Report - gtinfo.4001113900.com:9022/cas/login

Report Overview

Submitted URL
gtinfo.4001113900.com:9022/cas/login
IP
115.238.57.50
ASN
#4134 Chinanet
Submitted
2023-06-02 10:08:01
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
	unknown				5.8 kB	2.5 MB	115.238.57.50
10.0.0.12	unknown	unknown	No data	No data	336 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-02	medium	10.0.0.12

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	gtinfo.4001113900.com:9022/cas/js/jquery-1.8.3.min.js	94 kB	2023-03-07	2024-04-18
Pretty URL gtinfo.4001113900.com:9022/cas/js/jquery-1.8.3.min.js IP 115.238.57.50 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-04-18 13:24:31 Times Seen7050 Hash e1288116312e4728f98923c79b034b67 8b6babff47b8a9793f37036fd1b1a3ad41d38423 ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32 Loading...

	gtinfo.4001113900.com:8086/utryui/js/utryui.all.js	1.2 MB	2023-06-02	2023-06-02
Pretty URL gtinfo.4001113900.com:8086/utryui/js/utryui.all.js IP 115.238.57.50 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 12:08:08 Last Seen2023-06-02 12:08:08 Times Seen1 Hash aaa6a74f1ca2a2cc82b9dfb1f2198a8d aee63c8904de4fe563cc7727045a9f02744d23de 6a1dafb2e99a4c09ba1c719b28b88cec9613bb166e5954ba2efc154f2a508e88 Loading...

	gtinfo.4001113900.com:9022/cas/js/jquery.cookie.js	3.2 kB	2023-03-10	2024-03-19
Pretty URL gtinfo.4001113900.com:9022/cas/js/jquery.cookie.js IP 115.238.57.50 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:55:25 Last Seen2024-03-19 08:42:36 Times Seen39 Hash ff5e9cc3ef15f55b7ae09c400aae1788 d7dc6d392862af982922e28884821ef36e629674 777709aa80c746634692bf16e7d98a83f3643a71a07c0e223f4a296a1126a83a Loading...

	gtinfo.4001113900.com:9022/cas/js/base64.min.js	3.8 kB	2023-03-13	2023-09-24
Pretty URL gtinfo.4001113900.com:9022/cas/js/base64.min.js IP 115.238.57.50 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:51:45 Last Seen2023-09-24 12:45:19 Times Seen7 Hash c011e3b3f84e207e6af56bdb71271a2e b4cc42b73ecaaae097987e471bf7eebecc96ef2a 4e4b133053d69f2cf1b9cf9201b76dcf64d33b3f0770a0ef17299ee55a17322e Loading...

HTTP Transactions (15)

URL IP Response Size

gtinfo.4001113900.com:9022/cas/login

115.238.57.50

200 OK

7.1 kB

URL User Request GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/login
IP
115.238.57.50:9022
ASN
#4134 Chinanet

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1426), with CRLF line terminators
Size
7.1 kB (7127 bytes)
Hash
b4b8ebaecc20bdb19c6f2284b5582672
c39f62224291f11c166deaaef7589c7a835c4331
520cdf79dc591838de4adf90500de975d387beb196b6dc701bdb933a0c764a22

HTTP Headers

GET /cas/login HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 7127
Connection: keep-alive
Cache-Control: no-store
Set-Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be; Path=/cas/; HttpOnly

gtinfo.4001113900.com:9022/cas/css/login.css

115.238.57.50

200 OK

6.0 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/css/login.css
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
6.0 kB (6013 bytes)
Hash
2be85d8fd4b5ad9efa03f483a149e554
ed998aea1afa148da7577092720575c3fbd8da61
50c454031bc284644f069b99349578455c09de116a6ea643a49551548b7e7b78

HTTP Headers

GET /cas/css/login.css HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 6013
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"6013-1493118030000"
Last-Modified: Tue, 25 Apr 2017 11:00:30 GMT

gtinfo.4001113900.com:9022/cas/js/jquery.cookie.js

115.238.57.50

200 OK

3.2 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/js/jquery.cookie.js
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
ASCII text, with CRLF line terminators
Size
3.2 kB (3212 bytes)
Hash
ff5e9cc3ef15f55b7ae09c400aae1788
d7dc6d392862af982922e28884821ef36e629674
777709aa80c746634692bf16e7d98a83f3643a71a07c0e223f4a296a1126a83a

HTTP Headers

GET /cas/js/jquery.cookie.js HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 3212
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3212-1493118032000"
Last-Modified: Tue, 25 Apr 2017 11:00:32 GMT

gtinfo.4001113900.com:9022/cas/js/base64.min.js

115.238.57.50

200 OK

3.8 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/js/base64.min.js
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
Unicode text, UTF-8 text, with very long lines (3814), with no line terminators
Size
3.8 kB (3826 bytes)
Hash
c011e3b3f84e207e6af56bdb71271a2e
b4cc42b73ecaaae097987e471bf7eebecc96ef2a
4e4b133053d69f2cf1b9cf9201b76dcf64d33b3f0770a0ef17299ee55a17322e

HTTP Headers

GET /cas/js/base64.min.js HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 3826
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3826-1493118032000"
Last-Modified: Tue, 25 Apr 2017 11:00:32 GMT

gtinfo.4001113900.com:9022/cas/js/utry_login.js

115.238.57.50

200 OK

7.0 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/js/utry_login.js
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
7.0 kB (7017 bytes)
Hash
63138c9c476fb1e5f9fd5d4d7f2014e5
926ceeb4639f3c5b7c9f19af5dd6e587bc3ed9ea
04f2257d7cbeda75d3f76f423323559d06f6de1f1a80452f2db551d127788c63

HTTP Headers

GET /cas/js/utry_login.js HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 7017
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"7017-1536549041000"
Last-Modified: Mon, 10 Sep 2018 03:10:41 GMT

gtinfo.4001113900.com:9022/cas/js/jquery-1.8.3.min.js

115.238.57.50

200 OK

94 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/js/jquery-1.8.3.min.js
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
ASCII text, with very long lines (65482), with CRLF line terminators
Size
94 kB (93637 bytes)
Hash
e1288116312e4728f98923c79b034b67
8b6babff47b8a9793f37036fd1b1a3ad41d38423
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

HTTP Headers

GET /cas/js/jquery-1.8.3.min.js HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 93637
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"93637-1493118032000"
Last-Modified: Tue, 25 Apr 2017 11:00:32 GMT

gtinfo.4001113900.com:8086/utryui/css/utryui.all.css

115.238.57.50

200 OK

130 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:8086/utryui/css/utryui.all.css
IP
115.238.57.50:8086
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
ASCII text, with very long lines (65536), with no line terminators
Size
130 kB (130374 bytes)
Hash
3ec62ef1d32d6654f8fb0892888575ce
6429c3bdc3b792a4f0ba78d54f4cef712f0e3f00
234997a38e0d5a61de32947213a9998d9d58ba27c233e0cd33352c22a5a495fd

HTTP Headers

GET /utryui/css/utryui.all.css HTTP/1.1
Host: gtinfo.4001113900.com:8086
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: text/css
Content-Length: 130374
Last-Modified: Thu, 04 May 2017 04:35:34 GMT
Connection: keep-alive
ETag: "590aaf96-1fd46"
Accept-Ranges: bytes

gtinfo.4001113900.com:9022/cas/img/logo.png

115.238.57.50

200 OK

3.4 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/img/logo.png
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
PNG image data, 132 x 77, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3448 bytes)
Hash
8f28b62b6e9e2ea8f76439ee3c9ea5f9
9931bdca2ebae032db9116bacb7886c632b54f3c
b5a66accad663ccef274dd75d994d81d9853d0ff1fb4d6d57f7fe87360bf3684

HTTP Headers

GET /cas/img/logo.png HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:44 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 3448
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3448-1493118030000"
Last-Modified: Tue, 25 Apr 2017 11:00:30 GMT

gtinfo.4001113900.com:9022/cas/img/user-bg.png

115.238.57.50

200 OK

1.3 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/img/user-bg.png
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1269 bytes)
Hash
8a131a2dcad7683d25d5031a53b31e13
586815f880e9ca19f7741ef1d78e7803b1a4f871
61dcd4883a9e9683a43fe886e903d7a54124b9f4fa5c7678177f8a89d2bfde71

HTTP Headers

GET /cas/img/user-bg.png HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/css/login.css
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:44 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 1269
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"1269-1493118030000"
Last-Modified: Tue, 25 Apr 2017 11:00:30 GMT

gtinfo.4001113900.com:9022/cas/img/seat-bg.png

115.238.57.50

200 OK

3.3 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/img/seat-bg.png
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3326 bytes)
Hash
e5c5c50f01c3bb35d93d3d0d8bdc56b3
8529b3ad1ce1186c562cb81d261b411bfbaf6207
d241c531f7e40a4f7afc1d98a6f70354aeee1d239c4c889e4456d7b9e8c3a539

HTTP Headers

GET /cas/img/seat-bg.png HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/css/login.css
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:44 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 3326
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3326-1493118030000"
Last-Modified: Tue, 25 Apr 2017 11:00:30 GMT

gtinfo.4001113900.com:9022/cas/img/pwd-bg.png

115.238.57.50

200 OK

1.3 kB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/img/pwd-bg.png
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1260 bytes)
Hash
43279c067688e3eb1b4bbaeee1231a9c
b8b3b1838f4b4280fea3b96142516eec82168adc
465ae204c90cf81d79ec484ce122104be34e6802b0a808447f4d95b31525f547

HTTP Headers

GET /cas/img/pwd-bg.png HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/css/login.css
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:44 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 1260
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"1260-1493118030000"
Last-Modified: Tue, 25 Apr 2017 11:00:30 GMT

gtinfo.4001113900.com:8086/utryui/js/utryui.all.js

115.238.57.50

200 OK

1.2 MB

URL GET HTTP/1.1
gtinfo.4001113900.com:8086/utryui/js/utryui.all.js
IP
115.238.57.50:8086
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
Unicode text, UTF-8 text, with very long lines (345), with CRLF line terminators
Size
1.2 MB (1239826 bytes)
Hash
ad7a7d7159a138991445cfd5582cebd5
be682aff5e99883dae672fa8c77a0a2ae5314ca1
d7549839c10e9fc3ce5da94ac82794fbad39b77d09c35b4493522d6084dec4f1

HTTP Headers

GET /utryui/js/utryui.all.js HTTP/1.1
Host: gtinfo.4001113900.com:8086
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:43 GMT
Content-Type: application/javascript
Content-Length: 1239826
Last-Modified: Tue, 24 Oct 2017 11:54:51 GMT
Connection: keep-alive
ETag: "59ef2a0b-12eb12"
Accept-Ranges: bytes

gtinfo.4001113900.com:9022/cas/img/login-bg.png

115.238.57.50

200 OK

1.0 MB

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/cas/img/login-bg.png
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
1.0 MB (1012709 bytes)
Hash
f874692f44cb83a16a244d43cbbe4c53
11b7ff5857283cba796da122d9fe71f78325a708
568e60504e84782389baff48926775c78c9f9afd97f8cf106aacf37af36d317a

HTTP Headers

GET /cas/img/login-bg.png HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Cookie: SESSION=0378b836-ff32-4a20-b9c8-fa8379bb00be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:44 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 1012709
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"1012709-1493118030000"
Last-Modified: Tue, 25 Apr 2017 11:00:30 GMT

gtinfo.4001113900.com:9022/favicon.ico

115.238.57.50

404 Not Found

169 B

URL GET HTTP/1.1
gtinfo.4001113900.com:9022/favicon.ico
IP
115.238.57.50:9022
ASN
#4134 Chinanet

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
a423aa107b27c08420c42dc46cfd768f
fdd3252e5634e37ad5de052e1e4718772d4fab96
107668a658e6f5893511d66fb8778b4c974746d4e2b17414d79814e1d049e840

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gtinfo.4001113900.com:9022
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/cas/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.12.0
Date: Fri, 02 Jun 2023 10:07:47 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

10.0.0.12/ucagent/AgentBar.js

0.0.0.0

0 B

URL GET
10.0.0.12/ucagent/AgentBar.js
IP
0.0.0.0:0
ASN
#0

Requested by
http://gtinfo.4001113900.com:9022/cas/login

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ucagent/AgentBar.js HTTP/1.1
Host: 10.0.0.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gtinfo.4001113900.com:9022/
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP