Report - 193.111.124.68:1111/

Report Overview

Submitted URL
193.111.124.68:1111/
IP
193.111.124.68
ASN
#139989 CV Atha Media Prima
Submitted
2024-05-04 10:56:36
Access
public
Website Title
SIMRSUD SULTAN ABDUL AZIZSYAH
Final URL
193.111.124.68:1111/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
193.111.124.68:1111	unknown	unknown	No data	No data	14 kB	702 kB	193.111.124.68
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-03	945 B	51 kB	151.101.193.229
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	2.1 kB	67 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed
2024-05-04	medium	193.111.124.68	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	193.111.124.68:1111/assets/home_temp/assets/js/popup.js	1.0 kB	2023-03-07	2024-05-04
Pretty URL 193.111.124.68:1111/assets/home_temp/assets/js/popup.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-04 12:56:43 Times Seen21 Hash 71485adbfb3bdec76dd2bb46aab008f4 c8509b3bbd1293156ed3ed6a9ed72456f4aa3bd0 fd748db6d8bd3bd00543f1d4c4486f393ee087c3b683a0e494b0d245e1e61a15 Loading...

	193.111.124.68:1111/assets/home_temp/vendor/jquery/jquery.min.js	87 kB	2023-03-07	2024-05-17
Pretty URL 193.111.124.68:1111/assets/home_temp/vendor/jquery/jquery.min.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-05-17 23:19:57 Times Seen167477 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	193.111.124.68:1111/assets/home_temp/vendor/bootstrap/js/bootstrap.bundle.min.js	78 kB	2023-03-07	2024-05-18
Pretty URL 193.111.124.68:1111/assets/home_temp/vendor/bootstrap/js/bootstrap.bundle.min.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-05-18 07:05:38 Times Seen9121 Hash 7ccd9d390d31af98110f74f842ea9b32 a85e681624c91a106a514c31eacf80de817b2cc3 f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Loading...

	193.111.124.68:1111/assets/home_temp/assets/js/owl-carousel.js	93 kB	2023-03-07	2024-05-04
Pretty URL 193.111.124.68:1111/assets/home_temp/assets/js/owl-carousel.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-04 12:56:43 Times Seen122 Hash 2fd359627020c93d2e7706075fb56a21 d0e3c38a1597eb9cf96f4a3ed7f8883ad82d23af 44df0b9f6a08c638c2ce544989cc8fc30e90fd2bda8465280d0cf0f2d214173e Loading...

	193.111.124.68:1111/assets/home_temp/assets/js/imagesloaded.js	13 kB	2023-03-07	2024-05-04
Pretty URL 193.111.124.68:1111/assets/home_temp/assets/js/imagesloaded.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-04 12:56:43 Times Seen53 Hash d2114bdc8b5eaed0f50adb472b263838 841de3f39082166c46615e7e382f46e4d8d136b4 3555b2a320dec71839d6dc715647008bd862db55a95e3d2a7d31c19f095f4c0c Loading...

	cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js	72 kB	2023-03-07	2024-05-17
Pretty URL cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-05-17 16:46:36 Times Seen3325 Hash fb8409a092adc6e8be17e87d59e0595e cf8d9821552d51bb50ce572e696aba1309065800 e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js	83 kB	2023-03-07	2024-05-17
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:54 Last Seen2024-05-17 16:46:36 Times Seen1651 Hash a0805bca912ec901f2a7096228b62d46 3233fd01d87fba457eaad8dcbc289f75b170f814 19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49 Loading...

	193.111.124.68:1111/assets/home_temp/assets/js/animation.js	6.0 kB	2023-03-07	2024-05-04
Pretty URL 193.111.124.68:1111/assets/home_temp/assets/js/animation.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-04 12:56:43 Times Seen40 Hash 1b974b9ac35b851aa7aaf477b5a69ee8 18fa9901fc7ff99a768d58b711e4cbfd8000d9c5 c818dba4786771f41a76f31c0c66be1dd9729dfe42509907a1167fd7e84486fe Loading...

	193.111.124.68:1111/assets/home_temp/assets/js/custom.js	5.3 kB	2023-03-07	2024-05-04
Pretty URL 193.111.124.68:1111/assets/home_temp/assets/js/custom.js IP 193.111.124.68 ASN #139989 CV Atha Media Prima Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-04 12:56:43 Times Seen11 Hash 19216b67e575cd0b9fc3ecdef0835cf0 0e255173c12230c120954c61d553183ff565c95b c0bdf1b61d3c13e5a5c369e0b965b81b68ce4c1913b4d79dbb5f518e3cfd0329 Loading...

HTTP Transactions (38)

URL IP Response Size

193.111.124.68:1111/

193.111.124.68

200 OK

3.8 kB

URL User Request GET HTTP/1.1
193.111.124.68:1111/
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
3.8 kB (3835 bytes)
Hash
9b0a84feeb9ce56c1ac7d604bc545131
9f9eab30b8c104fb0e8d290954aeb31f7030a84b
c18e33c5bd0cecbe257b45191d48300277fbc41c7e4f8172c5de2ec2ddfa1265

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:10 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52; expires=Sat, 04-May-2024 12:56:10 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3835
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
http://193.111.124.68:1111/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65245)
Size
26 kB (26139 bytes)
Hash
fb8409a092adc6e8be17e87d59e0595e
cf8d9821552d51bb50ce572e696aba1309065800
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

HTTP Headers

GET /npm/jquery@3.5.1/dist/jquery.slim.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://193.111.124.68:1111
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.5.1
x-jsd-version-type: version
etag: W/"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 10:56:11 GMT
age: 967326
x-served-by: cache-fra-etou8220123-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26139
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
http://193.111.124.68:1111/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
24 kB (23636 bytes)
Hash
a0805bca912ec901f2a7096228b62d46
3233fd01d87fba457eaad8dcbc289f75b170f814
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49

HTTP Headers

GET /npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://193.111.124.68:1111
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.2
x-jsd-version-type: version
etag: W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 10:56:11 GMT
age: 18521387
x-served-by: cache-fra-etou8220105-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23636
X-Firefox-Spdy: h2

193.111.124.68:1111/assets/home_temp/assets/css/font_roboto.css

193.111.124.68

200 OK

816 B

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/css/font_roboto.css
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
ASCII text
Size
816 B (816 bytes)
Hash
4bb0abfafdd681d482fa6f731a3444ab
dd8916b371fa213352d8096e3a2dbd902416566e
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/css/font_roboto.css HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:11 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 15:08:05 GMT
ETag: "32dd-5ea22b5e49f40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 816
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

193.111.124.68:1111/assets/home_temp/assets/css/templatemo-chain-app-dev.css

193.111.124.68

200 OK

6.8 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/css/templatemo-chain-app-dev.css
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
assembler source, ASCII text, with CRLF line terminators
Size
6.8 kB (6849 bytes)
Hash
aac8a48f62c0a5b71b592fc2559aefe5
5997db11ccda38e32651aa07004402a165ea361d
ea8063b7a3bfdb552586351828795dd114e58b8597c76b0011457508b500513a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/css/templatemo-chain-app-dev.css HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:06:51 GMT
ETag: "a8b4-5ebde18915cc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6849
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

193.111.124.68:1111/assets/home_temp/assets/css/fontawesome.css

193.111.124.68

200 OK

7.7 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/css/fontawesome.css
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
ASCII text, with very long lines (374), with CRLF line terminators
Size
7.7 kB (7662 bytes)
Hash
f07ddf8a98341a3f5fbeba3d3a9cb910
4dd093561927f71b6831d2f3c563357df723e329
44ce297fce50978bb9b0af0844cba8ad521a14da3e47215d33da4cc30ac54ee4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/css/fontawesome.css HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 01 Sep 2021 08:44:49 GMT
ETag: "ad7e-5caeb1439a240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7662
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

193.111.124.68:1111/assets/home_temp/vendor/bootstrap/css/bootstrap.min.css

193.111.124.68

200 OK

24 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/vendor/bootstrap/css/bootstrap.min.css
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
24 kB (23945 bytes)
Hash
94994c66fec8c3468b269dc0cc242151
ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:11 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 09 Oct 2021 10:44:24 GMT
ETag: "28021-5cde92ddbb200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23945
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

193.111.124.68:1111/assets/home_temp/assets/css/animated.css

193.111.124.68

200 OK

4.2 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/css/animated.css
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
ASCII text, with CRLF line terminators
Size
4.2 kB (4206 bytes)
Hash
5ff920880dcc7ef4c746beb3f90e078a
699c96bb01e64b1761091c10e1373a37a131a72c
24839fb11bd4fb7162907f91c2869ee3c41f78498a7fa9c24ab97b3b607f4cfd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/css/animated.css HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 01 Mar 2021 11:08:59 GMT
ETag: "12930-5bc77a50128c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4206
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

193.111.124.68:1111/assets/home_temp/vendor/bootstrap/js/bootstrap.bundle.min.js

193.111.124.68

200 OK

23 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/vendor/bootstrap/js/bootstrap.bundle.min.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
23 kB (23053 bytes)
Hash
7ccd9d390d31af98110f74f842ea9b32
a85e681624c91a106a514c31eacf80de817b2cc3
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 09 Oct 2021 10:44:24 GMT
ETag: "13131-5cde92ddbb200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

193.111.124.68:1111/assets/home_temp/assets/js/owl-carousel.js

193.111.124.68

200 OK

20 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/js/owl-carousel.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with very long lines (360), with CRLF line terminators
Size
20 kB (20223 bytes)
Hash
2fd359627020c93d2e7706075fb56a21
d0e3c38a1597eb9cf96f4a3ed7f8883ad82d23af
44df0b9f6a08c638c2ce544989cc8fc30e90fd2bda8465280d0cf0f2d214173e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/js/owl-carousel.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 05 Feb 2019 18:37:31 GMT
ETag: "16cfe-58129e6e590c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20223
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

193.111.124.68:1111/assets/home_temp/assets/css/owl.css

193.111.124.68

200 OK

1.4 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/css/owl.css
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1402 bytes)
Hash
ab8d33d83f5dafcaa8d387dc9f6f034a
c6217b7bf5dcd693ef31d9aa83a3f2a9b263ca03
f057d363c057ac93105ea8b114e0f1fcd9c316e9b945269d3a0b48dafa312369

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/css/owl.css HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 05 Feb 2019 18:36:19 GMT
ETag: "1340-58129e29aeec0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1402
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://193.111.124.68:1111/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://193.111.124.68:1111
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 5256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://193.111.124.68:1111/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://193.111.124.68:1111
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 205273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://193.111.124.68:1111/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://193.111.124.68:1111
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:54 GMT
expires: Fri, 02 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 204739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

193.111.124.68:1111/assets/home_temp/assets/js/popup.js

193.111.124.68

200 OK

518 B

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/js/popup.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with very long lines (518), with CRLF line terminators
Size
518 B (518 bytes)
Hash
71485adbfb3bdec76dd2bb46aab008f4
c8509b3bbd1293156ed3ed6a9ed72456f4aa3bd0
fd748db6d8bd3bd00543f1d4c4486f393ee087c3b683a0e494b0d245e1e61a15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/js/popup.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 02 Sep 2021 12:03:08 GMT
ETag: "407-5cb01f74d5700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 518
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

193.111.124.68:1111/assets/home_temp/assets/js/imagesloaded.js

193.111.124.68

200 OK

3.6 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/js/imagesloaded.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.6 kB (3562 bytes)
Hash
d2114bdc8b5eaed0f50adb472b263838
841de3f39082166c46615e7e382f46e4d8d136b4
3555b2a320dec71839d6dc715647008bd862db55a95e3d2a7d31c19f095f4c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/js/imagesloaded.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 02 Jan 2021 19:29:09 GMT
ETag: "33e1-5b7efdef1ab40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3562
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://193.111.124.68:1111/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://193.111.124.68:1111
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:32:46 GMT
expires: Fri, 02 May 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 203007
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

193.111.124.68:1111/assets/home_temp/assets/js/custom.js

193.111.124.68

200 OK

1.5 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/js/custom.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.5 kB (1510 bytes)
Hash
19216b67e575cd0b9fc3ecdef0835cf0
0e255173c12230c120954c61d553183ff565c95b
c0bdf1b61d3c13e5a5c369e0b965b81b68ce4c1913b4d79dbb5f518e3cfd0329

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/js/custom.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 02 Sep 2021 12:02:51 GMT
ETag: "149b-5cb01f649f0c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1510
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

193.111.124.68:1111/assets/home_temp/assets/js/animation.js

193.111.124.68

200 OK

1.6 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/assets/js/animation.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.6 kB (1562 bytes)
Hash
1b974b9ac35b851aa7aaf477b5a69ee8
18fa9901fc7ff99a768d58b711e4cbfd8000d9c5
c818dba4786771f41a76f31c0c66be1dd9729dfe42509907a1167fd7e84486fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/assets/js/animation.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 01 Mar 2021 11:11:16 GMT
ETag: "1756-5bc77ad2b9d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1562
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

193.111.124.68:1111/assets/image_assets/icon/medical-record.png

193.111.124.68

200 OK

14 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/medical-record.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
14 kB (13866 bytes)
Hash
7a541c04813b33e4a88e7815085bb15d
54640feb84b1bc195debe8eb865f3ba0e224d539
267acde05c61f1696f3523f1dceb74267c4988894d8ab36f852f3dfca3cab202

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/medical-record.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 10:14:28 GMT
ETag: "362a-5eabf8a918900"
Accept-Ranges: bytes
Content-Length: 13866
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/home_temp/vendor/jquery/jquery.min.js

193.111.124.68

200 OK

30 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/home_temp/vendor/jquery/jquery.min.js
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators
Size
30 kB (30309 bytes)
Hash
a46fb81762396b7bf2020774a2fb4d9e
fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/home_temp/vendor/jquery/jquery.min.js HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 02 Sep 2021 08:18:09 GMT
ETag: "1538f-5cafed2b2f240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30309
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

193.111.124.68:1111/assets/image_assets/icon/pharmacy.png

193.111.124.68

200 OK

16 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/pharmacy.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
16 kB (16501 bytes)
Hash
f77b67b18df0d3fca106d6ce2ab3056f
5b78e6bc2c6d0b0a6242355b08e28dec69d28c8e
47c1297ffed1f64050449092f53a863a997aff7ae5568e1bb6a90d1a8d144d1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/pharmacy.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:29:19 GMT
ETag: "4075-5eac09640c1c0"
Accept-Ranges: bytes
Content-Length: 16501
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/warehouse.png

193.111.124.68

200 OK

14 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/warehouse.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
14 kB (14429 bytes)
Hash
baafa31dd8c2bb2db3ce8cbf1bf29590
ad64345bc1f8f0e19ce3fb0de8a84f17e546e4a5
9dfe0cd0aa0d4863bde093880be51da0a8896877e9fcc4c71ace2737c4197568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/warehouse.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:30:39 GMT
ETag: "385d-5eac09b0575c0"
Accept-Ranges: bytes
Content-Length: 14429
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/force.png

193.111.124.68

200 OK

30 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/force.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
30 kB (30129 bytes)
Hash
696a2e0bae18799db32a6701029b2586
da69310d935fb1eb02156ee274560028c612887c
a47895b2306743a4bb03da36be9c5a87e4652b61f0c2f9960cd97e3e8671ea6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/force.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 10:45:52 GMT
ETag: "75b1-5eabffadd1800"
Accept-Ranges: bytes
Content-Length: 30129
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/flask.png

193.111.124.68

200 OK

26 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/flask.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
26 kB (25928 bytes)
Hash
8a7d7d15c24104212b6720e24352c72e
7bd1fe725fb2680f99a6d0fd39960bd3106f587c
6d5e4e7c3a79b6463af1ca24bf5a7c85bfb09e68ad08fbc3f5a79aba57590d69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/flask.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:33:09 GMT
ETag: "6548-5eac0a3f64740"
Accept-Ranges: bytes
Content-Length: 25928
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/health-insurance.png

193.111.124.68

200 OK

25 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/health-insurance.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
25 kB (24757 bytes)
Hash
3c13369f379d6e1ec2dd8c8a924d85ab
8f967696a391f3d73b09194e22fa6634d44c822d
2a9d38345bb8edd1975d7fe2ed9a8d2097533c251369072c976e1439165d0c79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/health-insurance.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:37:56 GMT
ETag: "60b5-5eac0b5118d00"
Accept-Ranges: bytes
Content-Length: 24757
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/recycle-symbol.png

193.111.124.68

200 OK

22 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/recycle-symbol.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
22 kB (21602 bytes)
Hash
a5ca630c391e581d126f75c8d9d7725a
b5f607c1dc234c1e763a8f10e7e9c2acd7a0d152
f2153bcf320f73a21c13b531490dbc9f26e62fb0e3cce7ed7b1d8b561c418dd3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/recycle-symbol.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:40:58 GMT
ETag: "5462-5eac0bfeaa680"
Accept-Ranges: bytes
Content-Length: 21602
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/rehabilitation.png

193.111.124.68

200 OK

29 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/rehabilitation.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
29 kB (28824 bytes)
Hash
f0912ae3ccff2fa04a27d42097d8142f
e0ae1210eab2381251cb8ba72296820e270a89ee
adbf5023f31eb5d6e30b79ef1f6059679d5c3f11556adabee746dd07a2ad4e36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/rehabilitation.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:35:58 GMT
ETag: "7098-5eac0ae090380"
Accept-Ranges: bytes
Content-Length: 28824
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/cash-machine.png

193.111.124.68

200 OK

22 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/cash-machine.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
22 kB (22464 bytes)
Hash
82d681f11e88d5db506ed09b1e54931a
1c26b1ee0b907a6607499656da7dad83f33dce3a
cfd61e16869f4982ddd5e433a9c4af296483580c547d6683fee2c5fc7fc137c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/cash-machine.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:43:20 GMT
ETag: "57c0-5eac0c8616600"
Accept-Ranges: bytes
Content-Length: 22464
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/vitamins.png

193.111.124.68

200 OK

33 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/vitamins.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
33 kB (33056 bytes)
Hash
ede714ddfbcce29cba2e52da54e61e26
c8678c51763620b5f6e7c58987d3bc3c9f9c738e
2797880407dd8a9fb70beeb6efd891367f4eedbc3e55233cdde4e850427b5fdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/vitamins.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:46:06 GMT
ETag: "8120-5eac0d2465b80"
Accept-Ranges: bytes
Content-Length: 33056
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/x-ray.png

193.111.124.68

200 OK

30 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/x-ray.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
30 kB (29859 bytes)
Hash
e4e786cc69ff189b3538c09737e08f7f
8b97ccb109cc3b052e1f358956fb42392aad5516
97b9d63a5ad0a7401e87759d65c5ba9e771d87a71012af83fb689b11d3d0b3ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/x-ray.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:34:19 GMT
ETag: "74a3-5eac0a82264c0"
Accept-Ranges: bytes
Content-Length: 29859
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/scalpel.png

193.111.124.68

200 OK

25 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/scalpel.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
25 kB (25352 bytes)
Hash
82e00e9eda5750ab3b4d08dd4e121b17
08f99bca023ecf84eb629bc65ff250ef231f9ac9
d663939db2bdedd4bf007909f5667a185622ddf36733de83af43c27e91207640

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/scalpel.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:45:08 GMT
ETag: "6308-5eac0ced15900"
Accept-Ranges: bytes
Content-Length: 25352
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/eklaim.jpg

193.111.124.68

200 OK

7.2 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/eklaim.jpg
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 308x163, components 3
Size
7.2 kB (7161 bytes)
Hash
bfb3d548a5fad04f0246813dd4b9ca82
87303ffb2d26fa5b1d25b7004f93851169b3e955
e9bb3777ff75204e1698f1a8a09d01fcd5eee5b8192fb47c3a3a0c6c51724780

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/eklaim.jpg HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:17 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 28 Apr 2024 07:30:14 GMT
ETag: "1bf9-617231b904d80"
Accept-Ranges: bytes
Content-Length: 7161
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

193.111.124.68:1111/assets/image_assets/icon/software-engineer.png

193.111.124.68

200 OK

33 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/software-engineer.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
33 kB (32600 bytes)
Hash
3874f5567f86df8cc084b7b70b4c9560
086f91221b53c38451ce637a4d2b6865f8111fb2
fefab3886869d216f0fdb764a214165e06a375bd26c703d6f80d8c05ed741354

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/software-engineer.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:47:18 GMT
ETag: "7f58-5eac0d690fd80"
Accept-Ranges: bytes
Content-Length: 32600
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/icon/voting.png

193.111.124.68

200 OK

40 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/icon/voting.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
40 kB (39797 bytes)
Hash
879c8cb15233fc592ac9fcc09e5abbb8
8e89dcb53a937ab2dc5a2c7c01f53a21bae39d51
02d0e7008c6e20d677e64832a56f47b9a87ab68b6f9741369465675581e279cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/icon/voting.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:48:55 GMT
ETag: "9b75-5eac0dc5917c0"
Accept-Ranges: bytes
Content-Length: 39797
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/images/white-logo.png

193.111.124.68

404 Not Found

278 B

URL GET HTTP/1.1
193.111.124.68:1111/assets/images/white-logo.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
HTML document, ASCII text
Size
278 B (278 bytes)
Hash
a7f0bd8a71f6ab937e1e21b0b94a6b4d
979e5896b2e80396e876fe5309b29f5bd63a8575
3d50ed5b99ece8c9797fbf166f07ffa991ec1de0cc6fb041606c309a1790d175

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/white-logo.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sat, 04 May 2024 10:56:18 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 278
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

193.111.124.68:1111/assets/image_assets/logo_saas.png

193.111.124.68

200 OK

98 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/logo_saas.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 400 x 390, 8-bit/color RGBA, non-interlaced
Size
98 kB (97889 bytes)
Hash
441e769e67aa9c0468a5182cb6e153bd
397df7c15695f1664da893709f89a6b13bf4d09c
adcb3934dfac2ed0e63f09f83a23866d4962c2b7d6510ee608e322a0390a1059

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/logo_saas.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:07:17 GMT
ETag: "17e61-5eac04774a340"
Accept-Ranges: bytes
Content-Length: 97889
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

193.111.124.68:1111/assets/image_assets/logo_saas.png

193.111.124.68

200 OK

98 kB

URL GET HTTP/1.1
193.111.124.68:1111/assets/image_assets/logo_saas.png
IP
193.111.124.68:1111
ASN
#139989 CV Atha Media Prima

Requested by
http://193.111.124.68:1111/

File type
PNG image data, 400 x 390, 8-bit/color RGBA, non-interlaced
Size
98 kB (97889 bytes)
Hash
441e769e67aa9c0468a5182cb6e153bd
397df7c15695f1664da893709f89a6b13bf4d09c
adcb3934dfac2ed0e63f09f83a23866d4962c2b7d6510ee608e322a0390a1059

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/image_assets/logo_saas.png HTTP/1.1
Host: 193.111.124.68:1111
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://193.111.124.68:1111/
Cookie: ci_session=b5h2m4o522vr5dvj1mr71fc7dp0edl52
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 10:56:18 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 11 Oct 2022 11:07:17 GMT
ETag: "17e61-5eac04774a340"
Accept-Ranges: bytes
Content-Length: 97889
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML