{"report_id":"02fac9b0-9630-4371-8a32-dec437e2909c","version":6,"status":"done","tags":[],"date":"2024-10-20T10:23:22Z","url":{"schema":"http","addr":"58.238.216.57:8090/login/login.php","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":0,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"final":{"url":{"schema":"http","addr":"58.238.216.57:8090/login/login.php","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"title":"웹할인-해운대오렌지상가"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2026-12-29T10:23:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"58.238.216.57","ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":10,"received_data":670653,"sent_data":4033,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"Mnemonic Secure DNS","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"58.238.216.57:8090/js/common.js?v=1","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"8cc7173838001204298025f837a1d9f5","sha1":"fe407e1d6cc8f3b7fa40716781102a792a34ca4a","sha256":"b101a1b4ef591b4fc9fd68883e938efa4a70edbfd2c128bae81d93215136b6ea","sha512":"947975b02b675d4d75ff5e96bd9b01b282a1ce7c2b30c6d96c5cc6f0f9971099896f6da9b6275038a2eab57c8332e4cac0334ac1af9d6ea6c71a6a7754be5a20","ssdeep":"","tlshash":"c04121bcfc3f706a892253be1c87414a14f77c267116d8341d907454fde9e84d625ca9","size":1808,"data":"","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-06-22T10:01:53.298341Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/function.js?v=6","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a723e5adc53adf0698349f8fcaf8556","sha1":"c71a2881f0d4c9d805801901b59cf93eafe18c08","sha256":"9cf4cd07e69a07cd0e3e1fb1fdef78ea016c04a997ef31a464bdaf943e57771b","sha512":"aa54041a011f05a32d59617807ca6a9f0299eecdb9a30aaf3d9f7b4f632397e879a1a038d55884e6cd9f9db3464181bf370735956c3f6022dbe9c8b56037ae45","ssdeep":"192:DQ6PXnZA4L5iWRzN35ddm5myKsK+ELTAnikJRR0z190zbwPhHcyv5ydcBE4:DjPXnZA4LnRNbsJPRDPw24PK4","tlshash":"95829646319ee61b43e22132523c891a9c38d4b24709dc54ffe9a4dd74ecb6e71e6638","size":18913,"data":"","first_seen":"2024-10-20T10:23:26.787985Z","last_seen":"2024-10-20T10:23:26.787985Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery-latest.min.js","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95786,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-12T20:36:19.83994Z","times_seen":49588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery-ui.js?v=1","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3248104b3a0843efcd0b4d6e1ed32cb7","sha1":"ba1aa3f44335e9693fa4f5770bab310472a2dd6d","sha256":"57822d44afcaaba82d4fbc0ab93990348a4e9b3dcd3aa86b02c1a2d1b3227185","sha512":"462c5e79e7aa00b806238c21c5f3880aa20e787e432f837e09c52526cc008cb9d9eb4301902d829addaccc1a24690991c61d59c889ddcc50bf33bc7b7421aee9","ssdeep":"6144:2K8S/EGdjXwujgWUl/plq/pzlT5ld1HmcIkQVi6g7IXtu2+5W5ZbH2BTigoXaq/z:DljHmcIkp5W5FH2DznuJy7CjhB0q","tlshash":"0fa4a689f39c266a857a325d5c2e42ce723c8076d601587fbc5c59dc29e883c42bbf79","size":470693,"data":"","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-06-22T10:01:53.300121Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery.cookie.js","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"72610f6134fd623e0d9b6bd5676f0468b83ffe70b02406448426bd95286c862dba7c5f","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-05-12T16:44:36.281818Z","times_seen":16497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery.session.js","fqdn":"58.238.216.57:8090","domain":"58.238.216.57","tld":"57:8090"},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"67bb46762ce01dd560a72c1b96381a84","sha1":"60a9995aa890526f644b2ae1c948001a8fb63655","sha256":"9f534e7621a867ef10f56a094a9a68c0484508f66992f4bbd8dd5bf02d6a3225","sha512":"214080ca4485105ca0281dfaebd467258fbe203700bf1765b75913fab7aba7b48d4e087a0b59a50c57f96d48e04a1d965391e2123e0bc20d2cf4ce6812746f9d","ssdeep":"","tlshash":"e5818d5fb329083882137b692fbe8111763b715c5562862c7d0d71d6275c923c3a5bbe","size":3702,"data":"","first_seen":"2023-03-13T18:58:25Z","last_seen":"2026-05-12T03:04:38.545016Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"58.238.216.57:8090/login/login.php","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-20T10:22:56.269Z","timestamp":1729419776269,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /login/login.php HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nX-Powered-By: PHP/5.5.28\r\nSet-Cookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nContent-Length: 4213\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=euc-kr\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4213,"size_decoded":4213,"mime_type":"text/html; charset=euc-kr","magic":"HTML document, ISO-8859 text","md5":"77a9ac488a6c95fd002f06e5abfa479c","sha1":"e29dfbee2d1384bd5cf368a728e2ae02e1a73471","sha256":"6a8ec98c32a56ffdf566d1ae3becf10c4097200ed46fbe6df5aeba583f204b2e","sha512":"2056901b32e1f346936d24a8518b03b7b0d8c31ab5024ebe18ed236d1d09188eaed49ecd43864e7b1cd8970cef0455ac65df7d9ca7100574bf9d1fdab722a150","ssdeep":"96:SDuLEKXtQR9ZU8R+8gURlhXDU+SBm2hL1fA:SoxEZDR+8gOlhzXSBm2hRfA","tlshash":"cd9171108d8aad1d516062d9d076eda490df6eb0e3228dd0b2bb553f7eccda438a40fc","first_seen":"2024-10-20T10:23:26.751473Z","last_seen":"2024-10-20T10:23:26.751473Z","times_seen":1,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":248,"dns":0,"connect":255,"send":0,"wait":286,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/css/common.css?v=1","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.058Z","timestamp":1729419777058,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/common.css?v=1 HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"d52-57632ea14ecc6\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3410\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3410,"size_decoded":3410,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"e9eb1f7d46844cd182358ca29672feb5","sha1":"139e16a10688d92f234263426d1bd090f9e42667","sha256":"5f83face4b5f74d6b7edf6f13c46df95a23871c5bb91c9beefb03f286e8fc79a","sha512":"c2a595e8084c0e1c3df886ed69b1e84d0ba45b37d48f5bcca0d7ec477f7e141579db34142f1ceaaefac9eb128c923c61829ff92109a9025c1f33e22a006bfc02","ssdeep":"","tlshash":"22615134ab12204ab01ba012b673ef656f3f9112582742b979f43968c38d5b326b67cc","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-02-26T01:41:10.981579Z","times_seen":3,"resource_available":false,"data":null}},"time_used":728,"timings":{"blocked":233,"dns":0,"connect":246,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/css/jquery-ui.css?v=2","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.055Z","timestamp":1729419777055,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/jquery-ui.css?v=2 HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"8477-57632ea14f496\"\r\nAccept-Ranges: bytes\r\nContent-Length: 33911\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33911,"size_decoded":33911,"mime_type":"text/css","magic":"ASCII text, with very long lines (551)","md5":"f3573957472b8451e80e4e4d7da066d5","sha1":"69bbc6b1c76671ca036a086755e2f5c6981634a2","sha256":"d92293cf50fbf7a720133ac86eecf8d45cd2e9d88fab90189048330289927511","sha512":"6c360f17faa6774736cdb1b838dbfa8575b9a9a14b3847b8c3f454e5af80925ce3b5e46c710aba39ef575779d52b6f712368a0c70a181def560b4db0b45ee86c","ssdeep":"384:U0uYfAcT4Z2cTLHwInOYH1aQpyVu40nSr0kI5tunCzS2Tr4JC759:wYoHvHT3pzS2X","tlshash":"d6e232326b43211e7a57c27070a11ff7d23a1382fd67b97e549b2499d3e98a1807f9b0","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-06-22T10:01:53.293757Z","times_seen":4,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery.session.js","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.068Z","timestamp":1729419777068,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/jquery.session.js HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"e76-57632ea1c0916\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3702\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3702,"size_decoded":3702,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"67bb46762ce01dd560a72c1b96381a84","sha1":"60a9995aa890526f644b2ae1c948001a8fb63655","sha256":"9f534e7621a867ef10f56a094a9a68c0484508f66992f4bbd8dd5bf02d6a3225","sha512":"214080ca4485105ca0281dfaebd467258fbe203700bf1765b75913fab7aba7b48d4e087a0b59a50c57f96d48e04a1d965391e2123e0bc20d2cf4ce6812746f9d","ssdeep":"","tlshash":"d471ba1eb7eb081c912371393f7f82117633801b69499d2c791ca2d52f5892247a6fba","first_seen":"2023-03-13T18:58:25Z","last_seen":"2026-05-12T03:04:38.545016Z","times_seen":69,"resource_available":true,"data":null}},"time_used":821,"timings":{"blocked":260,"dns":0,"connect":279,"send":0,"wait":281,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery.cookie.js","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.066Z","timestamp":1729419777066,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"c31-57632ea1bf1a6\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3121\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3121,"size_decoded":3121,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-05-12T16:44:36.281818Z","times_seen":16497,"resource_available":true,"data":null}},"time_used":821,"timings":{"blocked":259,"dns":0,"connect":273,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/common.js?v=1","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.070Z","timestamp":1729419777070,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/common.js?v=1 HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:50 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"6bf-57632ea17bb86\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1727\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1727,"size_decoded":1727,"mime_type":"application/x-javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"e8ebeba21f9025a9303964857d3c4592","sha1":"32649914f280b176109fb640d3ff005342ce42f5","sha256":"3cdfb5d99aa0f310f01d633d5fc6bcbcc94be60d44781c8219b1f14bf51ba0ad","sha512":"df8bcab034e3ff33ca621141cc6d0e60fdbf590c5d6a0c95b18084043a11c74693392c1d7a1d75398b2b9c863b3aad8ac21afddbf6bc6a7896aae6d4cd4f7baa","ssdeep":"","tlshash":"a1312f88b487915ee7f3aba04e3a4209cd35d8739252c4386c5094e43da0f245a9bced","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-06-22T10:01:53.29185Z","times_seen":4,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":469,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/function.js?v=6","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.071Z","timestamp":1729419777071,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/function.js?v=6 HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:50 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"4810-57632ea17cb26\"\r\nAccept-Ranges: bytes\r\nContent-Length: 18448\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18448,"size_decoded":18448,"mime_type":"application/x-javascript","magic":"JavaScript source, ISO-8859 text, with very long lines (317), with CRLF line terminators","md5":"3f00c5cd0725738d4847d82fd4ff76c5","sha1":"c2171394f31f1c712b6ced948b349f0d1eb5d731","sha256":"5b4c19a19ac645e174afd73ca75ad892eed1c28d7267eab1a0b07e1fddf26be6","sha512":"ee1f28bcf39a64fde3eea651348a9f9e60b5a007c3479f28a2b63d6f5707b751d43bb3b08148debbd4588737a392788f518d3f5996469d72c621dd8eada7bde3","ssdeep":"192:DQwqXnZA4T131L5HuRMBD5Udm5mmLsfURFyPKASikJIGR0naHwPEHBjyvmjyq+c4:DqXnZA4T131LwSB6YLGWPNLwY7T4","tlshash":"8882644531aee62b83e22236523c891aec38d4b24605dc54ffe994dd709cb6d72f7638","first_seen":"2024-10-20T10:23:26.770113Z","last_seen":"2024-10-20T10:23:26.770113Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1531,"timings":{"blocked":492,"dns":0,"connect":279,"send":0,"wait":263,"receive":262,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery-latest.min.js","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.060Z","timestamp":1729419777060,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/jquery-latest.min.js HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"1762a-57632ea1b97ce\"\r\nAccept-Ranges: bytes\r\nContent-Length: 95786\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95786,"size_decoded":95786,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (32086)","md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-12T20:36:19.83994Z","times_seen":49588,"resource_available":true,"data":null}},"time_used":1470,"timings":{"blocked":236,"dns":0,"connect":245,"send":0,"wait":246,"receive":743,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/js/jquery-ui.js?v=1","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:57.064Z","timestamp":1729419777064,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/jquery-ui.js?v=1 HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:49 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"72e9a-57632ea1baf3e\"\r\nAccept-Ranges: bytes\r\nContent-Length: 470682\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":470682,"size_decoded":470682,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (547)","md5":"654f75e541bd5398a5e1cefce3aabdb4","sha1":"b33ee2a6e13ff284df15a76ebbc01c2bfd74ca19","sha256":"f4a6671169484239e255238b037b6f9d49c8852f3b6873a5e8b7239be52c635e","sha512":"12a1b2e8762a7e2957bdbe87a288c7f9486a39dde86bfadaa0fa7219219d697257015212543503bd21223d1d9f5214e9d77a0e25067e956e50a091b895fa44ba","ssdeep":"6144:2K8S/EGdjXwujgWUl/plq/pzlT5ld1HmcIkQVi6v7IXtu2+5W5ZbH2BTigoXaq/z:DljHmcIkc5W5FH2DznuJy7CjhB0q","tlshash":"7da4a689f39c266a857a325d5c2e42ce723c8076d601587fbc5c59dc29e883c42bbf79","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-06-22T10:01:53.297447Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2008,"timings":{"blocked":233,"dns":0,"connect":249,"send":0,"wait":250,"receive":1276,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"58.238.216.57:8090/favicon.ico","fqdn":"58.238.216.57","domain":"58.238.216.57","tld":""},"ip":{"addr":"58.238.216.57","port":8090,"asn":9318,"as":"SK Broadband Co Ltd","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://58.238.216.57:8090/login/login.php","date":"2024-10-20T10:22:58.988Z","timestamp":1729419778988,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 58.238.216.57:8090\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://58.238.216.57:8090/login/login.php\r\nCookie: PHPSESSID=k5gq9e4o221b95c0jkelv9ate4; __session:0.4687231761289392:=http:\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Oct 2024 10:43:51 GMT\r\nServer: Apache/2.4.16 (Unix) OpenSSL/1.0.1p PHP/5.5.28 mod_perl/2.0.8-dev Perl/v5.16.3\r\nLast-Modified: Wed, 19 Sep 2018 05:45:31 GMT\r\nETag: \"7d26-57632ea12877e\"\r\nAccept-Ranges: bytes\r\nContent-Length: 32038\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32038,"size_decoded":32038,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel","md5":"8e244ba4c2686dae2afea6e7e6acc5a7","sha1":"abf6372c2c308995e175d9023df408f369ec2f36","sha256":"12e457a7d64f166fd1d0683d33512bc6e091758f3ac8b4e783c06e4adacdab11","sha512":"155d08b78c98452517a3893424f3b38d8e3940cbbf62d1f684924b322f2896f4611a65f0abb39922292e9b8d250e3b8cc5ab38982b6315096068caad58f7a062","ssdeep":"384:JvsDWLuhVjEDaT2b/6S+gKG3yrrrrR+I2aCfRM4P46f:JkD6u8DiK/65syrrrriaCfRMW","tlshash":"b6e21df2d38288adfc55937ed0778c2b1463ad7aa9b0852e115e75366f7338310ba817","first_seen":"2023-07-25T12:40:59Z","last_seen":"2025-06-22T10:01:53.296099Z","times_seen":7,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-20","alert":"Sinkholed","trigger":"58.238.216.57","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}