83.243.129.51/
83.243.129.51200 OK 206 B IP 83.243.129.51:0
File type ASCII text, with no line terminators
Hash 0830995ab16e9ee2c717a95a11b27f54
42f4f82de4a92a4a4a4e8af7400744dbb22df43a
aa7b3042ad79d5a0b33d0061f0ab9a56d87d06d50b93d367846c6cbcdc95de35
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:33 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 206
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11453
Expires: Tue, 25 Oct 2022 01:42:26 GMT
Date: Mon, 24 Oct 2022 22:31:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash cd8d0809aa5948f2a6ee41d2158861af
098cd24ac587cdc70137af412678526de4d43969
88e6741d6bf076bf7132c7cf98456702cc775476095aafd839888edff52fb03e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Alert, Retry-After, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 21:53:04 GMT
Expires: Mon, 24 Oct 2022 22:03:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IF5Kkx6WxCQcRHAwIduLo2QpAArzUHNvGVnaVZRBT9b1McNFSkpGDA==
Age: 2309
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15289
Expires: Tue, 25 Oct 2022 02:46:23 GMT
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lau/6A2Io6ZsEQ4mOlp5Iq2LbtBSYWR63Zrn3PVT8IAfDX6eJlzITRYBR7MjlAweKQHId5gksuU=
x-amz-request-id: 4PBTGWMDAEPHG60W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 21:38:32 GMT
age: 3182
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
83.243.129.51/js/.js_check.html
83.243.129.51200 OK 155 B URL HTTP/1.0 83.243.129.51/js/.js_check.html
IP 83.243.129.51:0
File type HTML document, ASCII text, with no line terminators
Hash 8693873173dfb88e345108689ab8e152
3b625de40d2fb8f0a2851df70b7c121dbcb0b08a
b9d99793d4048212dd321abd49ad9898c9de2d450cef13090e2327a61890f3d2
Analyzer Verdict Alert fortinet Malware
GET /js/.js_check.html HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:33 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 155
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 22:31:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
83.243.129.51/login.html
83.243.129.51200 OK 4.0 kB IP 83.243.129.51:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (575)
Hash 2d6ce13ce012c837c422f912aca9b252
101688aa47ead0740c1f14f61e0af7e0cb23d150
a0bcfeaf6683044405a421e9f994716a230f6cbebd887982b845d2392dc7eed1
Analyzer Verdict Alert fortinet Malware
GET /login.html HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/js/.js_check.html
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:33 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 3998
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/ui.js
83.243.129.51200 OK 19 kB IP 83.243.129.51:0
File type HTML document, ASCII text, with very long lines (716)
Hash 6587605f7c1f451b27281216f0518b9d
01095299d6c305847739813352956e151f78cb9e
713178387852850c9635a37e15dadd1a7c0ea77d1a982a3dc1fb7a7496352d46
Analyzer Verdict Alert fortinet Malware
GET /js/ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19044
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/js/product.js?_=1666650693109
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js?_=1666650693109
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js?_=1666650693109 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/js/post-product.js?_=1666650693110
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650693110
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650693110 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 21:33:32 GMT
Expires: Mon, 24 Oct 2022 21:59:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gz2RQzZZ27epZsYN7HvODsqiVnmVtG41mi2-7hfX2m6cZqg1VKNSpw==
Age: 3482
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/top.html?page=login
83.243.129.51200 OK 5.1 kB URL HTTP/1.0 83.243.129.51/top.html?page=login
IP 83.243.129.51:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 923273fd8dccd02933ac6fa6f6bb305d
99f8bdf7c56ea3cb3a8c40baeb0f642d70e474c3
a22cb3d61fefa80dc55ed67e974d3589afc733a34a0469f463754852c8ee81b0
Analyzer Verdict Alert fortinet Malware
GET /top.html?page=login HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 5127
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3307
Cache-Control: max-age=124218
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:31:34 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:01:52 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
83.243.129.51/style/style_top.css
83.243.129.51200 OK 506 B URL HTTP/1.0 83.243.129.51/style/style_top.css
IP 83.243.129.51:0
Hash 95e5002073403ff453d16bee164cadeb
2bac58097cd8b02cd09dbd6cb3a8d14d4e0d31f8
56aa1e16445ffa801857fcd55528dff1d2c9faad8f0693f04eadaf45bda278a8
GET /style/style_top.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 506
83.243.129.51/style/blueprint/screen.css
83.243.129.51200 OK 11 kB URL HTTP/1.0 83.243.129.51/style/blueprint/screen.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (10857), with no line terminators
Hash bfc5420b0aa4e1a5e3287bc7338bcd76
ce2bc56fb76457bc36eb01a8fdea8812d8146338
bc66958a5e6177add41d489013ccaaad367b067ba93941f6b7119422ea875c10
GET /style/blueprint/screen.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 10857
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/airtiespatterns.js
83.243.129.51200 OK 42 kB URL HTTP/1.0 83.243.129.51/js/airtiespatterns.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (1452)
Hash aea05be9b8b598f0bdf2b837836242a5
c6b2190f7b04bb3aae7522925938be453b1daebe
1178aff24469afcdd6a27a8982c42c9b20f44c6138f6bf7673419d2ee07a6a99
Analyzer Verdict Alert fortinet Malware
GET /js/airtiespatterns.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 41853
83.243.129.51/js/ui.js
83.243.129.51200 OK 19 kB IP 83.243.129.51:0
File type HTML document, ASCII text, with very long lines (716)
Hash 6587605f7c1f451b27281216f0518b9d
01095299d6c305847739813352956e151f78cb9e
713178387852850c9635a37e15dadd1a7c0ea77d1a982a3dc1fb7a7496352d46
Analyzer Verdict Alert fortinet Malware
GET /js/ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19044
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/style/blueprint/print.css
83.243.129.51200 OK 748 B URL HTTP/1.0 83.243.129.51/style/blueprint/print.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (748), with no line terminators
Hash 77e3ca9b955b689315654a2c63a5a1e0
9a8d18fe6742bbbd646f5524a4c30d996ee2dfa7
ea2f5eeeed1dcacc3e18aa7899649294a917619af694fb1083e3cb051a5b9522
GET /style/blueprint/print.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 748
83.243.129.51/images/ajax-loader.gif
83.243.129.51200 OK 6.8 kB URL HTTP/1.0 83.243.129.51/images/ajax-loader.gif
IP 83.243.129.51:0
File type GIF image data, version 89a, 66 x 66\012- data
Hash 69f58b3c2cff5df8df289e59362c610e
17be848c010681533d948ed1600cbc79f1f69ef3
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
GET /images/ajax-loader.gif HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: image/gif
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6820
83.243.129.51/cgi-bin/select_lang?lang=en
83.243.129.51200 OK 196 kB URL HTTP/1.0 83.243.129.51/cgi-bin/select_lang?lang=en
IP 83.243.129.51:0
File type XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (46667)
Size 196 kB (195847 bytes)
Hash 4e7efa1295736b060998ca17ceeb5de8
2a1448304156230bc5602492ca4f59d8352584cf
a592745f0f537474296a5b7c0ee01aba2e6c0a55bf687d55e354ae71eeeeb261
Analyzer Verdict Alert fortinet Malware
GET /cgi-bin/select_lang?lang=en HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/js/product.js?_=1666650693703
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js?_=1666650693703
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js?_=1666650693703 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/js/post-product.js?_=1666650693704
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650693704
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650693704 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
push.services.mozilla.com/
35.83.241.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.241.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 21Lj33ava1Zutsem9GV8Vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cYwhJDk1mVxvLBT+32WQzvw1IMs=
83.243.129.51/main.html
83.243.129.51200 OK 6.0 kB IP 83.243.129.51:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (419)
Hash d496041848b03708f5fb1d1418a67a07
20f760f4bf0951294c8160a3c803dc0fe47fe1b7
3fd199c6ddd8a9418f857b1285a7029820664fb641b50f9fd5efcf1eabb15f62
Analyzer Verdict Alert fortinet Malware
GET /main.html HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 5984
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/ui.js
83.243.129.51200 OK 19 kB IP 83.243.129.51:0
File type HTML document, ASCII text, with very long lines (716)
Hash 6587605f7c1f451b27281216f0518b9d
01095299d6c305847739813352956e151f78cb9e
713178387852850c9635a37e15dadd1a7c0ea77d1a982a3dc1fb7a7496352d46
Analyzer Verdict Alert fortinet Malware
GET /js/ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19044
83.243.129.51/js/airlib.js
83.243.129.51200 OK 25 kB URL HTTP/1.0 83.243.129.51/js/airlib.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (577)
Hash 4c8025bbfc45acf6c3ea7ee45a49c243
f598a3645c5f7724005911f38b864faf9c2af0f1
853fec034cc871798f4175096921309b3c746253101404d50b189b1779734907
Analyzer Verdict Alert fortinet Malware
GET /js/airlib.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 25376
83.243.129.51/js/airtiespatterns.js
83.243.129.51200 OK 42 kB URL HTTP/1.0 83.243.129.51/js/airtiespatterns.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (1452)
Hash aea05be9b8b598f0bdf2b837836242a5
c6b2190f7b04bb3aae7522925938be453b1daebe
1178aff24469afcdd6a27a8982c42c9b20f44c6138f6bf7673419d2ee07a6a99
Analyzer Verdict Alert fortinet Malware
GET /js/airtiespatterns.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 41853
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/js/underscore.js
83.243.129.51200 OK 14 kB URL HTTP/1.0 83.243.129.51/js/underscore.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (14427), with no line terminators
Hash 3b1bdc8ab9a920b3531ec743392444eb
031485c01bd1359fb64316de7fc60aa1ce1f9b99
6514f04b8b27f5b86c1b7530a53472f731ab8a6a9564c6651cdbc4fb6a9a0512
Analyzer Verdict Alert fortinet Malware
GET /js/underscore.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 14427
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/js/post-product.js?_=1666650694113
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650694113
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650694113 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/bottom.html
83.243.129.51200 OK 1.2 kB URL HTTP/1.0 83.243.129.51/bottom.html
IP 83.243.129.51:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9d3abb3742ed26d4f1c671949b48cd4f
8215c4b050e3816964034aca97411a97f27ea69b
5b24844212be48f591deb47d7ce69c83a66c9828a4ab9748b60a6d1e1f952f42
Analyzer Verdict Alert fortinet Malware
GET /bottom.html HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1202
83.243.129.51/style/blueprint/screen.css
83.243.129.51200 OK 11 kB URL HTTP/1.0 83.243.129.51/style/blueprint/screen.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (10857), with no line terminators
Hash bfc5420b0aa4e1a5e3287bc7338bcd76
ce2bc56fb76457bc36eb01a8fdea8812d8146338
bc66958a5e6177add41d489013ccaaad367b067ba93941f6b7119422ea875c10
GET /style/blueprint/screen.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 10857
83.243.129.51/style/global_style.css
83.243.129.51200 OK 2.1 kB URL HTTP/1.0 83.243.129.51/style/global_style.css
IP 83.243.129.51:0
File type assembler source, ASCII text
Hash 42b5aab7c4bcedffe9a3a19451c71fca
9b15c79baccc39e1ab9d5e9ef3922b6a56a70a76
7f3faf1d2724617af46e2b58bfc254c19d374586b89a3399c9a79164642dc1c3
GET /style/global_style.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 2088
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/ui.js
83.243.129.51200 OK 19 kB IP 83.243.129.51:0
File type HTML document, ASCII text, with very long lines (716)
Hash 6587605f7c1f451b27281216f0518b9d
01095299d6c305847739813352956e151f78cb9e
713178387852850c9635a37e15dadd1a7c0ea77d1a982a3dc1fb7a7496352d46
Analyzer Verdict Alert fortinet Malware
GET /js/ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19044
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/style/blueprint/print.css
83.243.129.51200 OK 748 B URL HTTP/1.0 83.243.129.51/style/blueprint/print.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (748), with no line terminators
Hash 77e3ca9b955b689315654a2c63a5a1e0
9a8d18fe6742bbbd646f5524a4c30d996ee2dfa7
ea2f5eeeed1dcacc3e18aa7899649294a917619af694fb1083e3cb051a5b9522
GET /style/blueprint/print.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 748
83.243.129.51/js/product.js?_=1666650694636
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js?_=1666650694636
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js?_=1666650694636 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/js/post-product.js?_=1666650694637
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650694637
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650694637 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
83.243.129.51200 OK 2.0 kB URL HTTP/1.0 83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
IP 83.243.129.51:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9dad112ffd1dd63cb059f59e8a2f092b
3eb48c04393b781fdf74eb5d2f9bfd80ff0b8ca9
568bfd858ab00fa63e96a0c60044450cb87ef0c38f1765470a302d81f5b04e7a
GET /menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1973
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/bottom.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:35 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 5.5 kB URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
File type XML 1.0 document text\012- broken XHTML document text (version 1.0)\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 549df745f4726cd5925f007227e7c8fa
d942bbd0ad9aaf3ab7019457fe3035425dc5230e
b7a76166123b0dbbf0f7f8690db70e988b0416687199b140b69e9f738cd8178b
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 395
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/homepage.html?PassCheck=1
83.243.129.51200 OK 25 kB URL HTTP/1.0 83.243.129.51/homepage.html?PassCheck=1
IP 83.243.129.51:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3169)
Hash ef4a9da9a5419bf67f5f3f4654d434b1
d2c06b865d4e4efeb38a798f4e863ce752821232
6d0423e29db9456615f5816d9c1d95d11d48fab1363dede2479f73cb1933041e
Analyzer Verdict Alert fortinet Malware
GET /homepage.html?PassCheck=1 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
Upgrade-Insecure-Requests: 1
HTTP/1.0 200 OK
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 24881
83.243.129.51/style/style_menu.css
83.243.129.51200 OK 1.5 kB URL HTTP/1.0 83.243.129.51/style/style_menu.css
IP 83.243.129.51:0
File type ASCII text, with CRLF, LF line terminators
Hash 3701c89874784fb490ba3f60e5bd74ae
d97e3205c3554115f4973378f0f37784cc03f370
983a17d8556465bae10127758b0887fe51795f60806ccfbad88cbb9f5183a52c
GET /style/style_menu.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1541
83.243.129.51/js/product.js
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/js/underscore.js
83.243.129.51200 OK 14 kB URL HTTP/1.0 83.243.129.51/js/underscore.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (14427), with no line terminators
Hash 3b1bdc8ab9a920b3531ec743392444eb
031485c01bd1359fb64316de7fc60aa1ce1f9b99
6514f04b8b27f5b86c1b7530a53472f731ab8a6a9564c6651cdbc4fb6a9a0512
Analyzer Verdict Alert fortinet Malware
GET /js/underscore.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 14427
83.243.129.51/js/requireConfig.js
83.243.129.51200 OK 449 B URL HTTP/1.0 83.243.129.51/js/requireConfig.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (449), with no line terminators
Hash a5b1a235b7b51635fe1d7e19d2ddd951
08a4aa0f752366bd6f40eb6e1196037ad49c325e
b6ee9058cc44558b7ee1eb7a95796c265334ed96d149d0aed384b80412f7c519
Analyzer Verdict Alert fortinet Malware
GET /js/requireConfig.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 449
83.243.129.51/js/require.js
83.243.129.51200 OK 15 kB URL HTTP/1.0 83.243.129.51/js/require.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (11423)
Hash 3bd175184b3c81c0ef9c23e46b86d1b3
c3b703bc207b497a23d1abf438832dcc9e926479
043a21d758d11652f4ab26de3fa832bfbfb71d2da1177ba06b674654d320529a
Analyzer Verdict Alert fortinet Malware
GET /js/require.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 15018
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15882
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fe81c53-d1b6-41f3-80b6-2deb2f9910a2.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fe81c53-d1b6-41f3-80b6-2deb2f9910a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f9dcb593f8cda6614f0038cd9d9f240
5f466d8c8fac2fad3e4539e92ac8f7f8fab4dc53
c111e59b70b4bca5f935cd53cbb6c5287d549a2364f537b8258da64d4405ad3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fe81c53-d1b6-41f3-80b6-2deb2f9910a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4606
x-amzn-requestid: 27a36481-c1d3-4bf3-a6b0-61a00b6bb058
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3JBHEzIAMF4aQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357056c-0e3cf1f16c80195571efe893;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lb4ICk39ElQVKsuVxc_zD6qW6hHoL8auNJ3hgZnjqJ-il9dyuOS3tg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:58 GMT
age: 2738
etag: "5f466d8c8fac2fad3e4539e92ac8f7f8fab4dc53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3sV_Wswao5mW-vx2uno8kuZE0qTvTaJYVB8MeVi1dolnHblN_uYwQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
age: 2747
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 04:35:17 GMT
age: 64579
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0215d09b407ecfd690d63aee6a30add
d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94
6147a16325e6c63e7e3acfde58a4cfcd04564ddd6df61835e6e563ec6e67aa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5662
x-amzn-requestid: cb169868-462c-4083-af25-ca65cb2df563
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3EhH7SoAMFdeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054f-1635cae5575eed4a43607a11;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3AVj0cWeDVgo3DVqvDiofHw2sXlQVGFhijv3QOzs0vNruMXzx8pl2Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:57:04 GMT
etag: "d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94"
content-type: image/jpeg
age: 2072
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4f6855f-9ed8-45f8-8210-2a1c3775084c.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4f6855f-9ed8-45f8-8210-2a1c3775084c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aeb6b1835d08c55cf42c944741534ed
2009d471c426326137be99f0becf8a04b51aae1f
368e0fc26b5cae86c8e3d4ea761a0cf8006853834b6c7d721b4ca53a0ced7bc0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4f6855f-9ed8-45f8-8210-2a1c3775084c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4461
x-amzn-requestid: 6a91b1ef-03ad-41a9-a7ef-79c9129773f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7m1eEUsoAMFq2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347b822-19570e781713e88644149419;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 07:02:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TJ09hafmsoFCDjrsKTmSFovCGUOCAYUK8uge9nyoe6ZFdtAAjnDswQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:57:04 GMT
age: 2072
etag: "2009d471c426326137be99f0becf8a04b51aae1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8f7dec290a5b32d2e1760ea01e0f160
bac869e97622c00d8ba2349ac03c6390229f8929
aa5d7fcb93818d291acce653a883c312595314685b9de29d788491d9310efcbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4513
x-amzn-requestid: 32d9a3be-9964-4e53-a31c-ca4edffab306
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: acDxnGtTIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354b33d-371bb2cb770b34624ec753de;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 03:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RRQUYwIoEf89Y2igmq4tQv6t8vlve9jeJrPqCE5uWe0yoYAO-ytvtA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 08:16:58 GMT
age: 51278
etag: "bac869e97622c00d8ba2349ac03c6390229f8929"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
83.243.129.51/style/global_style.css
83.243.129.51200 OK 2.1 kB URL HTTP/1.0 83.243.129.51/style/global_style.css
IP 83.243.129.51:0
File type assembler source, ASCII text
Hash 42b5aab7c4bcedffe9a3a19451c71fca
9b15c79baccc39e1ab9d5e9ef3922b6a56a70a76
7f3faf1d2724617af46e2b58bfc254c19d374586b89a3399c9a79164642dc1c3
GET /style/global_style.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 2088
83.243.129.51/style/blueprint/screen.css
83.243.129.51200 OK 11 kB URL HTTP/1.0 83.243.129.51/style/blueprint/screen.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (10857), with no line terminators
Hash bfc5420b0aa4e1a5e3287bc7338bcd76
ce2bc56fb76457bc36eb01a8fdea8812d8146338
bc66958a5e6177add41d489013ccaaad367b067ba93941f6b7119422ea875c10
GET /style/blueprint/screen.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 10857
83.243.129.51/style/style_homepage.css
83.243.129.51200 OK 250 B URL HTTP/1.0 83.243.129.51/style/style_homepage.css
IP 83.243.129.51:0
Hash d7e54c1262eeabd1cce65be717eb691a
1fbaaba0b478f7ec1ae02dfd64c36e2a68011013
d1441d507369c0b7b06c7bdd3ace0b9b630683d5edf3092cbb4c46ef97d853b2
GET /style/style_homepage.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 250
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/global/global_view.js
83.243.129.51200 OK 3.5 kB URL HTTP/1.0 83.243.129.51/global/global_view.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (728)
Hash 168194e10cc6076c64aadfe8a6da3638
52391f278e6689aa3831095b6c680ff3af8cd5d6
8755d0fce81bf54e76e65705fde353c2c9828e98b86d0109fe67410a58a413b6
Analyzer Verdict Alert fortinet Malware
GET /global/global_view.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 3525
83.243.129.51/style/jqueryui/jquery-ui.css
83.243.129.51200 OK 27 kB URL HTTP/1.0 83.243.129.51/style/jqueryui/jquery-ui.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (26446)
Hash 4b7039d50aa5bc78858b8cbd32bed2d5
e515358984b353d1f91d075f9610c379c7f52212
228daf8f6e2abab553d0799fa9048dd00a164c3882a94973e82508aef79ce370
GET /style/jqueryui/jquery-ui.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 26864
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15882
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15882
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: keep-alive
83.243.129.51/js/OptionalFeatures.js
83.243.129.51200 OK 2.1 kB URL HTTP/1.0 83.243.129.51/js/OptionalFeatures.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (1029)
Hash ffdd602fdc961d75839c3e688745bf42
752e020f6bd1da8b9f4fe7fe31342353169d7d8b
dd3fb6c8f0fb3d009b650e37b70e9f5d8cf85c813e2ea32f1e192d4183e3fdca
Analyzer Verdict Alert fortinet Malware
GET /js/OptionalFeatures.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 2066
83.243.129.51/js/ui.js
83.243.129.51200 OK 19 kB IP 83.243.129.51:0
File type HTML document, ASCII text, with very long lines (716)
Hash 6587605f7c1f451b27281216f0518b9d
01095299d6c305847739813352956e151f78cb9e
713178387852850c9635a37e15dadd1a7c0ea77d1a982a3dc1fb7a7496352d46
Analyzer Verdict Alert fortinet Malware
GET /js/ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19044
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15882
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: keep-alive
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15882
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: keep-alive
83.243.129.51/style/style_top.css
83.243.129.51200 OK 506 B URL HTTP/1.0 83.243.129.51/style/style_top.css
IP 83.243.129.51:0
Hash 95e5002073403ff453d16bee164cadeb
2bac58097cd8b02cd09dbd6cb3a8d14d4e0d31f8
56aa1e16445ffa801857fcd55528dff1d2c9faad8f0693f04eadaf45bda278a8
GET /style/style_top.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 506
83.243.129.51/js/requireConfig.js
83.243.129.51200 OK 449 B URL HTTP/1.0 83.243.129.51/js/requireConfig.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (449), with no line terminators
Hash a5b1a235b7b51635fe1d7e19d2ddd951
08a4aa0f752366bd6f40eb6e1196037ad49c325e
b6ee9058cc44558b7ee1eb7a95796c265334ed96d149d0aed384b80412f7c519
Analyzer Verdict Alert fortinet Malware
GET /js/requireConfig.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 449
83.243.129.51/js/airlib.js
83.243.129.51200 OK 25 kB URL HTTP/1.0 83.243.129.51/js/airlib.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (577)
Hash 4c8025bbfc45acf6c3ea7ee45a49c243
f598a3645c5f7724005911f38b864faf9c2af0f1
853fec034cc871798f4175096921309b3c746253101404d50b189b1779734907
Analyzer Verdict Alert fortinet Malware
GET /js/airlib.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 25376
83.243.129.51/js/airtiespatterns.js
83.243.129.51200 OK 42 kB URL HTTP/1.0 83.243.129.51/js/airtiespatterns.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (1452)
Hash aea05be9b8b598f0bdf2b837836242a5
c6b2190f7b04bb3aae7522925938be453b1daebe
1178aff24469afcdd6a27a8982c42c9b20f44c6138f6bf7673419d2ee07a6a99
Analyzer Verdict Alert fortinet Malware
GET /js/airtiespatterns.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 41853
83.243.129.51/menu/app.js?bust=1666650695159
83.243.129.51200 OK 140 B URL HTTP/1.0 83.243.129.51/menu/app.js?bust=1666650695159
IP 83.243.129.51:0
Hash a2acf28d7bb7656be83e343714658f19
c8231365249d63fa8000d79c95b6c2415a5562cb
0b3b588a74ff85da0c0dec7b2df2994e115ed810250cb0b5b72d2d59883b445e
Analyzer Verdict Alert fortinet Malware
GET /menu/app.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 140
83.243.129.51/style/blueprint/screen.css
83.243.129.51200 OK 11 kB URL HTTP/1.0 83.243.129.51/style/blueprint/screen.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (10857), with no line terminators
Hash bfc5420b0aa4e1a5e3287bc7338bcd76
ce2bc56fb76457bc36eb01a8fdea8812d8146338
bc66958a5e6177add41d489013ccaaad367b067ba93941f6b7119422ea875c10
GET /style/blueprint/screen.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 10857
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/require.js
83.243.129.51200 OK 15 kB URL HTTP/1.0 83.243.129.51/js/require.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (11423)
Hash 3bd175184b3c81c0ef9c23e46b86d1b3
c3b703bc207b497a23d1abf438832dcc9e926479
043a21d758d11652f4ab26de3fa832bfbfb71d2da1177ba06b674654d320529a
Analyzer Verdict Alert fortinet Malware
GET /js/require.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 15018
83.243.129.51/js/jquery-ui.js
83.243.129.51200 OK 238 kB URL HTTP/1.0 83.243.129.51/js/jquery-ui.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (64637)
Size 238 kB (237733 bytes)
Hash b36ec9dcb4f6dfeb004cb5fef2478b81
2bfcf4693bf585c0692843fb59f7c8dab59b166c
757efb21f149a2da26dc81d8eb93fae9863c860a7a41dae763e573c7af3ea294
Analyzer Verdict Alert fortinet Malware
GET /js/jquery-ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 237733
83.243.129.51/js/Definitions.js
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/airtiespatterns.js
83.243.129.51200 OK 42 kB URL HTTP/1.0 83.243.129.51/js/airtiespatterns.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (1452)
Hash aea05be9b8b598f0bdf2b837836242a5
c6b2190f7b04bb3aae7522925938be453b1daebe
1178aff24469afcdd6a27a8982c42c9b20f44c6138f6bf7673419d2ee07a6a99
Analyzer Verdict Alert fortinet Malware
GET /js/airtiespatterns.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 41853
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/menu/menuPresenter.js?bust=1666650695159
83.243.129.51200 OK 750 B URL HTTP/1.0 83.243.129.51/menu/menuPresenter.js?bust=1666650695159
IP 83.243.129.51:0
Hash 4a94914a7112cde34d6d35164004c80a
7ed093fac16412d46ce46ca6ab0da4e734633a56
7bd574cdd1e50b10cefcea7523cb5bf2da0579e8e691ba6ffb4aa25fc02f3594
GET /menu/menuPresenter.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 750
83.243.129.51/images/menu_h_line.gif
83.243.129.51200 OK 310 B URL HTTP/1.0 83.243.129.51/images/menu_h_line.gif
IP 83.243.129.51:0
File type GIF image data, version 89a, 10000 x 4\012- data
Hash 92159bd4014ef69ba12a1c84f9a2780a
684d19d84d18da050165b7a931cf052d67bea751
d67628e38cdf0258831fa259bd0090fd89770f44add0e1aec2f95cb9b2e9b027
GET /images/menu_h_line.gif HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/style/style_menu.css
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: image/gif
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 310
83.243.129.51/js/ui.js
83.243.129.51200 OK 1.4 kB IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/ui.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19044
83.243.129.51/js/jquery.js?bust=1666650695159
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js?bust=1666650695159
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
GET /js/jquery.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/js/post-product.js?_=1666650695158
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650695158
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650695158 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
83.243.129.51/js/jquery.js
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/menu/menuItemCollection.js?bust=1666650695159
83.243.129.51200 OK 481 B URL HTTP/1.0 83.243.129.51/menu/menuItemCollection.js?bust=1666650695159
IP 83.243.129.51:0
Hash a9ccac71549ab0cd6a28e79bdfa5d092
9f2a54d9f79f27edf0569980455fff72e074ef42
4f4160ed77ec28d81b02f62d15e6593eacb1aa53a2ed4d20a9656266673cf2f8
Analyzer Verdict Alert fortinet Malware
GET /menu/menuItemCollection.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 481
83.243.129.51/js/product.js?_=1666650695428
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js?_=1666650695428
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js?_=1666650695428 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/menu/view.js?bust=1666650695159
83.243.129.51200 OK 706 B URL HTTP/1.0 83.243.129.51/menu/view.js?bust=1666650695159
IP 83.243.129.51:0
Hash a89e26de9c26ad36160780dad7e3d606
eb8dc0476180fdda0e11548c934471d365b5cfb0
1df2e65656e7dcaeec5a5b88c6b7502df284f23d7bbd68caa2b50632d8b24993
GET /menu/view.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 706
83.243.129.51/menu/menuUsecase.js?bust=1666650695159
83.243.129.51200 OK 1.5 kB URL HTTP/1.0 83.243.129.51/menu/menuUsecase.js?bust=1666650695159
IP 83.243.129.51:0
Hash f52d0f7275a6be8a61d94d47e4cb4b7d
9558f544cfcd4ddb6ba5bc33e5faae0fe6c3947b
7d6fd7c4e9c0bdbf63e7eb3dffcdc97478460220159f1e2e845f1d99bf8c4d48
Analyzer Verdict Alert fortinet Malware
GET /menu/menuUsecase.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1539
83.243.129.51/style/blueprint/print.css
83.243.129.51200 OK 748 B URL HTTP/1.0 83.243.129.51/style/blueprint/print.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (748), with no line terminators
Hash 77e3ca9b955b689315654a2c63a5a1e0
9a8d18fe6742bbbd646f5524a4c30d996ee2dfa7
ea2f5eeeed1dcacc3e18aa7899649294a917619af694fb1083e3cb051a5b9522
GET /style/blueprint/print.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 748
83.243.129.51/js/post-product.js?_=1666650695429
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650695429
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650695429 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
83.243.129.51/style/blueprint/print.css
83.243.129.51200 OK 748 B URL HTTP/1.0 83.243.129.51/style/blueprint/print.css
IP 83.243.129.51:0
File type ASCII text, with very long lines (748), with no line terminators
Hash 77e3ca9b955b689315654a2c63a5a1e0
9a8d18fe6742bbbd646f5524a4c30d996ee2dfa7
ea2f5eeeed1dcacc3e18aa7899649294a917619af694fb1083e3cb051a5b9522
GET /style/blueprint/print.css HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/css
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 748
83.243.129.51/js/Definitions.js?bust=1666650695159
83.243.129.51200 OK 6.9 kB URL HTTP/1.0 83.243.129.51/js/Definitions.js?bust=1666650695159
IP 83.243.129.51:0
File type ASCII text, with very long lines (5241)
Hash 1d24caaf39f6bbf3fa9a6ce95070e548
bfae27f60b85f09cce2aaa3f0f6019271b209b08
4e938f2b69c054a40aa97e34f7981bfdb008c5e1b32b57707852ea38b66300ed
Analyzer Verdict Alert fortinet Malware
GET /js/Definitions.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6927
83.243.129.51/js/underscore.js?bust=1666650695159
83.243.129.51200 OK 14 kB URL HTTP/1.0 83.243.129.51/js/underscore.js?bust=1666650695159
IP 83.243.129.51:0
File type ASCII text, with very long lines (14427), with no line terminators
Hash 3b1bdc8ab9a920b3531ec743392444eb
031485c01bd1359fb64316de7fc60aa1ce1f9b99
6514f04b8b27f5b86c1b7530a53472f731ab8a6a9564c6651cdbc4fb6a9a0512
Analyzer Verdict Alert fortinet Malware
GET /js/underscore.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 14427
83.243.129.51/js/product.js?_=1666650695528
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js?_=1666650695528
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js?_=1666650695528 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/js/post-product.js?_=1666650695529
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650695529
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650695529 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
83.243.129.51/js/product.js?_=1666650695453
83.243.129.51200 OK 1.4 kB URL HTTP/1.0 83.243.129.51/js/product.js?_=1666650695453
IP 83.243.129.51:0
Hash 652197a953bc5bb7ef0eb981f9f63eee
e829d7e10cef9aa509fc5890c762d8a614071c9e
3ebef2e78fb082c0afdbeeb4b0fb1615817354d07a71c35867e329d49ae4dd11
Analyzer Verdict Alert fortinet Malware
GET /js/product.js?_=1666650695453 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1443
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/js/post-product.js?_=1666650695454
83.243.129.51200 OK 467 B URL HTTP/1.0 83.243.129.51/js/post-product.js?_=1666650695454
IP 83.243.129.51:0
Hash 5c022b2077dafbd10b3f5e6b18e3916d
16434e2cbb22536d25229f8ab4bd471a170f3bb8
4028b766367f937bfbad131d6372177076386392df2c7eebf84d106bdacdfbe7
GET /js/post-product.js?_=1666650695454 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 467
83.243.129.51/js/webapp.js?bust=1666650695159
83.243.129.51200 OK 5.4 kB URL HTTP/1.0 83.243.129.51/js/webapp.js?bust=1666650695159
IP 83.243.129.51:0
File type ASCII text, with very long lines (1588)
Hash 4cc220f91909ea291a2d05a18b02eeba
8b29a6401caa3ab1b9aa2259a49a781d9478cf35
df3307556dd2a5d706b7059d846d6a6913d511976448f4d6828bb719b07ae933
GET /js/webapp.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 5372
83.243.129.51/images/v_line_bg.gif
83.243.129.51200 OK 74 B URL HTTP/1.0 83.243.129.51/images/v_line_bg.gif
IP 83.243.129.51:0
File type GIF image data, version 89a, 6 x 112\012- data
Hash cff5c212dfb755a61b9cea25402d8019
f5a3dd6e72f0820cf803631e3ed75e7770afa98b
46150c992f6f65cf73217ce046fac46feef0b6d17a203c7dd5d47d360967d375
GET /images/v_line_bg.gif HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/style/style_top.css
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: image/gif
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 74
83.243.129.51/images/airties_logo.gif
83.243.129.51200 OK 2.0 kB URL HTTP/1.0 83.243.129.51/images/airties_logo.gif
IP 83.243.129.51:0
File type GIF image data, version 89a, 301 x 112\012- data
Hash 93f1753960c3fd23dc4970ae37694c30
9ac4cf6e440a4fb7a1be7adc35b25c963292a267
6b332e17eeba3b9d72b9482f163a77d9819d379f9f70ccfe35e39c3f8ccc5151
GET /images/airties_logo.gif HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/style/style_top.css
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: image/gif
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 1960
83.243.129.51/js/backbone.js?bust=1666650695159
83.243.129.51200 OK 20 kB URL HTTP/1.0 83.243.129.51/js/backbone.js?bust=1666650695159
IP 83.243.129.51:0
File type ASCII text, with very long lines (19961), with no line terminators
Hash 5369b1eeac462fe1c79f12d2509fed2f
d3818be361b436c563a1eeff06ee8af5db84e2cb
a76f18746b5856390c044d6150df270dddd8a6cdf4d50a85a040c8ae66509eb6
Analyzer Verdict Alert fortinet Malware
GET /js/backbone.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19961
83.243.129.51/images/ajax-loader.gif
83.243.129.51200 OK 6.8 kB URL HTTP/1.0 83.243.129.51/images/ajax-loader.gif
IP 83.243.129.51:0
File type GIF image data, version 89a, 66 x 66\012- data
Hash 69f58b3c2cff5df8df289e59362c610e
17be848c010681533d948ed1600cbc79f1f69ef3
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
GET /images/ajax-loader.gif HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=main&productboardtype=notForLoginPage
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: image/gif
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6820
83.243.129.51/menu/menu_items.js?bust=1666650695159
83.243.129.51200 OK 7.1 kB URL HTTP/1.0 83.243.129.51/menu/menu_items.js?bust=1666650695159
IP 83.243.129.51:0
Hash e51a76a1743fab1b2aebe5e94859b88d
c64eb6d4e9b757fb4d928a51e0d865e167ab1669
85572a369fc92d45ea67d60c74a64b2649b21b26cb731e8e37855372ad57e625
GET /menu/menu_items.js?bust=1666650695159 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/menu/menu.html?meshSupport=true&serviceSettingsEnabled=false&opmode=ap
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 7109
83.243.129.51/lang.js
83.243.129.51200 OK 196 kB IP 83.243.129.51:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (46796)
Size 196 kB (195718 bytes)
Hash 7f9ef18e6ef0f1dd1afd03ce626e1709
6bc229b79a18e2b0b54d42882b906c3df317887f
01a84a15a28eb0648724b5369b3daed6c0484ed87a583f696573c53703fc0621
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:36 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/images/ajax-loader.gif
83.243.129.51200 OK 6.8 kB URL HTTP/1.0 83.243.129.51/images/ajax-loader.gif
IP 83.243.129.51:0
File type GIF image data, version 89a, 66 x 66\012- data
Hash 69f58b3c2cff5df8df289e59362c610e
17be848c010681533d948ed1600cbc79f1f69ef3
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
GET /images/ajax-loader.gif HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: image/gif
Date: Mon, 24 Oct 2022 22:31:37 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 6820
83.243.129.51/app.js?bust=1666650695929
83.243.129.51200 OK 58 B URL HTTP/1.0 83.243.129.51/app.js?bust=1666650695929
IP 83.243.129.51:0
File type ASCII text, with no line terminators
Hash 67f081529ddb9cbf90254e274aac1bda
84dd239d3573e54ca2ca65336491d9272fbc29df
6a3359d7af2c45c8f6dd950ed7c1fbff38a9488b7bc7c10f1c75b5741bf1ae4f
GET /app.js?bust=1666650695929 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:37 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 58
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 4.6 kB URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (859)
Hash 64decaad0efc153978fa0ff21becd220
63956a3e9a6cdd8bdc1c565c5cf226a46123c610
5fe41a8394f9cce905b2c47821a8fca687b0a6cff773c8279ec2ce147ca9b14c
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 2444
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/js/underscore.js?bust=1666650695929
83.243.129.51200 OK 14 kB URL HTTP/1.0 83.243.129.51/js/underscore.js?bust=1666650695929
IP 83.243.129.51:0
File type ASCII text, with very long lines (14427), with no line terminators
Hash 3b1bdc8ab9a920b3531ec743392444eb
031485c01bd1359fb64316de7fc60aa1ce1f9b99
6514f04b8b27f5b86c1b7530a53472f731ab8a6a9564c6651cdbc4fb6a9a0512
Analyzer Verdict Alert fortinet Malware
GET /js/underscore.js?bust=1666650695929 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:37 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 14427
83.243.129.51/js/jquery.js?bust=1666650695929
83.243.129.51200 OK 93 kB URL HTTP/1.0 83.243.129.51/js/jquery.js?bust=1666650695929
IP 83.243.129.51:0
File type ASCII text, with very long lines (65420)
Hash fa4322da6050ee28a998bb75f63fa628
d83e917ab2b10e00f9ff2f280cf705e083032338
c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d
GET /js/jquery.js?bust=1666650695929 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:37 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 92627
83.243.129.51/js/webapp.js?bust=1666650695929
83.243.129.51200 OK 5.4 kB URL HTTP/1.0 83.243.129.51/js/webapp.js?bust=1666650695929
IP 83.243.129.51:0
File type ASCII text, with very long lines (1588)
Hash 4cc220f91909ea291a2d05a18b02eeba
8b29a6401caa3ab1b9aa2259a49a781d9478cf35
df3307556dd2a5d706b7059d846d6a6913d511976448f4d6828bb719b07ae933
GET /js/webapp.js?bust=1666650695929 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:37 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 5372
83.243.129.51/js/backbone.js?bust=1666650695929
83.243.129.51200 OK 20 kB URL HTTP/1.0 83.243.129.51/js/backbone.js?bust=1666650695929
IP 83.243.129.51:0
File type ASCII text, with very long lines (19961), with no line terminators
Hash 5369b1eeac462fe1c79f12d2509fed2f
d3818be361b436c563a1eeff06ee8af5db84e2cb
a76f18746b5856390c044d6150df270dddd8a6cdf4d50a85a040c8ae66509eb6
Analyzer Verdict Alert fortinet Malware
GET /js/backbone.js?bust=1666650695929 HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:37 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 19961
83.243.129.51/favicon.ico
83.243.129.51404 Not Found 0 B URL HTTP/1.0 83.243.129.51/favicon.ico
IP 83.243.129.51:0
GET /favicon.ico HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 404 Not Found
Content-type: text/html
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 176
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 161
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 515
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/lang.js
83.243.129.51200 OK 0 B IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
GET /lang.js HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://83.243.129.51/top.html?page=login
HTTP/1.0 200 OK
Content-type: text/javascript.wav
Date: Mon, 24 Oct 2022 22:31:34 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 195718
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 181
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 716
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/main.html
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/cgi-bin/webapp
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/webapp
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
POST /cgi-bin/webapp HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1070
Origin: http://83.243.129.51
Connection: keep-alive
Referer: http://83.243.129.51/homepage.html?PassCheck=1
Cookie: AIRTIESSESSION=0333068F5478AAF410B85D286C210DDC5E569BF78C3D6554A6; AT-TOKEN=B1FD6484362C55E6444A01C9A23ACFC6CF81CFD0A6B2286E30E5
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN
83.243.129.51/cgi-bin/skip_login
83.243.129.51200 OK 0 B URL HTTP/1.0 83.243.129.51/cgi-bin/skip_login
IP 83.243.129.51:0
Analyzer Verdict Alert fortinet Malware
GET /cgi-bin/skip_login HTTP/1.1
Host: 83.243.129.51
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://83.243.129.51/login.html
HTTP/1.0 200 OK
Content-Type: text/xml; Charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
X-Frame-Options: SAMEORIGIN