| | 66.220.9.48 | 200 OK | 137 B |
URL User Request GET HTTP/1.1IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash9b1d81da3ea17f4a2dcfa1245598ed46 9f07375c201471038b043aefbc4052f3879c3a09 2afd59a1cbaa9ef87efd26a463effd1cca2c4a7c43993de6ddec76fe1ef56c9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://66.220.9.48/
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:21:55 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:55 GMT; path=/; secure; HttpOnly
randID=1033878598989756301; expires=Wed, 28-Aug-2024 04:21:55 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:55 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:55 GMT
Content-Length: 137
|
|
| | 66.220.9.48 | 200 OK | 51 kB |
URL User Request GET HTTP/1.1IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (701), with CRLF line terminators Hash63cd48d2403d87d35aa05dc020c430e5 029e3a03086e5bbea7f327d2e2c90a2ec7391310 4e740ddfb68df3044693a9ba4ea9c742e74daefd8e3293be46459e41dad70d08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: User-Agent
Server: Microsoft-IIS/10.0
x-frame-options: DENY
X-AspNet-Version: 4.0.30319
Set-Cookie: randID=1751445828610815030; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:57 GMT
Content-Length: 50752
|
|
| 66.220.9.48/assets/plugins/bootstrap/css/bootstrap.min.css | 66.220.9.48 | 200 OK | 18 kB |
URL GET HTTP/1.166.220.9.48/assets/plugins/bootstrap/css/bootstrap.min.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeASCII text, with very long lines (523) Hash7081670b882178a789d088cf467e5a80 aa7605dcd034e24e7da59a264346ea6649f3a361 a1b9c261a7963a5baa6a0a61460160e5d794378759b43cd6de1452a638825657
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:31 GMT
Accept-Ranges: bytes
ETag: 637674135318618920
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pv3vquq41ps3uqs2wgre1vtp; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| seal-goldengate.bbb.org/logo/ruhzbum/drive-headquarters-380755.png | 68.70.204.1 | 200 OK | 99 B |
URL GET HTTP/2seal-goldengate.bbb.org/logo/ruhzbum/drive-headquarters-380755.png IP68.70.204.1:443
CertificateIssuerDigiCert Inc Subject*.bbb.org Fingerprint53:C9:A6:EB:96:50:F7:DF:29:44:1C:9A:A1:DC:AB:75:F4:B9:7D:AB ValidityThu, 04 Apr 2024 00:00:00 GMT - Fri, 25 Apr 2025 23:59:59 GMT
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hashb5b7e09960e60168479599d67063224e 9d68be38b530be6ebe4ec096b6c93ac8ac13d4c0 1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae
GET /logo/ruhzbum/drive-headquarters-380755.png HTTP/1.1
Host: seal-goldengate.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: keycdn
date: Sun, 28 Apr 2024 04:21:58 GMT
content-type: image/png
content-length: 99
cache-control: max-age=14400
expires: Sun, 28 Apr 2024 08:21:58 GMT
last-modified: Sat, 27 Apr 2024 05:35:27 GMT
x-aspnet-version: 4.0.30319
x-robots-tag: noindex
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 66.220.9.48/assets/css/color_scheme/blue.css | 66.220.9.48 | 200 OK | 3.0 kB |
URL GET HTTP/1.166.220.9.48/assets/css/color_scheme/blue.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
Hash08585f6d4af4f2d56feb8f777947403b 2bce2fd4c1152c2984fa85320d0d84092b2c1994 eef7c549866541e68515ae604e90bc78f0f0ac2703d0167703a0d6e4cbaaa410
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/color_scheme/blue.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:31 GMT
Accept-Ranges: bytes
ETag: 637674135314788883
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ttsp12uffl1eiruyr0z1kfuh; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/Css/global.css | 66.220.9.48 | 200 OK | 15 kB |
URL GET HTTP/1.166.220.9.48/Css/global.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (513), with CRLF line terminators Hash7cf4f53081d47c74b6ee2bbbc19e3f47 010d304853d28aa8c6bb76bd7bff2027c7a9a565 33f141b9e68aef5521df01ae4a31a998587d2415f1be319971b804ebd0c134d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Css/global.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2024 05:24:36 GMT
Accept-Ranges: bytes
ETag: 638490758763862075
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ekuyvdwdj0ql03isavb2rcpq; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/plugins/slider.swiper/dist/css/swiper.min.css | 66.220.9.48 | 200 OK | 2.4 kB |
URL GET HTTP/1.166.220.9.48/assets/plugins/slider.swiper/dist/css/swiper.min.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeASCII text, with very long lines (14121) Hash0b941af5db66a60fea0fcc6a262aaf11 94e10a86340948ed7430c889c18c7edeffe76435 c97d1b46ae98f77df4ec2d62d151460f3af3a0ce826c847359ca3c7e283638f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/slider.swiper/dist/css/swiper.min.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:35 GMT
Accept-Ranges: bytes
ETag: 637674135350115037
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=n3itbdiyvsyg4bxcsxbs5wf0; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/css/header-1.css | 66.220.9.48 | 200 OK | 703 B |
URL GET HTTP/1.166.220.9.48/assets/css/header-1.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
Hash46fda8e88e0f274e51482298d3dc3315 99240eb21bfdb939592c6e8945c3dfebe4bde9da 94979c3d026ccda269cae2dc90f8f39c9ac4eba96df29c01dda6d1eeeacd0ba0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/header-1.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:31 GMT
Accept-Ranges: bytes
ETag: 637674135313889342
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=cpht3tqqolpje0zmukhyfpnx; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/Css/Layout.css | 66.220.9.48 | 200 OK | 6.5 kB |
URL GET HTTP/1.166.220.9.48/Css/Layout.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators Hashbd62f6d5f95224fdd11d79cf5799771d b775072bee98c71c1433459a9ffc7b78091d4b23 a76fb538963b01e00a2a3baf9cf5287218dd1fc0386fb55e4edc72b82c55079c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Css/Layout.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 03:01:37 GMT
Accept-Ranges: bytes
ETag: 638327376976239262
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=t1ud2nvvll2d0nrjb5xhuci1; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/slider.nivo/nivo-slider.css | 66.220.9.48 | 200 OK | 900 B |
URL GET HTTP/1.166.220.9.48/slider.nivo/nivo-slider.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
Hash447ac03378412fb48b1bdccc1dc47f9e f8bff4ddf3bced119460d5a714609dfeb29b73cc 6d36bb20d0a63675b994ec3e600838dc64b0bfa3a5c3867249594b3863cc8322
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /slider.nivo/nivo-slider.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:49 GMT
Accept-Ranges: bytes
ETag: 637674141494843205
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pwio5k0mrskkwwo1qa2pq0jy; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/ResellerWebSite/js/jquery-ui-1.10.4.custom/css/ui-lightness/jquery-ui-1.10.4.custom.min.css | 66.220.9.48 | 200 OK | 5.8 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/js/jquery-ui-1.10.4.custom/css/ui-lightness/jquery-ui-1.10.4.custom.min.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeASCII text, with very long lines (1404), with CRLF line terminators Hash6de1947106fc024d8acd41989a6d15ed 56407671c4264d0c9e879542006957a57d1d7db9 df9c6f2c3658851d1bc51e7af9b2a36b98f241d2c93160f03933059dde8bc060
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/js/jquery-ui-1.10.4.custom/css/ui-lightness/jquery-ui-1.10.4.custom.min.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:34 GMT
Accept-Ranges: bytes
ETag: 637674141349102905
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=3jprdjukb1clmg3dwd20nnwf; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/css/layout.css | 66.220.9.48 | 200 OK | 26 kB |
URL GET HTTP/1.166.220.9.48/assets/css/layout.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeUnicode text, UTF-8 text, with very long lines (4341) Hash175b5b7b930cab3d34e0cafd6f75d9c2 604374e264959db7bd52c02bc7c0bbe7688d594d 2a06d2bfcd2d48a5d0f3b1a7abe6cf02e61395ec57e1ddb2f08eccb9638f80c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/layout.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:31 GMT
Accept-Ranges: bytes
ETag: 637674135314188892
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=fjsmjfprojf5tr53rpgo3ryv; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/ResellerWebSite/js/Header.js?v=1.3 | 66.220.9.48 | 200 OK | 2.5 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/js/Header.js?v=1.3 IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash4909b2799ad6e1c4e3bd0b9f1513a0ee b3e5675c92ebed28d9177a2433b93a062f568a30 52096b7b8e8eb401b977cffd896ac270b7ae9f6059c1bd50f77bb30b848111f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/js/Header.js?v=1.3 HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 15 Apr 2024 07:28:21 GMT
Accept-Ranges: bytes
ETag: 638487377012138696
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pjqshbhr04o3gws22req222m; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/ResellerWebSite/js/CameraHealthChecking.js?v=1.1 | 66.220.9.48 | 200 OK | 1.7 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/js/CameraHealthChecking.js?v=1.1 IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash84a24fe65e3a967425284f9042fac983 77d783c8b93a70c2111d263962b97329c2456050 5269fa738857d6b5d68b3689a5e1144afacddd58e930f19aea77f717026b860f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/js/CameraHealthChecking.js?v=1.1 HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 15 Apr 2024 07:28:21 GMT
Accept-Ranges: bytes
ETag: 638487377012028688
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=puoul3cx5bmb5zmz3fb0coyj; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/plugins/jquery/jquery-2.1.4.min.js | 66.220.9.48 | 200 OK | 30 kB |
URL GET HTTP/1.166.220.9.48/assets/plugins/jquery/jquery-2.1.4.min.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hashf9c7afd05729f10f55b689f36bb20172 43dc554608df885a59ddeece1598c6ace434d747 f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/jquery/jquery-2.1.4.min.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:34 GMT
Accept-Ranges: bytes
ETag: 637674135346394982
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=e2n0yrfwnlmoba2eelztlsep; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/css/essentials.css | 66.220.9.48 | 200 OK | 78 kB |
URL GET HTTP/1.166.220.9.48/assets/css/essentials.css IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
Hashd4a03eb7f088f9295a1b3465b08cb26c db02a448a8da8cc4bbd9c3401752025296b2ced4 2148b538da3f111ad0ac8679e286547fba48138d930a24871b801e3a14e208df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/essentials.css HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:31 GMT
Accept-Ranges: bytes
ETag: 637674135317948890
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pj0pdehh45m5kwbhh0eerccc; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:58 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:58 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/js/Secure/sso.js | 66.220.9.48 | 200 OK | 3.3 kB |
URL GET HTTP/1.166.220.9.48/js/Secure/sso.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hasha8761a02fe20651b4d77587d93a86649 45513bc65072a19127f10b213bb1352e51423f0a 089ab263324e0c6b58ecae8e273b390868d6f1456ca4b58d4365a4d2357ec325
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/Secure/sso.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 02:24:38 GMT
Accept-Ranges: bytes
ETag: 638494970786098263
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=0qmmloymexusb4gtfwqwctnz; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/js/scripts.js | 66.220.9.48 | 200 OK | 33 kB |
URL GET HTTP/1.166.220.9.48/assets/js/scripts.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text, with CRLF, LF line terminators Hash31ab92b8627ea139edcad6edd12780f9 c7e533bdc93cc1e9479f6eefe742cd46e8543184 17d74acf54cabefc046d3438833f648c8af00d0f71d8e3af1763a391ced6bae2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/scripts.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:31 GMT
Accept-Ranges: bytes
ETag: 637674135315948849
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=y0fg4mda23kk5hihw2vqthzo; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/js/view/demo.swiper_slider.js | 66.220.9.48 | 200 OK | 809 B |
URL GET HTTP/1.166.220.9.48/assets/js/view/demo.swiper_slider.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text Hashfc354456e239d1b8b86bcaf8e3790fa1 f014c75be1ec0dfddfc9e9c9275601f44ba0b79c 8403d0bc51dc59544bedbced5f4839babc3a2c13bee4a9704f7f1adf70d5822b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/view/demo.swiper_slider.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 06:38:00 GMT
Accept-Ranges: bytes
ETag: 638235058807247298
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=jf013bml1fuw2egpl50dvlqh; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/JS/jquery-ui-1.10.4.custom/js/jquery-ui-1.10.4.custom.min.js | 66.220.9.48 | 200 OK | 61 kB |
URL GET HTTP/1.166.220.9.48/JS/jquery-ui-1.10.4.custom/js/jquery-ui-1.10.4.custom.min.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text, with very long lines (64560) Hashc986e84bd3423c49bb56bf80857f9030 cbbfc8e667efd61fd95f479b215dc1e3286db498 8f6547772e334af713442db42fe4a89a9091ff622518cb76dc963137aed4ffc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery-ui-1.10.4.custom/js/jquery-ui-1.10.4.custom.min.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:43 GMT
Accept-Ranges: bytes
ETag: 637674141436983802
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=asnv2w2pogbw1htx00ygo23m; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/ResellerWebSite/Images/Logo.gif?t=638494971080597138 | 66.220.9.48 | 200 OK | 6.7 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/Images/Logo.gif?t=638494971080597138 IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeGIF image data, version 89a, 280 x 75 Hash317556698cf62ca655283ead171f2078 ad86d4277c2210c36670b52238d3b41f3053e93d 9644f5a2ce38b55ef6be390bd9a209ba379354a9c6a4c976b2a9b5af0a53b613
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/Images/Logo.gif?t=638494971080597138 HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/gif
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:28:44 GMT
Accept-Ranges: bytes
ETag: 637674137241612595
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pfulurp25lq3i2k0gqsdxfys; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/index/Clock.png | 66.220.9.48 | 200 OK | 1.4 kB |
URL GET HTTP/1.166.220.9.48/images/index/Clock.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 92 x 92, 8-bit/color RGBA, non-interlaced Hash926a71e1170d07cee4b9d07c00629f3e 1f55a0496f96425c8034c9121599b9076efcb25c ed7fc13f811f7f6b7efc8288f754d345c20f8470b8a328a7be9782c061a48a0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/index/Clock.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:08 GMT
Accept-Ranges: bytes
ETag: 637674141089634701
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pvrc13r21m5gk00a5l3wckg1; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/index/contract.png | 66.220.9.48 | 200 OK | 1.6 kB |
URL GET HTTP/1.166.220.9.48/images/index/contract.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 101 x 69, 8-bit/color RGBA, non-interlaced Hashaefa05c75ff435f4b35da38d467c8b90 8cd3d0f8cf87dbf44421bc29ceef65f32db1eb73 fdbc8c9a97020e75c2f5d347710c1a175426372229300cbea6cd186398557d1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/index/contract.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:09 GMT
Accept-Ranges: bytes
ETag: 637674141090264657
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=zy5e1edhgxg4rxz0ljua4uqv; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/index/SecureCloud.png | 66.220.9.48 | 200 OK | 1.3 kB |
URL GET HTTP/1.166.220.9.48/images/index/SecureCloud.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 118 x 74, 8-bit/color RGBA, non-interlaced Hash4b02cf73e21a787f3cb1b04fb8cdc66e 59454a1cc69dea730c4cb55b913a58096c299e68 63e96e019f50909b3e7ce3636842ac48b8874dcea11ec65ca850c76655ca45a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/index/SecureCloud.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:17 GMT
Accept-Ranges: bytes
ETag: 637674141174931352
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=bnav4i2lh1oj1bc4wf42lcep; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/index/ip.png | 66.220.9.48 | 200 OK | 5.8 kB |
URL GET HTTP/1.166.220.9.48/images/index/ip.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 92 x 92, 8-bit/color RGBA, non-interlaced Hashaa3b90082b64214df6820990259ff4f7 e9a5148bfad6a802cd45b24541590f751d92a845 8b80e6ff5f3c7828d31b4f10d2b6bea406f860fec48d72f61260d9d0e79e0669
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/index/ip.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:13 GMT
Accept-Ranges: bytes
ETag: 637674141132971569
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=4ljykjwa3ijsllkqukpzjhrh; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| www.googletagmanager.com/gtm.js?id=GTM-5QLXBR | 142.250.74.168 | 200 OK | 56 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-5QLXBR IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (2642) Hash3a86ae57fe6cc101fea32fade737be42 806c45ad8ade1ca93d756786fec1329e69ce37f3 a06415a52a40d49d9241592813812f20b0d0e334636b4881c43b74eb0d8244b8
GET /gtm.js?id=GTM-5QLXBR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Apr 2024 04:21:59 GMT
expires: Sun, 28 Apr 2024 04:21:59 GMT
cache-control: private, max-age=900
last-modified: Sun, 28 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 66.220.9.48/js/localtimeconversion.js | 66.220.9.48 | 200 OK | 2.6 kB |
URL GET HTTP/1.166.220.9.48/js/localtimeconversion.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashd7a91560803bf532109d642adffa583c 73ac8ae909cb40b899d30a6b2fde65c377efe9c5 9e76c07ad67b96422975351d69682745aa7436255c2fb0b3f87f66b0567d5e6e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/localtimeconversion.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=0qmmloymexusb4gtfwqwctnz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 04 Sep 2022 15:24:21 GMT
Accept-Ranges: bytes
ETag: 637978766619182183
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/ResellerWebsite/images/homeIcon.gif | 66.220.9.48 | 200 OK | 183 B |
URL GET HTTP/1.166.220.9.48/ResellerWebsite/images/homeIcon.gif IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeGIF image data, version 89a, 12 x 13 Hash2b0aa557a702b13e4423832036be9f1d 2f58adaa346d40f2431e52e4412c9459137564b7 bf3353cb3ecd68d9f0cf9a3ee6a42d26191045d00b5a8b8d53ed651500e87213
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebsite/images/homeIcon.gif HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/gif
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:28:17 GMT
Accept-Ranges: bytes
ETag: 637674136977337871
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=dyhvvv3tmmbe2aoogzkd20g0; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/ResellerWebsite/images/pathNext.gif | 66.220.9.48 | 200 OK | 75 B |
URL GET HTTP/1.166.220.9.48/ResellerWebsite/images/pathNext.gif IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeGIF image data, version 89a, 7 x 10 Hash162e6a63ff65a4cc79bae837be9f5705 cf85eebade3a30213631b30cf1fff9e95cd92cbe 0dbb5ece89edaf93fd948f0aa89a2ef432401c0175a8751cdd69ecaf101e9045
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebsite/images/pathNext.gif HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/gif
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:29:02 GMT
Accept-Ranges: bytes
ETag: 637674137426668044
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=jfeume1erzr0umdfbsig4twt; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/ResellerWebSite/images/index/Apple.png | 66.220.9.48 | 200 OK | 2.4 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/images/index/Apple.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 46 x 54, 8-bit/color RGBA, non-interlaced Hashe84ac577094cd7366064eedbb5b6bbae 7cd8df251ba21b4cc8adacef0b7c6ad6b701762c 8d95fd5c93a4c43fefc01f6d503fc04e91603f95bcac52fd4fbdaf56dddddffd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/images/index/Apple.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:08 GMT
Accept-Ranges: bytes
ETag: 637674141088194721
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=fn4hw25s3cgfwovpx0tedros; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/ResellerWebSite/js/jquery-ui-1.10.4.custom/js/jquery-1.10.2.js | 66.220.9.48 | 200 OK | 81 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/js/jquery-ui-1.10.4.custom/js/jquery-1.10.2.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text Hash91515770ce8c55de23b306444d8ea998 1d85f0f3464e5e49b0522744bf7314e176ac76d9 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/js/jquery-ui-1.10.4.custom/js/jquery-1.10.2.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=0qmmloymexusb4gtfwqwctnz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:44 GMT
Accept-Ranges: bytes
ETag: 637674141445015648
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/ResellerWebSite/images/index/Windows.png | 66.220.9.48 | 200 OK | 2.4 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/images/index/Windows.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 46 x 54, 8-bit/color RGBA, non-interlaced Hash203bb1479717119756cbb845956d5f09 3fb6aaa27ccfbdc22a9e3af598403a538ad48cff 37cbfb9764eb7296861fcf1b94ed7e5f5695fd07fa793683ac015feca458d72b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/images/index/Windows.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:20 GMT
Accept-Ranges: bytes
ETag: 637674141207278594
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| seal-goldengate.bbb.org/logo/drive-headquarters-380755.js | 68.70.204.1 | 200 OK | 704 B |
URL GET HTTP/2seal-goldengate.bbb.org/logo/drive-headquarters-380755.js IP68.70.204.1:443
CertificateIssuerDigiCert Inc Subject*.bbb.org Fingerprint53:C9:A6:EB:96:50:F7:DF:29:44:1C:9A:A1:DC:AB:75:F4:B9:7D:AB ValidityThu, 04 Apr 2024 00:00:00 GMT - Fri, 25 Apr 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (1052), with no line terminators Hash6e46214a4d417c17811a05a9e08e3544 d1e909777a6597d345caf9081c7e5ba3e3ec79df f65f22397059118cccfd802b37ef9279a732cf89f21d32aef7d74a7c08c5f318
GET /logo/drive-headquarters-380755.js HTTP/1.1
Host: seal-goldengate.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: keycdn
date: Sun, 28 Apr 2024 04:21:59 GMT
content-type: application/javascript
content-length: 704
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 18:21:06 GMT
etag: "1db3ee92f550d81:0"
vary: Accept-Encoding
x-robots-tag: noindex
x-powered-by: ASP.NET
expires: Sun, 28 Apr 2024 08:21:59 GMT
cache-control: max-age=14400
x-cache: HIT
x-shield: active
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 66.220.9.48/ResellerWebSite/images/index/Android.png | 66.220.9.48 | 200 OK | 3.0 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebSite/images/index/Android.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 46 x 54, 8-bit/color RGBA, non-interlaced Hash9244ac48fe2056915c0ae0aed7e4c705 759ba6b59b910276a8579560a7745c7717d4f083 f94d88c8019cdd4a6c17a525178e002c749622824960b3eb2e5e4ed81f422e29
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebSite/images/index/Android.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:35:08 GMT
Accept-Ranges: bytes
ETag: 637674141088154700
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=qeyxrhlzxxpjbcggnqwgd144; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/ResellerWebsite/images/Poweredby.png | 66.220.9.48 | 200 OK | 9.4 kB |
URL GET HTTP/1.166.220.9.48/ResellerWebsite/images/Poweredby.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 175 x 66, 8-bit/color RGBA, non-interlaced Hash78bf8a375ce7fcb6552b1b2476cc462a 64868fe628e2a75eb4d8be8e8baaf1ca501fa536 163d4ce4c29f87882796b5de8641283c9272fe009ca9e5b48230e5bcda4dd330
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ResellerWebsite/images/Poweredby.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:29:20 GMT
Accept-Ranges: bytes
ETag: 637674137608430276
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=psqyvlmccijty5zslne5svsp; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/Images/Desktop/help.gif | 66.220.9.48 | 200 OK | 1.2 kB |
URL GET HTTP/1.166.220.9.48/Images/Desktop/help.gif IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeGIF image data, version 89a, 22 x 22 Hash548fa99c41e74a453795b1ada3234f84 5b46ccb1c1022940f6c4aa96cc232453bed3fe7a 23f3e1e62f85d0d6de64d13b4f02a9db70cc0995c4b5df0295f11d3c6ac6f575
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/Desktop/help.gif HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/global.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/gif
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:34:42 GMT
Accept-Ranges: bytes
ETag: 637674140828511765
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/Css/sansation_regular-webfont.woff | 66.220.9.48 | 200 OK | 14 kB |
URL GET HTTP/1.166.220.9.48/Css/sansation_regular-webfont.woff IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeWeb Open Font Format, TrueType, length 14420, version 1.0 Hasha67b611a270d83e8e1a9fec2af237c45 aba35c47e4d84113bb7f7ec94a2870738e2fd4b0 9e61e0dc10bac831a7e15c354044c2c43215fe661f4d5a715347cad1b71d3b9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Css/sansation_regular-webfont.woff HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/global.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14420
Content-Type: %0d%0a application/x-font-woff%0d%0a
Last-Modified: Fri, 17 Sep 2021 01:25:47 GMT
Accept-Ranges: bytes
ETag: 637674135476468218
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/assets/plugins/slider.swiper/dist/js/swiper.min.js | 66.220.9.48 | 200 OK | 17 kB |
URL GET HTTP/1.166.220.9.48/assets/plugins/slider.swiper/dist/js/swiper.min.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeWeb Open Font Format, TrueType, length 16668, version 1.0 Hash99833248a2388a14094ee56aa17bb531 c4b02bec02c58b919e36c60a533718a61c988e24 ba751c96d19ef35db5b8dcc1bb6b295e44b9f910d8c0aeb5059f3f60ecef12c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/slider.swiper/dist/js/swiper.min.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:35 GMT
Accept-Ranges: bytes
ETag: 637674135351667257
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=1k10zde24gkrggoukjstz3t0; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:58 GMT
|
|
| 66.220.9.48/assets/fonts/fontawesome-webfont.woff2?v=4.4.0 | 66.220.9.48 | 200 OK | 64 kB |
URL GET HTTP/1.166.220.9.48/assets/fonts/fontawesome-webfont.woff2?v=4.4.0 IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64464, version 4.262 Hash4b5a84aaf1c9485e060c503a0ff8cadb 574ea2698c03ae9477db2ea3baf460ee32f1a7ea 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/assets/css/essentials.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 64464
Content-Type: application/octet-stream
Last-Modified: Fri, 17 Sep 2021 01:14:52 GMT
Accept-Ranges: bytes
ETag: 637674128922988242
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/first2.png | 66.220.9.48 | 200 OK | 527 kB |
URL GET HTTP/1.166.220.9.48/images/first2.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 1000 x 518, 8-bit/color RGBA, non-interlaced Size527 kB (526752 bytes) Hash01f45c16cca3651d5fed9c897bc7fe3c ba0db0f816de9bfdd132ad079a79dc192c01c84a 820667675945fa47cda8792721d945958d0b78f09831adf04e50531d937fe995
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/first2.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:28:12 GMT
Accept-Ranges: bytes
ETag: 637674136925689570
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=iyjchypa5owgug43hhwaxvsz; path=/; HttpOnly; SameSite=Lax
refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/anotherslide.jpg | 66.220.9.48 | 200 OK | 641 kB |
URL GET HTTP/1.166.220.9.48/images/anotherslide.jpg IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=NIKON CORPORATION, model=NIKON D3100, orientation=upper-left, xresolution=152, yresolution=160, resolutionunit=2, software=Ver.1.00 , datetime=2014:04:19 17:27:20], baseline, precision 8, 2500x1150, components 3 Size641 kB (641132 bytes) Hash0c3979ca4a77a78e6988053f03bbe51c 5f61d735f0a36ea9461b30901e935db376aab14f 9a2f53d246b9e399b8302bec6ca0eb629df46652a4d9369b3e033ea79d29bd88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/anotherslide.jpg HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:27:40 GMT
Accept-Ranges: bytes
ETag: 637674136604495848
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/api/camera/CheckIfIPBlocked.aspx | 66.220.9.48 | 200 OK | 40 B |
URL GET HTTP/1.166.220.9.48/api/camera/CheckIfIPBlocked.aspx IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
Hash8ee4613a2fb5c085dd664e64283ea1ae 325f5e87585560f9e125084275cc9ceea6ef531a 548fcf73158d2aae6541e5b048a29a7164b5df80a3baf2c21b1dc9c5374f5519
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/camera/CheckIfIPBlocked.aspx HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=psqyvlmccijty5zslne5svsp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/assets/plugins/bootstrap/js/bootstrap.min.js | 66.220.9.48 | 200 OK | 9.8 kB |
URL GET HTTP/1.166.220.9.48/assets/plugins/bootstrap/js/bootstrap.min.js IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJavaScript source, ASCII text, with very long lines (32003) Hashc5b5b2fa19bd66ff23211d9f844e0131 791aa054a026bddc0de92bad6cf7a1c6e73713d5 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=psqyvlmccijty5zslne5svsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:34 GMT
Accept-Ranges: bytes
ETag: 637674135341744948
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:00 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:22:00 GMT
|
|
| 66.220.9.48/Images/features.png | 66.220.9.48 | 200 OK | 26 kB |
URL GET HTTP/1.166.220.9.48/Images/features.png IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 1800 x 771, 8-bit/color RGBA, non-interlaced Hash0573c0b08d73136d770a764ac6ca23f9 5bebe2c2f69ac4a15d136305f319ab957647c9f8 ffb276ce87112a74622aa1dcabc426df37033a57ca718f5f03df7ca65a1cd1fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/features.png HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/Layout.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:27:42 GMT
Accept-Ranges: bytes
ETag: 637674136627299872
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:00 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:22:00 GMT
|
|
| 66.220.9.48/images/outdoor3.jpg | 66.220.9.48 | 200 OK | 1.1 MB |
URL GET HTTP/1.166.220.9.48/images/outdoor3.jpg IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, description=Industrial construction site., manufacturer=NIKON CORPORATION, model=NIKON D800, orientation=upper-left, xresolution=206, yresolution=214, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.3.1 (Macintosh), datetime=2016:01:17 19:29:56, copyright=jovannig - Fotolia], baseline, precision 8, 2500x1150, components 3 Size1.1 MB (1063620 bytes) Hashbcb40628f865b19c2d5ea7ca853544e0 79c850ec94d58168c7359bc7e2a22c67bb27055a 712ef6a448ca1a677bce871b48a7a4d99ab96a384682015ee03bdc1fd5e1397e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/outdoor3.jpg HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:29:40 GMT
Accept-Ranges: bytes
ETag: 637674137809065790
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:00 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/images/secondfinal.jpg | 66.220.9.48 | 200 OK | 740 kB |
URL GET HTTP/1.166.220.9.48/images/secondfinal.jpg IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=NIKON CORPORATION, model=NIKON D5100, orientation=upper-left, xresolution=152, yresolution=160, resolutionunit=2, software=Ver.1.00 , datetime=2016:02:29 21:40:32], baseline, precision 8, 2500x1150, components 3 Size740 kB (740186 bytes) Hash7382866552647c6dd96ccd6b4594c84b 73fbb857f9516b916a442c3439c5b82dbf009262 8aaa8b4761617c41329772a5992f59f26b0274627e5426125b19a84cc353f903
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/secondfinal.jpg HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:29:53 GMT
Accept-Ranges: bytes
ETag: 637674137938343738
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:21:59 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:21:59 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| 66.220.9.48/Images/smartphone.jpg | 66.220.9.48 | 200 OK | 444 kB |
URL GET HTTP/1.166.220.9.48/Images/smartphone.jpg IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, PhotometricInterpretation=RGB, description=hand holding mobile phone with cityscape as background, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=246, yresolution=254, resolutionunit=2, software=Adobe Photoshop Lightroom 5.7.1 (Macintosh), datetime=2015:07:17 17:14:46, copyright=zhu difeng - Fotolia, GPS-Data], baseline, precision 8, 2500x1068, components 3 Size444 kB (444472 bytes) Hash511943824d11d586e0bea4ac9a46c86c 9071b367137ff1acbc9cf1d654f6d7a6476a4a2b fe6ea2441e0777485525659ac7af25b1aff8ea534443c00e9a81f6733c8a8740
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/smartphone.jpg HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/global.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:29:54 GMT
Accept-Ranges: bytes
ETag: 637674137947748711
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:00 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:22:00 GMT
|
|
| 66.220.9.48/Images/Homepage/CraveLineH.gif | 66.220.9.48 | 200 OK | 62 B |
URL GET HTTP/1.166.220.9.48/Images/Homepage/CraveLineH.gif IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeGIF image data, version 89a, 1 x 2 Hash2292d3b72761620ca312cc4950a8b981 6ed28a8322030071a8a118c0ebe048b3abf89cd0 cff1210caa54e7abdb689df4d9666d9c7dc7b66a852df391346dd7e2a32262d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/Homepage/CraveLineH.gif HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/global.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/gif
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:34:59 GMT
Accept-Ranges: bytes
ETag: 637674140991062921
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:00 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:22:00 GMT
|
|
| bat.bing.com/bat.js | 204.79.197.237 | 200 OK | 13 kB |
IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint3E:63:C2:B1:20:9D:0D:E8:68:D6:14:A0:1C:3C:24:7A:03:72:6E:06 ValiditySat, 27 Apr 2024 01:55:15 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46429), with no line terminators Hash72bca04fd669eb89fc65d59052d0fc00 27e60aef86f0cb1b2f6b6ed9df9a4e3ba88efd21 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13261
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ranges: bytes
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC6018EC4F0749B68BDD594D7F5289FA Ref B: OSL30EDGE0505 Ref C: 2024-04-28T04:22:01Z
date: Sun, 28 Apr 2024 04:22:00 GMT
X-Firefox-Spdy: h2
|
|
| 66.220.9.48/favicon.ico | 66.220.9.48 | 200 OK | 632 B |
IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash6180e1e78d81a501dbcd507912d95168 cef70c3f424a323b3803a64696333c14328a9311 bebe55213f4ff5bf3e522dc9452e8a6a59b76b1f575518a0a444cd10f3ef0a86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=psqyvlmccijty5zslne5svsp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/x-ico
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:25:30 GMT
Accept-Ranges: bytes
ETag: 637674135307878801
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:01 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:01 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:01 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:22:01 GMT
|
|
| bat.bing.com/action/0?ti=5164291&Ver=2&mid=92046558-1abd-49dd-b356-5b2e42750c50&sid=dc5f8cc0051611efbae2d1e4f45e2a19&vid=dc5fa3c0051611efb3087be46b4aa4ad&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=CameraFTP%3A%20Leading%20Cloud%20Surveillance,%20Storage%20%26%20Security%20Service.%20Live%20Monitoring,%20Playback,%20Streaming,%20Broadcasting&kw=Cloud%20recording,%20cloud%20surveillance,%20IP%20camera%20storage,%20camera%20cloud%20storage,%20cam%20cloud,%20network%20camera,%20DVR%20storage,%20backup%20DVR,%20backup%20camera%20storage,%20home%20monitoring,%20home%20security,%20Camera%20Viewer,%20Camera%20Live%20View,%20Camera%20Recording,%20live%20streaming&p=https%3A%2F%2F66.220.9.48%2F&r=<=204&evt=pageLoad&sv=1&rn=881463 | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/action/0?ti=5164291&Ver=2&mid=92046558-1abd-49dd-b356-5b2e42750c50&sid=dc5f8cc0051611efbae2d1e4f45e2a19&vid=dc5fa3c0051611efb3087be46b4aa4ad&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=CameraFTP%3A%20Leading%20Cloud%20Surveillance,%20Storage%20%26%20Security%20Service.%20Live%20Monitoring,%20Playback,%20Streaming,%20Broadcasting&kw=Cloud%20recording,%20cloud%20surveillance,%20IP%20camera%20storage,%20camera%20cloud%20storage,%20cam%20cloud,%20network%20camera,%20DVR%20storage,%20backup%20DVR,%20backup%20camera%20storage,%20home%20monitoring,%20home%20security,%20Camera%20Viewer,%20Camera%20Live%20View,%20Camera%20Recording,%20live%20streaming&p=https%3A%2F%2F66.220.9.48%2F&r=<=204&evt=pageLoad&sv=1&rn=881463 IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint3E:63:C2:B1:20:9D:0D:E8:68:D6:14:A0:1C:3C:24:7A:03:72:6E:06 ValiditySat, 27 Apr 2024 01:55:15 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5164291&Ver=2&mid=92046558-1abd-49dd-b356-5b2e42750c50&sid=dc5f8cc0051611efbae2d1e4f45e2a19&vid=dc5fa3c0051611efb3087be46b4aa4ad&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=CameraFTP%3A%20Leading%20Cloud%20Surveillance,%20Storage%20%26%20Security%20Service.%20Live%20Monitoring,%20Playback,%20Streaming,%20Broadcasting&kw=Cloud%20recording,%20cloud%20surveillance,%20IP%20camera%20storage,%20camera%20cloud%20storage,%20cam%20cloud,%20network%20camera,%20DVR%20storage,%20backup%20DVR,%20backup%20camera%20storage,%20home%20monitoring,%20home%20security,%20Camera%20Viewer,%20Camera%20Live%20View,%20Camera%20Recording,%20live%20streaming&p=https%3A%2F%2F66.220.9.48%2F&r=<=204&evt=pageLoad&sv=1&rn=881463 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=11B79693A75B6FBA205B82FCA6AE6E09; domain=.bing.com; expires=Fri, 23-May-2025 04:22:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71658F0E6AB1437E9DAFCC1BD4482344 Ref B: OSL30EDGE0505 Ref C: 2024-04-28T04:22:01Z
date: Sun, 28 Apr 2024 04:22:00 GMT
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/5164291.js | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/p/action/5164291.js IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint3E:63:C2:B1:20:9D:0D:E8:68:D6:14:A0:1C:3C:24:7A:03:72:6E:06 ValiditySat, 27 Apr 2024 01:55:15 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5164291.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 276D042D759B4B0095F983450F5D0513 Ref B: OSL30EDGE0505 Ref C: 2024-04-28T04:22:01Z
date: Sun, 28 Apr 2024 04:22:00 GMT
X-Firefox-Spdy: h2
|
|
| 66.220.9.48/Images/bay.JPG | 66.220.9.48 | 200 OK | 951 kB |
URL GET HTTP/1.166.220.9.48/Images/bay.JPG IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=NIKON CORPORATION, model=NIKON D5100, orientation=upper-left, xresolution=152, yresolution=160, resolutionunit=2, software=QuickTime 7.6.6, datetime=2014:04:07 10:17:27], baseline, precision 8, 2000x1325, components 3 Size951 kB (950764 bytes) Hashb622e3e1b4f4d8ae89667b3ff0c5282a f680bcf4fbc47924f93124175739564376c07528 0b457b60d230b4efde76bc5ecc1902f4817e0e6e8c55126d8b821a1728100d2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/bay.JPG HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/global.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 01:27:26 GMT
Accept-Ranges: bytes
ETag: 637674136466123186
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: refID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
srcID=0; expires=Wed, 28-Aug-2024 04:22:00 GMT; path=/; secure; HttpOnly
ServerUTCDateOffset=-25200000; expires=Sun, 28-Apr-2024 08:22:00 GMT; path=/; secure
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| accounts.google.com/gsi/status?client_id=656779963598-b7hgbegha876uf350rnmps1stv8gomkv.apps.googleusercontent.com&as=OOlWtb%2FbKjOt0yK7xxVvdg | 173.194.221.84 | 403 Forbidden | 5.5 kB |
URL GET HTTP/3accounts.google.com/gsi/status?client_id=656779963598-b7hgbegha876uf350rnmps1stv8gomkv.apps.googleusercontent.com&as=OOlWtb%2FbKjOt0yK7xxVvdg IP173.194.221.84:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typegzip compressed data, max compression Hashf0d9e84ba6455ffddf033806624624f9 d8da7027eebc71488b9735a32963af17f5865a3b 6b1da9d77d8026cd59c6502e8aa9267e24260f03378adb5d3e3074efd3367c04
GET /gsi/status?client_id=656779963598-b7hgbegha876uf350rnmps1stv8gomkv.apps.googleusercontent.com&as=OOlWtb%2FbKjOt0yK7xxVvdg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://66.220.9.48
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://66.220.9.48
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 Apr 2024 04:22:02 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-G6JMXWSolLUOcU_qAzdIgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 66.220.9.48/Css/sansation_bold-webfont.woff | 66.220.9.48 | 200 OK | 17 kB |
URL GET HTTP/1.166.220.9.48/Css/sansation_bold-webfont.woff IP66.220.9.48:443
CertificateIssuerGlobalSign nv-sa Subject*.cameraftp.com Fingerprint56:D5:37:5F:8B:D1:CC:E3:3C:C2:2C:DC:7D:AC:EE:C0:78:06:04:97 ValiditySat, 08 Jul 2023 22:14:25 GMT - Thu, 08 Aug 2024 22:14:24 GMT
File typeWeb Open Font Format, TrueType, length 16668, version 1.0 Hash99833248a2388a14094ee56aa17bb531 c4b02bec02c58b919e36c60a533718a61c988e24 ba751c96d19ef35db5b8dcc1bb6b295e44b9f910d8c0aeb5059f3f60ecef12c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Css/sansation_bold-webfont.woff HTTP/1.1
Host: 66.220.9.48
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/Css/global.css
Cookie: randID=1751445828610815030; refID=0; srcID=0; ServerUTCDateOffset=-25200000; ASP.NET_SessionId=2ahhwipujbubsog0zi343d0q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 16668
Content-Type: %0d%0a application/x-font-woff%0d%0a
Last-Modified: Fri, 17 Sep 2021 01:25:47 GMT
Accept-Ranges: bytes
ETag: 637674135472738687
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 28 Apr 2024 04:21:59 GMT
|
|
| accounts.google.com/gsi/style | 173.194.221.84 | 200 OK | 530 B |
URL GET HTTP/3accounts.google.com/gsi/style IP173.194.221.84:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeASCII text, with very long lines (530), with no line terminators Hash6ce3c682ce6b9e0b88670395a63345c8 8cbfc0856a52320e3567792dfe2487748ac07458 524f1ea2ac242c6fae3c1cc52c7ae7d05a8a7db466fe3c7b46e8efcfc2d95e53
GET /gsi/style HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
expires: Sun, 28 Apr 2024 04:22:02 GMT
date: Sun, 28 Apr 2024 04:22:02 GMT
cache-control: private, max-age=86400
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: script-src 'nonce-HrQpi7EmrvohUBAazXxX0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/gsi/client | 173.194.221.84 | 200 OK | 220 kB |
URL GET HTTP/2accounts.google.com/gsi/client IP173.194.221.84:443
CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
File typeJavaScript source, ASCII text, with very long lines (2899) Size220 kB (219641 bytes) Hashfae94bc2946e030cb4ecadb58d7099fb 5d218e0ff6ea391a8db0ddcd1d6944aa6ecfecf6 4daf16be97b54b6f4965267c01cd2d0618f6cd35a15dfa2820963e7c7620ea7c
GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Sun, 28 Apr 2024 04:22:01 GMT
date: Sun, 28 Apr 2024 04:22:01 GMT
cache-control: private, max-age=1800
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-BcufDC7mluJUU_T7oVM5AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| seal-blue.bbb.org/legacy.min.css | 68.70.204.1 | 200 OK | 3.0 kB |
URL GET HTTP/2seal-blue.bbb.org/legacy.min.css IP68.70.204.1:443
CertificateIssuerDigiCert Inc Subject*.bbb.org Fingerprint53:C9:A6:EB:96:50:F7:DF:29:44:1C:9A:A1:DC:AB:75:F4:B9:7D:AB ValidityThu, 04 Apr 2024 00:00:00 GMT - Fri, 25 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (2987), with no line terminators Hashd82bcfc55c830cd612f1791a08c61a58 65d21e1c132a9bbd5f9a125cd789ef7bc172ef8a 687a68a1f30ee3ce6f18f262eb8dec5a69c560cc9dcd7c1ba94572da4420ac32
GET /legacy.min.css HTTP/1.1
Host: seal-blue.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://66.220.9.48/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 28 Apr 2024 04:22:02 GMT
content-type: text/css
cache-control: max-age=14400
last-modified: Fri, 15 Apr 2022 18:17:43 GMT
etag: W/"c598a219f550d81:0"
x-robots-tag: noindex
x-powered-by: ASP.NET
expires: Sun, 28 Apr 2024 08:22:02 GMT
content-encoding: gzip
x-cache: HIT
x-shield: active
x-edge-location: defr
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|