.64.61 | 200 OK | 87 kB |
URL GET HTTP/1.159.68.64.61:8080/tpl/js/jquery.js IP59.68.64.61:8080 ASN#4538 China Education and Research Network Center
Requested byhttp://59.68.64.61:8080/reader/login.php
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/jquery.js HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Tue, 20 Nov 2018 01:29:13 GMT
ETag: "1538f-57b0e8fa4f791"
Accept-Ranges: bytes
Content-Length: 86927
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 59.68.64.61:8080/reader/captcha.php | 0.0.0.0 | | 0 B |
URL GET 59.68.64.61:8080/reader/captcha.php IP0.0.0.0:0
Requested byhttp://59.68.64.61:8080/reader/login.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /reader/captcha.php HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
|
|
| 59.68.64.61:8080/tpl/js/jquery-ui.js | 0.0.0.0 | | 0 B |
URL GET 59.68.64.61:8080/tpl/js/jquery-ui.js IP0.0.0.0:0
Requested byhttp://59.68.64.61:8080/reader/login.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/jquery-ui.js HTTP/1.1
Host: 59.68.64.61:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://59.68.64.61:8080/reader/login.php
Cookie: PHPSESSID=vl4ih74h436q0ld8qt99olt610
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 13:30:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Sat, 16 Dec 2017 09:05:27 GMT
ETag: "7f20a-560716b16e17e"
Accept-Ranges: bytes
Content-Length: 520714
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: value
X-Permitted-Cross-Domain-Policies: value
Set-Cookie: HttpOnly;Secure
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|