| 160.181.166.186:8888/~lib.js | 160.181.166.186 | 200 OK | 11 kB |
URL GET HTTP/1.1160.181.166.186:8888/~lib.js IP160.181.166.186:8888
Requested byhttp://160.181.166.186:8888/svcyr.exe
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2620), with CRLF line terminators Hash429665aebf4da09b0ecec67d36ca4c67 ebc55559ec7ce0fe94ad2c6fe3f2f33a1de66954 b552db7e1eac5b418e46a454994692e4cb6ae67d0b2627710098be6ee8d26190
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~lib.js HTTP/1.1
Host: 160.181.166.186:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://160.181.166.186:8888/svcyr.exe
Cookie: HFS_SID_=r0bZREEt5kAAAICRnOjPw
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 10871
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
ETag: lib.js45349.9454281944
Content-Encoding: gzip
|
| 160.181.166.186:8888/svcyr.exe | 160.181.166.186 | 429 | 14 kB |
URL User Request GET HTTP/1.1160.181.166.186:8888/svcyr.exe IP160.181.166.186:8888
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12344), with CRLF line terminators Hash9ffed218615985d3df6a7b4c0027361e c34f9dc14f6f2236c526dad83cb49e5634a34e44 9f4c95a18e564354c6da55b32dd2073ae4482c1aff738365a11fd866f75e2342
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /svcyr.exe HTTP/1.1
Host: 160.181.166.186:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 429
Content-Type: text/html; charset=utf-8
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
Set-Cookie: HFS_SID_=r0bZREEt5kAAAICRnOjPw; path=/; HttpOnly
ETag: f7f74d1624b4a2d50208023ac5dcbcc6
Last-Modified: Tue, 27 Feb 2024 14:43:29 GMT
Content-Encoding: gzip
|
| 160.181.166.186:8888/?mode=jquery | 160.181.166.186 | 200 OK | 44 kB |
URL GET HTTP/1.1160.181.166.186:8888/?mode=jquery IP160.181.166.186:8888
Requested byhttp://160.181.166.186:8888/svcyr.exe
File typeJavaScript source, ASCII text, with very long lines (32077) Hash9412724f1fb2c06aa53a9a75cd6d34c4 53c0f9e40695429ccc0e490977f85282744e53ba 6a1dadb5b03bd6c8cd4668c976e7fb89b7b2912c243810cb861c730295591ccd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?mode=jquery HTTP/1.1
Host: 160.181.166.186:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://160.181.166.186:8888/svcyr.exe
Cookie: HFS_SID_=r0bZREEt5kAAAICRnOjPw
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 43515
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
ETag: jquery45349.945516331
Content-Encoding: gzip
|
| 160.181.166.186:8888/favicon.ico | 160.181.166.186 | 200 OK | 576 B |
URL GET HTTP/1.1160.181.166.186:8888/favicon.ico IP160.181.166.186:8888
Requested byhttp://160.181.166.186:8888/svcyr.exe
File typeGIF image data, version 89a, 16 x 16 Hash9c3180a65d1ac3066055353e8b8b693e 15031554825c0aabbfdb1ce2c2756c479a7295d6 a37b97bab4af022ffea89ae28cba0d7a098bb2dadca53b770b16a2973f112845
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 160.181.166.186:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://160.181.166.186:8888/svcyr.exe
Cookie: HFS_SID_=r0bZREEt5kAAAICRnOjPw
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 576
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
|
| 160.181.166.186:8888/~style.css | 160.181.166.186 | 200 OK | 22 kB |
URL GET HTTP/1.1160.181.166.186:8888/~style.css IP160.181.166.186:8888
Requested byhttp://160.181.166.186:8888/svcyr.exe
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /~style.css HTTP/1.1
Host: 160.181.166.186:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://160.181.166.186:8888/svcyr.exe
Cookie: HFS_SID_=r0bZREEt5kAAAICRnOjPw
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 13554
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
ETag: style.css45349.9454281944
Content-Encoding: gzip
|