| 220.78.232.5/favicon.ico | 220.78.232.5 | 200 OK | 18 kB |
IP220.78.232.5:80
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash0e680749731b0a0e1b81c60213a870ea c233eb669581194ae1c6c43717454194cf29a094 769737577519d632795eba87226d8197bd28acd63fc17064f0d9dbd6cd795633
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: (null)/ico;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
|
|
| 220.78.232.5/dialogStyle.css | 220.78.232.5 | 200 OK | 12 kB |
URL GET HTTP/1.0220.78.232.5/dialogStyle.css IP220.78.232.5:443
Requested byhttps://220.78.232.5/policyBanner.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
Hash89c681b5bdd456edd13da5ff83517533 ae32f1e38348f8ebcd8a0fbb848a79f8d390fbb1 67213394820cc911dde2586d37b66b95ee314026914538c95f1d240531f98538
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dialogStyle.css HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/policyBanner.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:18 GMT
Content-type: text/css; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/swl_login-6.2.5-2193764341(eng).css | 220.78.232.5 | 200 OK | 9.1 kB |
URL GET HTTP/1.0220.78.232.5/swl_login-6.2.5-2193764341(eng).css IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeASCII text, with very long lines (9974), with no line terminators Hashefaffd2f946ad29841b2da2aa492c1a4 ebf6483d0d57aa603d70e53ce76a8c700733271e 23c51807f6e3b64c2d4350627285538bb192deae10cd09a7ce6fe1ff3bc34e59
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /swl_login-6.2.5-2193764341(eng).css HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:17 GMT
Content-type: text/css; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/jquery_min-6.5.0-1770770155(eng).js | 220.78.232.5 | 200 OK | 92 kB |
URL GET HTTP/1.0220.78.232.5/jquery_min-6.5.0-1770770155(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeJavaScript source, ASCII text, with very long lines (32082) Hash1edb68418c30acbb9d164aa0f0e0c77e 21d32c310c7a38776dc3126248459287fb3114f2 600057ec5941607cdbccfb95f62c7b8921dc1fa4a59e8bc7c5471a96bc6e6474
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jquery_min-6.5.0-1770770155(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:17 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/browserCheck-6.2.5-1462774771(eng).js | 220.78.232.5 | 200 OK | 6.3 kB |
URL GET HTTP/1.0220.78.232.5/browserCheck-6.2.5-1462774771(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeASCII text, with very long lines (7194), with no line terminators Hash5b82bf2ae19abe69dce2d99328d33a58 d2d89c9edbc3e3e91641b8e49b55f6e870529d8f 4b598198f82ada115c559c1a50c7d8317312520ebe5c7536359394d91ffc1256
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /browserCheck-6.2.5-1462774771(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:18 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/auth1.js | 220.78.232.5 | 200 OK | 3.5 kB |
IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeJavaScript source, ASCII text, with very long lines (4126), with no line terminators Hash07d1920c6d1628288f7de3e2f2e62537 3b0e9c2641fde1661b26e74a79b4e882330d53f3 9994ee1662dc5544589a01254e72a6547704b564a397a15f3693fac9c7803166
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /auth1.js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/logo_sw.png | 220.78.232.5 | 200 OK | 3.2 kB |
IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typePNG image data, 152 x 26, 8-bit/color RGBA, non-interlaced Hash4860590c734f8dc5ee585de2bd00b0fe 159ebc3218c1094b37384266d13319f25e133b2f 7dd2bf5891d67347182cac9dd160071fda93f65d6f11b9bac5ebf138d8899424
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo_sw.png HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:20 GMT
Content-type: image/png;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
|
|
| 220.78.232.5/cookies-6.2.5-1545633177(eng).js | 220.78.232.5 | 200 OK | 4.2 kB |
URL GET HTTP/1.0220.78.232.5/cookies-6.2.5-1545633177(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/policyBanner.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeASCII text, with very long lines (4652), with no line terminators Hash21bbb4cb5b630f01bde80dbd17ecaf45 40cd9656d2756e9ab96bf2c68e70daa3db5c3abe b9d9d2e46be83508987b2f8b3210b01c6242590aee106f551e7bc24bf4d4f5ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cookies-6.2.5-1545633177(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/policyBanner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:18 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| | 220.78.232.5 | 200 OK | 1.1 kB |
URL User Request GET HTTP/1.0IP220.78.232.5:443
CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeHTML document, ASCII text, with very long lines (1291), with no line terminators Hash623a9043c2ee6a0d7d2edd78bb1332d1 60cebae557389e8160b297300dd4ea35b92d3152 e90877674ac7163ac65f5c0c1c4813800ae19e7e9e12459eb1a7dade440c646e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /auth.html HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://220.78.232.5/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:15 GMT
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ws: wss: sonicwall.com *.sonicwall.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| 220.78.232.5/swlStore-6.5.0-4072179305(eng).js | 220.78.232.5 | 200 OK | 4.5 kB |
URL GET HTTP/1.0220.78.232.5/swlStore-6.5.0-4072179305(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeJavaScript source, ASCII text, with very long lines (5167), with no line terminators Hash5958364090304865a504d62615849b02 c65b74b855c75fd63c1b6904a6a39325414ac4d5 03cdfd38b15149f192ed99d81a385dcb1fdb38e24dee1e36ee827caf92126045
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /swlStore-6.5.0-4072179305(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:19 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/auth-6.2.5-3431686588(eng).js | 220.78.232.5 | 200 OK | 9.0 kB |
URL GET HTTP/1.0220.78.232.5/auth-6.2.5-3431686588(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeASCII text, with very long lines (10068), with no line terminators Hash1e4c04dd945bbcdd7a0363930a8b14a3 a2edf39d518a5f0aa47f717b6a474fdbc1905623 33d2a150460f8913b42a26acc64b83b63fa7ce9fd368067224a275701dacc394
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /auth-6.2.5-3431686588(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:18 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/cookies-6.2.5-1545633177(eng).js | 220.78.232.5 | 200 OK | 4.2 kB |
URL GET HTTP/1.0220.78.232.5/cookies-6.2.5-1545633177(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeASCII text, with very long lines (4652), with no line terminators Hash21bbb4cb5b630f01bde80dbd17ecaf45 40cd9656d2756e9ab96bf2c68e70daa3db5c3abe b9d9d2e46be83508987b2f8b3210b01c6242590aee106f551e7bc24bf4d4f5ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cookies-6.2.5-1545633177(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:17 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/policyBanner.html | 220.78.232.5 | 200 OK | 1.9 kB |
URL GET HTTP/1.0220.78.232.5/policyBanner.html IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeHTML document, ASCII text, with very long lines (2147), with no line terminators Hash4525b1cbc76557bdbb0cf69978373fcc 67e8751a9781b9e97eb3cc9ca969e3f48c054565 94689e901d181cd7351eda2ae9ee25d27cc4e3c7cb2bb9ca1cbaba89269d62bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /policyBanner.html HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ws: wss: sonicwall.com *.sonicwall.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| 220.78.232.5/emptyView4.html | 220.78.232.5 | 200 OK | 361 B |
URL GET HTTP/1.0220.78.232.5/emptyView4.html IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeHTML document, ASCII text, with very long lines (400), with no line terminators Hash6db9c5decf2897c33f6d6278340c30aa 96c42bc98ec137f4bf20dab72f583dac2712c01c fd82e39a374b6fec677fa525b518ef81c62d888ab3cf61de2ac3db93017cdc00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /emptyView4.html HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:17 GMT
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ws: wss: sonicwall.com *.sonicwall.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| 220.78.232.5/md5-6.2.5-4190932482(eng).js | 220.78.232.5 | 200 OK | 5.4 kB |
URL GET HTTP/1.0220.78.232.5/md5-6.2.5-4190932482(eng).js IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth1.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeASCII text, with very long lines (5816), with no line terminators Hash9a035300273f0da155c16cb72fadb25c 4c5af80e1b8649a80533a33bd5c068edb7ceb700 462eb329b461de744d9cea854578067f633c9269f8caa3f54f38e9d55f9406d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /md5-6.2.5-4190932482(eng).js HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:18 GMT
Content-type: application/x-javascript; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/swl_styles-6.2.5-4184726327(eng).css | 220.78.232.5 | 200 OK | 59 kB |
URL GET HTTP/1.0220.78.232.5/swl_styles-6.2.5-4184726327(eng).css IP220.78.232.5:443
Requested byhttps://220.78.232.5/policyBanner.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
Hash452609ec8a98b6be298516e61160a52d bd664b235846769cca5a3a9253a4d002994699f3 d2a1ecc6529e220532403fea863a0c201d9f52904d3935e9c0cb10d6eea70532
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /swl_styles-6.2.5-4184726327(eng).css HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/policyBanner.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:18 GMT
Content-type: text/css; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/auth1.html | 220.78.232.5 | 200 OK | 5.4 kB |
IP220.78.232.5:443
Requested byhttps://220.78.232.5/auth.html CertificateIssuerHTTPS Management Certificate for SonicWALL (self-signed) Subject192.168.168.168 Fingerprint3E:80:95:90:62:91:F9:44:2F:6B:D4:D4:71:52:82:59:C2:C2:AE:FA ValidityThu, 01 Jan 1970 00:00:01 GMT - Tue, 19 Jan 2038 03:14:07 GMT
File typeHTML document, ASCII text, with very long lines (6141), with no line terminators Hash2df17af19bc48d4643d4eb88b50d229f 8aa7130c01698d1fac28bb7c47021d31c1206797 528b6ad6bfc328227dfaffdd6056fcb12605addd58f0a733f4fdacae2f097764
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /auth1.html HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://220.78.232.5/auth.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ws: wss: sonicwall.com *.sonicwall.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| 220.78.232.5/swl_login-6.2.5-2193764341.css | 220.78.232.5 | 200 OK | 9.1 kB |
URL GET HTTP/1.0220.78.232.5/swl_login-6.2.5-2193764341.css IP220.78.232.5:80
File typeASCII text, with very long lines (9974), with no line terminators Hashefaffd2f946ad29841b2da2aa492c1a4 ebf6483d0d57aa603d70e53ce76a8c700733271e 23c51807f6e3b64c2d4350627285538bb192deae10cd09a7ce6fe1ff3bc34e59
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /swl_login-6.2.5-2193764341.css HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.78.232.5/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:09 GMT
Content-type: text/css; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| 220.78.232.5/logo_sw.png | 220.78.232.5 | 200 OK | 3.2 kB |
IP220.78.232.5:80
File typePNG image data, 152 x 26, 8-bit/color RGBA, non-interlaced Hash4860590c734f8dc5ee585de2bd00b0fe 159ebc3218c1094b37384266d13319f25e133b2f 7dd2bf5891d67347182cac9dd160071fda93f65d6f11b9bac5ebf138d8899424
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo_sw.png HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.78.232.5/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:11 GMT
Content-type: image/png;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
|
|
| 220.78.232.5/swl_styles-6.2.5-4184726327.css | 220.78.232.5 | 200 OK | 59 kB |
URL GET HTTP/1.0220.78.232.5/swl_styles-6.2.5-4184726327.css IP220.78.232.5:80
Hash452609ec8a98b6be298516e61160a52d bd664b235846769cca5a3a9253a4d002994699f3 d2a1ecc6529e220532403fea863a0c201d9f52904d3935e9c0cb10d6eea70532
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /swl_styles-6.2.5-4184726327.css HTTP/1.1
Host: 220.78.232.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.78.232.5/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: SonicWALL
Cache-Control: private
Expires: Sat, 04 May 2024 10:56:09 GMT
Content-type: text/css; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|