Report - 128.199.80.214/

Report Overview

Submitted URL
128.199.80.214/
IP
128.199.80.214
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-08 18:11:35
Access
public
Website Title
مؤسسة الشهيد زيد علي مصلح
Final URL
128.199.80.214/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
128.199.80.214	unknown	unknown	2015-03-02	2023-03-30	9.2 kB	594 kB	128.199.80.214
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	442 B	32 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed
2024-05-08	medium	128.199.80.214	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	128.199.80.214/assets/js/libs.min.js	1.1 MB	2023-06-29	2024-05-08
Pretty URL 128.199.80.214/assets/js/libs.min.js IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 20:00:43 Last Seen2024-05-08 20:11:37 Times Seen28 Hash ccf6c2e16409875ec01c7e4dc328a2e2 2471199b2b525a79af7bbbf987aa2081d59afa89 4f7ccaaf959ac246026162226bcd4fda2ada68f23251d1cc6c37b5083f401b0e Loading...

	128.199.80.214/assets/js/frappe-web.min.js?ver=1667837126.0	290 kB	2023-07-02	2024-05-08
Pretty URL 128.199.80.214/assets/js/frappe-web.min.js?ver=1667837126.0 IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-02 06:29:03 Last Seen2024-05-08 20:11:37 Times Seen4 Hash 8e1653139e085570cb2d2ec3bd8a226c 1f0322c5b39e96c4174f170845ba8da3f68dcd6e d10f2d9b9840c55b393f282aa5313088b10b0d9b426ab8f4ec06ffa0f0d14e8f Loading...

	128.199.80.214/	212 B	2023-03-08	2024-05-15
Pretty URL 128.199.80.214/ IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 19:37:21 Last Seen2024-05-15 10:01:24 Times Seen10 Hash 06baea9b8192247dd972869d43a16fdc dc34381fa6d1d6bff1af1c8d03dadea908aba4ca 0eeda43fefc37d5297bc9a41b61dd9c0f533cbde72dc4febd1738777ba165741 Loading...

	128.199.80.214/	209 B	2023-07-02	2024-05-08
Pretty URL 128.199.80.214/ IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-02 06:29:03 Last Seen2024-05-08 20:11:36 Times Seen2 Hash eb16f671cb547f167e8ceee185dfdb1e b79abdbeceeab65e24ee8685d24956932ed39634 ea40433316789c7be17816644c191e2975381f8cc35c11e9af8ce7dcf115eb49 Loading...

	128.199.80.214/assets/frappe/js/lib/jquery/jquery.min.js	86 kB	2023-03-07	2024-05-20
Pretty URL 128.199.80.214/assets/frappe/js/lib/jquery/jquery.min.js IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 00:16:05 Times Seen394529 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	unknown	38 B	2023-04-11	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-19 23:37:28 Times Seen32721 Hash caf13b633ab4249aeadda1952a9038ae 1eb64473acd8bff2d081a66f128c611d079f6cbe 30d90270fd3125eb763b9958a72bd513c90cd6207b97dd0ef40c06aa22111ac7 Loading...

	128.199.80.214/assets/js/bootstrap-4-web.min.js	82 kB	2023-03-07	2024-05-08
Pretty URL 128.199.80.214/assets/js/bootstrap-4-web.min.js IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41:18 Last Seen2024-05-08 20:11:37 Times Seen27 Hash 76a301b53ac4f2921639dd28a856ef28 21e3c5974fbd0224b4b6ffb557f0a81348eddb49 b4ba23a860b9a77ca174a74452a4fdb8c4a0b38a4575a8b5e67ae0a446a0807a Loading...

	128.199.80.214/	27 B	2023-03-07	2024-05-15
Pretty URL 128.199.80.214/ IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:41:18 Last Seen2024-05-15 10:01:25 Times Seen93 Hash 903bf3046adeb71ca2a8fc349186a332 ec803e0aec600891d70b63691f91bfe98155540b cfbf131a5eb950499ba8adb5ddb6a8c15754e15ef083db176b94599237182d61 Loading...

	128.199.80.214/website_script.js?ver=1667837126.0	25 B	2023-03-07	2024-05-08
Pretty URL 128.199.80.214/website_script.js?ver=1667837126.0 IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41:18 Last Seen2024-05-08 20:11:37 Times Seen147 Hash f622f3ffb783f12f3e85c60a3f28a6cf e2c83a3dceeb9519b1789c6cde45216edfe8af26 bfc3f25bc17c6b96e68b6c11b85d9c6f9ea1f26f94bc5153c8f2312148265e3b Loading...

	128.199.80.214/assets/js/erpnext-web.min.js?ver=1667837126.0	8.6 kB	2023-03-07	2024-05-08
Pretty URL 128.199.80.214/assets/js/erpnext-web.min.js?ver=1667837126.0 IP 128.199.80.214 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41:18 Last Seen2024-05-08 20:11:37 Times Seen44 Hash 2f1a6e9db283662c88c018b60fa0ffb4 c6fe785c594234e99cf5481584d821668144d988 7c93a1053e3bc3f543956ac4fac794b6957c6ffc4832fa7488408aaddb50a633 Loading...

HTTP Transactions (20)

URL IP Response Size

128.199.80.214/

128.199.80.214

200 OK

27 kB

URL POST HTTP/1.1
128.199.80.214/
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4012)
Size
27 kB (26778 bytes)
Hash
25eb1a38631e1ca80c8be579b363bc3c
ce376acec3ce4021ed8661f75b89824d99d84a41
1a6d80376ff0f569b0d69d2339e7b0c1b87a2dff0d5a42a03e1682dadad6461b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Page-Name: home
X-From-Cache: False
Link: </assets/frappe/js/lib/jquery/jquery.min.js>; rel=preload; as=script,</assets/js/libs.min.js>; rel=preload; as=script,</assets/js/frappe-web.min.js?ver=1667837126.0>; rel=preload; as=script,</assets/js/bootstrap-4-web.min.js>; rel=preload; as=script,</website_script.js?ver=1667837126.0>; rel=preload; as=script,</assets/js/erpnext-web.min.js?ver=1667837126.0>; rel=preload; as=script,</assets/css/frappe-web-b4.css?ver=1667837126.0>; rel=preload; as=style,</assets/css/erpnext-web.css?ver=1667837126.0>; rel=preload; as=style
Set-Cookie: sid=Guest; Expires=Sat, 11-May-2024 18:11:11 GMT; HttpOnly; Path=/; SameSite=Lax
system_user=no; Path=/; SameSite=Lax
full_name=Guest; Path=/; SameSite=Lax
user_id=Guest; Path=/; SameSite=Lax
user_image=; Path=/; SameSite=Lax
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/assets/js/erpnext-web.min.js?ver=1667837126.0

128.199.80.214

200 OK

2.6 kB

URL GET HTTP/1.1
128.199.80.214/assets/js/erpnext-web.min.js?ver=1667837126.0
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JavaScript source, ASCII text, with very long lines (8510)
Size
2.6 kB (2574 bytes)
Hash
2f1a6e9db283662c88c018b60fa0ffb4
c6fe785c594234e99cf5481584d821668144d988
7c93a1053e3bc3f543956ac4fac794b6957c6ffc4832fa7488408aaddb50a633

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/erpnext-web.min.js?ver=1667837126.0 HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Nov 2022 16:07:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63692d40-216b"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/website_script.js?ver=1667837126.0

128.199.80.214

200 OK

25 B

URL GET HTTP/1.1
128.199.80.214/website_script.js?ver=1667837126.0
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
ASCII text
Size
25 B (25 bytes)
Hash
f622f3ffb783f12f3e85c60a3f28a6cf
e2c83a3dceeb9519b1789c6cde45216edfe8af26
bfc3f25bc17c6b96e68b6c11b85d9c6f9ea1f26f94bc5153c8f2312148265e3b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /website_script.js?ver=1667837126.0 HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 25
Connection: keep-alive
X-Page-Name: website_script.js
X-From-Cache: False
Set-Cookie: sid=Guest; Expires=Sat, 11-May-2024 18:11:13 GMT; HttpOnly; Path=/; SameSite=Lax
system_user=no; Path=/; SameSite=Lax
full_name=Guest; Path=/; SameSite=Lax
user_id=Guest; Path=/; SameSite=Lax
user_image=; Path=/; SameSite=Lax
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

128.199.80.214/assets/css/erpnext-web.css?ver=1667837126.0

128.199.80.214

200 OK

4.9 kB

URL GET HTTP/1.1
128.199.80.214/assets/css/erpnext-web.css?ver=1667837126.0
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
ASCII text, with very long lines (22533)
Size
4.9 kB (4875 bytes)
Hash
dae6b0bee3907f1d9103e1da1618fd87
b9eeba6c826299a28d088be9dc19582e1bb9b1f3
ddb1e967f1ce1438d5461ea8a92f22ba33bd7cdef42cc710e42cf80b2e914917

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/erpnext-web.css?ver=1667837126.0 HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: text/css
Last-Modified: Thu, 29 Sep 2022 18:54:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6335e9c8-5b26"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/assets/frappe/js/lib/jquery/jquery.min.js

128.199.80.214

200 OK

30 kB

URL GET HTTP/1.1
128.199.80.214/assets/frappe/js/lib/jquery/jquery.min.js
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30065 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/frappe/js/lib/jquery/jquery.min.js HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:12 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 May 2022 15:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627937d3-14e4a"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/assets/js/frappe-web.min.js?ver=1667837126.0

128.199.80.214

200 OK

84 kB

URL GET HTTP/1.1
128.199.80.214/assets/js/frappe-web.min.js?ver=1667837126.0
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
84 kB (84056 bytes)
Hash
8e1653139e085570cb2d2ec3bd8a226c
1f0322c5b39e96c4174f170845ba8da3f68dcd6e
d10f2d9b9840c55b393f282aa5313088b10b0d9b426ab8f4ec06ffa0f0d14e8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/frappe-web.min.js?ver=1667837126.0 HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Nov 2022 16:06:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63692d03-46d81"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/assets/css/frappe-web-b4.css?ver=1667837126.0

128.199.80.214

200 OK

59 kB

URL GET HTTP/1.1
128.199.80.214/assets/css/frappe-web-b4.css?ver=1667837126.0
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
ASCII text, with very long lines (26623)
Size
59 kB (58893 bytes)
Hash
93ea22cf614172ca90929f19a49a8135
f762584b945b93ce5bf13150dcf01b906e7e1fd6
ea9f9741b2432ed4a673c9e5f4940c730201152b9d7aa6045d1d986748d03d7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/frappe-web-b4.css?ver=1667837126.0 HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: text/css
Last-Modified: Thu, 29 Sep 2022 18:53:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6335e9c3-58703"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/assets/js/bootstrap-4-web.min.js

128.199.80.214

200 OK

22 kB

URL GET HTTP/1.1
128.199.80.214/assets/js/bootstrap-4-web.min.js
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (22359 bytes)
Hash
76a301b53ac4f2921639dd28a856ef28
21e3c5974fbd0224b4b6ffb557f0a81348eddb49
b4ba23a860b9a77ca174a74452a4fdb8c4a0b38a4575a8b5e67ae0a446a0807a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/bootstrap-4-web.min.js HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Nov 2022 16:06:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63692cf6-1420e"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/files/74173363_109182637175441_283765006028242944_n.jpg

128.199.80.214

200 OK

26 kB

URL GET HTTP/1.1
128.199.80.214/files/74173363_109182637175441_283765006028242944_n.jpg
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JPEG image data, progressive, precision 8, 512x512, components 3
Size
26 kB (26007 bytes)
Hash
2f6edaa774aa8e6aa1355ad76d3a8580
734745a97c7d0fd962dca54b812bdaf28d81e1f3
a1f1800fd11e81fbd46710f8ce81b20d98dbcfdff33178101e41795c83d47e69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files/74173363_109182637175441_283765006028242944_n.jpg HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:14 GMT
Content-Type: image/jpeg
Content-Length: 26007
Last-Modified: Sun, 17 Apr 2022 20:08:11 GMT
Connection: keep-alive
ETag: "625c73ab-6597"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes

fonts.googleapis.com/css2?family=Aref+Ruqaa&display=swap

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Aref+Ruqaa&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://128.199.80.214/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
31 kB (31313 bytes)
Hash
a02a342e04f2f522e48fcf8a2b7eda10
e2ec8cf9ed13afbb9fa192142861c0672aaab9f2
383375f41f5f489a0796c5aa2184dcee03b2aed7c3768bb25c5956c182326612

HTTP Headers

GET /css2?family=Aref+Ruqaa&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 18:11:14 GMT
date: Wed, 08 May 2024 18:11:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

128.199.80.214/files/74173363_109182637175441_283765006028242944_n.jpg

128.199.80.214

200 OK

26 kB

URL GET HTTP/1.1
128.199.80.214/files/74173363_109182637175441_283765006028242944_n.jpg
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JPEG image data, progressive, precision 8, 512x512, components 3
Size
26 kB (26007 bytes)
Hash
2f6edaa774aa8e6aa1355ad76d3a8580
734745a97c7d0fd962dca54b812bdaf28d81e1f3
a1f1800fd11e81fbd46710f8ce81b20d98dbcfdff33178101e41795c83d47e69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files/74173363_109182637175441_283765006028242944_n.jpg HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:16 GMT
Content-Type: image/jpeg
Content-Length: 26007
Last-Modified: Sun, 17 Apr 2022 20:08:11 GMT
Connection: keep-alive
ETag: "625c73ab-6597"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes

128.199.80.214/assets/js/libs.min.js

128.199.80.214

200 OK

271 kB

URL GET HTTP/1.1
128.199.80.214/assets/js/libs.min.js
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JavaScript source, ASCII text, with very long lines (34510)
Size
271 kB (271040 bytes)
Hash
ccf6c2e16409875ec01c7e4dc328a2e2
2471199b2b525a79af7bbbf987aa2081d59afa89
4f7ccaaf959ac246026162226bcd4fda2ada68f23251d1cc6c37b5083f401b0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/libs.min.js HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Nov 2022 16:05:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63692cc6-110e30"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/socket.io/?EIO=3&transport=polling&t=OzPPpZy

128.199.80.214

200 OK

99 B

URL GET HTTP/1.1
128.199.80.214/socket.io/?EIO=3&transport=polling&t=OzPPpZy
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
ASCII text, with no line terminators
Size
99 B (99 bytes)
Hash
73b7fc40155ff12e8483e88a2363bba9
cb2afd20fc72b296e1ce83c2557af0f0c6740632
d70c5a97de0d1d0c2e1715904c317caabff55975e35b8c77e19bc1a961607fbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=3&transport=polling&t=OzPPpZy HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:28 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 99
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://128.199.80.214
Set-Cookie: io=LyCz5vbbwB_0-7WdAACm; Path=/; HttpOnly; SameSite=Strict
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

128.199.80.214/socket.io/?EIO=3&transport=polling&t=OzPPpf9&sid=LyCz5vbbwB_0-7WdAACm

128.199.80.214

200 OK

4 B

URL GET HTTP/1.1
128.199.80.214/socket.io/?EIO=3&transport=polling&t=OzPPpf9&sid=LyCz5vbbwB_0-7WdAACm
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
85c290f7c627550a8f66ca8eb1391a5d
7b957d0ead4608886f6731ee82f16e5a80b5e85f
3bce01fc760abe6234cbedd2b7cad5d697e7b8b380397c7d80afe13513253e33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=3&transport=polling&t=OzPPpf9&sid=LyCz5vbbwB_0-7WdAACm HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=; io=LyCz5vbbwB_0-7WdAACm
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:28 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 4
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://128.199.80.214
Set-Cookie: io=LyCz5vbbwB_0-7WdAACm; Path=/; HttpOnly; SameSite=Strict
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

128.199.80.214/

128.199.80.214

200 OK

1.3 kB

URL POST HTTP/1.1
128.199.80.214/
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JSON text data
Size
1.3 kB (1251 bytes)
Hash
7e4c04f23ed1e33805ea242da94e93b6
c077cd54456183fe2dba7da2a942953dea2ddbfc
b7110c89bf9b11d0e67cb739a0b7a60ed43bd5fa51e6053085ea2ea3f3e0a817

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST / HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Frappe-CSRF-Token: None
X-Frappe-CMD: frappe.translate.get_all_languages
X-Requested-With: XMLHttpRequest
Content-Length: 62
Origin: http://128.199.80.214
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:28 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: sid=Guest; Expires=Sat, 11-May-2024 18:11:28 GMT; HttpOnly; Path=/; SameSite=Lax
system_user=no; Path=/; SameSite=Lax
full_name=Guest; Path=/; SameSite=Lax
user_id=Guest; Path=/; SameSite=Lax
user_image=; Path=/; SameSite=Lax
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

128.199.80.214/socket.io/?EIO=3&transport=websocket&sid=LyCz5vbbwB_0-7WdAACm

128.199.80.214

0 B

URL
128.199.80.214/socket.io/?EIO=3&transport=websocket&sid=LyCz5vbbwB_0-7WdAACm
IP
128.199.80.214:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=3&transport=websocket&sid=LyCz5vbbwB_0-7WdAACm HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://128.199.80.214
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FkCCwBBiWtYE3YM5bpOlog==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=; io=LyCz5vbbwB_0-7WdAACm
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 08 May 2024 18:11:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rG2cpoTTci/jkInLkpK7JNz4JPg=

128.199.80.214/

128.199.80.214

200 OK

13 B

URL POST HTTP/1.1
128.199.80.214/
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
JSON text data
Size
13 B (13 bytes)
Hash
2f95f99225ed9f02f8815cfdeea67a76
ec625c2061942469ce7fdc49cfa5738d6767184a
823845758fba1b5bde28ed356dafb2ce6dcd1d92737c29853c93c0f38922f991

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST / HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Frappe-CSRF-Token: None
X-Frappe-CMD: erpnext.e_commerce.doctype.e_commerce_settings.e_commerce_settings.is_cart_enabled
X-Requested-With: XMLHttpRequest
Content-Length: 86
Origin: http://128.199.80.214
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:29 GMT
Content-Type: application/json
Content-Length: 13
Connection: keep-alive
Set-Cookie: sid=Guest; Expires=Sat, 11-May-2024 18:11:29 GMT; HttpOnly; Path=/; SameSite=Lax
system_user=no; Path=/; SameSite=Lax
full_name=Guest; Path=/; SameSite=Lax
user_id=Guest; Path=/; SameSite=Lax
user_image=; Path=/; SameSite=Lax
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

128.199.80.214/socket.io/?EIO=3&transport=polling&t=OzPPpkE&sid=LyCz5vbbwB_0-7WdAACm

128.199.80.214

200 OK

3 B

URL GET HTTP/1.1
128.199.80.214/socket.io/?EIO=3&transport=polling&t=OzPPpkE&sid=LyCz5vbbwB_0-7WdAACm
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=3&transport=polling&t=OzPPpkE&sid=LyCz5vbbwB_0-7WdAACm HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=; io=LyCz5vbbwB_0-7WdAACm
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:29 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 3
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://128.199.80.214
Set-Cookie: io=LyCz5vbbwB_0-7WdAACm; Path=/; HttpOnly; SameSite=Strict
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

128.199.80.214/socket.io/?EIO=3&transport=websocket&sid=LyCz5vbbwB_0-7WdAACm

128.199.80.214

101 Switching Protocols

0 B

URL GET HTTP/1.1
128.199.80.214/socket.io/?EIO=3&transport=websocket&sid=LyCz5vbbwB_0-7WdAACm
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=3&transport=websocket&sid=LyCz5vbbwB_0-7WdAACm HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://128.199.80.214
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FkCCwBBiWtYE3YM5bpOlog==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=; io=LyCz5vbbwB_0-7WdAACm
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 08 May 2024 18:11:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rG2cpoTTci/jkInLkpK7JNz4JPg=

128.199.80.214/assets/css/DroidKufi-Regular.woff2

128.199.80.214

200 OK

31 kB

URL GET HTTP/1.1
128.199.80.214/assets/css/DroidKufi-Regular.woff2
IP
128.199.80.214:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://128.199.80.214/

File type
Web Open Font Format (Version 2), TrueType, length 30712, version 1.0
Size
31 kB (30712 bytes)
Hash
4b973f4d7eacb5779269a413fe8d677b
cefed31f05927267c9453a68b300b5811a01e3f3
994e132a1ee8bd3abbf72ae7c3d5f856d133e5d2b0bbb0f2dc1bc455edb338b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/DroidKufi-Regular.woff2 HTTP/1.1
Host: 128.199.80.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://128.199.80.214/assets/css/frappe-web-b4.css?ver=1667837126.0
Cookie: sid=Guest; system_user=no; full_name=Guest; user_id=Guest; user_image=
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 18:11:14 GMT
Content-Type: application/octet-stream
Content-Length: 30712
Last-Modified: Thu, 29 Sep 2022 18:54:01 GMT
Connection: keep-alive
ETag: "6335e9c9-77f8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL