| | 130.193.38.46 | 307 Temporary Redirect | 51 B |
URL User Request GET HTTP/1.1IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
File typeHTML document, ASCII text Hash7951407d60cda3ffb2935a48a1d47650 2161080704f2eb9254b3f4205b096ab5833d56ef 6e2d9389cfdf7011653b22cfadbff5a05c1ca592e57f9f5653b82b3a43c6c1b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=utf-8
Location: /login?next=%2F
Set-Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0; Expires=Sat, 27 Apr 2024 10:06:05 GMT; Max-Age=43200; HttpOnly; SameSite=Lax
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:05 GMT
Content-Length: 51
|
|
| 130.193.38.46:3333/login?next=%2F | 130.193.38.46 | 200 OK | 1.0 kB |
URL User Request GET HTTP/1.1130.193.38.46:3333/login?next=%2F IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
File typeHTML document, ASCII text Hash3449fcf49a3ee6f96d54240cf397d69b 3fa207399326e4b8519c3765fb33887881c8a910 0c2a86c90b0ccc9e51d09bc1d30494b2c73ff9946a4d07acd037cc2b6fc94cb9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login?next=%2F HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Set-Cookie: gophish=MTcxNDE2OTE2NXxka1NEM3RmY292Z0xmdHc5NndUVmMtMTJFMU5iNEM0QzAtVzFSTmlNbUUzMGNKMD18IyxdBAr9z6wnNdqg1MB2kMUhot_Ttq3phmEOkGGAovg=; Path=/; Expires=Wed, 01 May 2024 22:06:05 GMT; Max-Age=432000; HttpOnly
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:05 GMT
Content-Length: 1034
|
|
| 130.193.38.46:3333/css/dist/gophish.css | 130.193.38.46 | 200 OK | 54 kB |
URL GET HTTP/1.1130.193.38.46:3333/css/dist/gophish.css IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
Requested byhttp://130.193.38.46:3333/login?next=%2F
File typeASCII text, with very long lines (65371) Hash81456312f5e010bc99cc2a9994641cff 28017350b9d4848612985af960e093dba01bee4b 160fb52162c90588de9cbc72c270b248230d613e37dbaf41a4b36d459d0eb407
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/dist/gophish.css HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://130.193.38.46:3333/login?next=%2F
Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0; gophish=MTcxNDE2OTE2NXxka1NEM3RmY292Z0xmdHc5NndUVmMtMTJFMU5iNEM0QzAtVzFSTmlNbUUzMGNKMD18IyxdBAr9z6wnNdqg1MB2kMUhot_Ttq3phmEOkGGAovg=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 19 Mar 2024 17:15:21 GMT
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:05 GMT
Transfer-Encoding: chunked
|
|
| 130.193.38.46:3333/images/logo_inv_small.png | 130.193.38.46 | 200 OK | 1.1 kB |
URL GET HTTP/1.1130.193.38.46:3333/images/logo_inv_small.png IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
Requested byhttp://130.193.38.46:3333/login?next=%2F
File typePNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced Hash3ac815d0828b584b391b4ae7fc5f569d 4da733b5f77cf13767ff42eee940033c507d6275 2f29f829326be890877d6a6edf100c03dc807c9a85cafc46146017c51736a0cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/logo_inv_small.png HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://130.193.38.46:3333/login?next=%2F
Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0; gophish=MTcxNDE2OTE2NXxka1NEM3RmY292Z0xmdHc5NndUVmMtMTJFMU5iNEM0QzAtVzFSTmlNbUUzMGNKMD18IyxdBAr9z6wnNdqg1MB2kMUhot_Ttq3phmEOkGGAovg=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1118
Content-Type: image/png
Last-Modified: Tue, 19 Mar 2024 17:15:21 GMT
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:05 GMT
|
|
| 130.193.38.46:3333/images/logo_purple.png | 130.193.38.46 | 200 OK | 4.7 kB |
URL GET HTTP/1.1130.193.38.46:3333/images/logo_purple.png IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
Requested byhttp://130.193.38.46:3333/login?next=%2F
File typePNG image data, 175 x 200, 8-bit/color RGBA, non-interlaced Hash7e2db5d7ddae3ba70937a055a1f0ce32 c15c8a22a2537ba1ee7c61678886d8b7049408f8 35de186516921df5fff7138af665d51b440fc3357c92febeb8ae3063ab501d4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/logo_purple.png HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://130.193.38.46:3333/login?next=%2F
Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0; gophish=MTcxNDE2OTE2NXxka1NEM3RmY292Z0xmdHc5NndUVmMtMTJFMU5iNEM0QzAtVzFSTmlNbUUzMGNKMD18IyxdBAr9z6wnNdqg1MB2kMUhot_Ttq3phmEOkGGAovg=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: image/png
Last-Modified: Tue, 19 Mar 2024 17:15:21 GMT
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:05 GMT
Transfer-Encoding: chunked
|
|
| 130.193.38.46:3333/js/dist/vendor.min.js | 130.193.38.46 | 200 OK | 334 kB |
URL GET HTTP/1.1130.193.38.46:3333/js/dist/vendor.min.js IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
Requested byhttp://130.193.38.46:3333/login?next=%2F
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Size334 kB (334253 bytes) Hash9f461267b3ebcfad222453cf8b2a1e2c 43de814c0e0ab86aed1f3842cb4e4a2253089f77 1f170342d5796adb0e540eb9aafdeb3dccd3bc983d836d110230b39471e1501b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/dist/vendor.min.js HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://130.193.38.46:3333/login?next=%2F
Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0; gophish=MTcxNDE2OTE2NXxka1NEM3RmY292Z0xmdHc5NndUVmMtMTJFMU5iNEM0QzAtVzFSTmlNbUUzMGNKMD18IyxdBAr9z6wnNdqg1MB2kMUhot_Ttq3phmEOkGGAovg=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Sat, 20 Apr 2024 20:18:04 GMT
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:05 GMT
Transfer-Encoding: chunked
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 | 142.250.74.163 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 IP142.250.74.163:443
Requested byhttp://130.193.38.46:3333/login?next=%2F CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14892, version 1.0 Hash9ec6deaf6bada919e20b98f9f7b718b1 501d36403ad8205e4644532600019ecb10f5cb0a 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://130.193.38.46:3333
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:19:22 GMT
expires: Sat, 26 Apr 2025 06:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 56804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 | 142.250.74.163 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 IP142.250.74.163:443
Requested byhttp://130.193.38.46:3333/login?next=%2F CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14712, version 1.0 Hash3afeae0d768769f5e5f30ac9805c5b70 3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://130.193.38.46:3333
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:02 GMT
expires: Sat, 26 Apr 2025 05:55:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 58264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 130.193.38.46:3333/images/favicon.ico | 130.193.38.46 | 200 OK | 1.2 kB |
URL GET HTTP/1.1130.193.38.46:3333/images/favicon.ico IP130.193.38.46:3333 ASN#200350 Yandex.Cloud LLC
Requested byhttp://130.193.38.46:3333/login?next=%2F
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashba6f3dc50a44ff13fe37c0abc9ce41ce 82247e642c0a96183db9f9aaa452dd37a49371b9 6f383235d8dec5350c1233c04b035b116bbbd2b287c13deb298a123dc5e49d03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/favicon.ico HTTP/1.1
Host: 130.193.38.46:3333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://130.193.38.46:3333/login?next=%2F
Cookie: _gorilla_csrf=MTcxNDE2OTE2NXxJa1JWTDI5S1MxTjFjbVZSVEd4VEt6UnlObk5GUTFWb1ZFSlJObXAwZVhaSmFIVk1jVlJ3UlhKamFEUTlJZ289fDQJSE6JhK9s8Tns5zyuuKnkPoy82fwaJnn8qApH-Do0; gophish=MTcxNDE2OTE2NXxka1NEM3RmY292Z0xmdHc5NndUVmMtMTJFMU5iNEM0QzAtVzFSTmlNbUUzMGNKMD18IyxdBAr9z6wnNdqg1MB2kMUhot_Ttq3phmEOkGGAovg=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/vnd.microsoft.icon
Last-Modified: Tue, 19 Mar 2024 17:15:21 GMT
Vary: Accept-Encoding, Cookie
Date: Fri, 26 Apr 2024 22:06:06 GMT
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700 | 142.250.74.106 | 200 OK | 9.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700 IP142.250.74.106:443
Requested byhttp://130.193.38.46:3333/login?next=%2F CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (9740), with no line terminators Hash70436d9f39b0910dd16bab076ea8943d 55ecc25f846d152e6314fd062a054c86bbcb2562 fdebc360647412ab40e32e406c577bcc44fda07b897625a2e822575d59217236
GET /css?family=Source+Sans+Pro:400,300,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://130.193.38.46:3333/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:06:05 GMT
date: Fri, 26 Apr 2024 22:06:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|