| 222.85.156.110:8881/login | 222.85.156.110 | | 1.8 kB |
URL 222.85.156.110:8881/login IP222.85.156.110:0
File typeHTML document, Unicode text, UTF-8 text Hash9e5629698250d9fd0b87a7cf3fb1750c 68f22f0d90aa7052e94d7702621fd4adcb5b437e a8a7101195d164a37f112521b076d85b5f369bdf1772861f8dc53e2bf5d8db92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:20 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Content-Language: en-US
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/assets/css/font-awesome.min.css | 222.85.156.110 | 200 | 4.4 kB |
URL GET HTTP/1.1222.85.156.110:8881/assets/css/font-awesome.min.css IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeASCII text, with very long lines (668), with CRLF line terminators Hash509f2380e987550ba42172dae37dd91a 0185c8f33868998e0b42eacadc0c8e3cdd06a050 83b1cdc6c096c687715fd87ca06458bf79580460cbb3a99827565ea2f8904484
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/font-awesome.min.css HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/assets/css/bootstrap.min.css | 222.85.156.110 | 200 | 16 kB |
URL GET HTTP/1.1222.85.156.110:8881/assets/css/bootstrap.min.css IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeASCII text, with very long lines (65308), with CRLF line terminators Hash25e8a26a11901c2618587ef5a2e03754 107bedb791f636280fe56f3ffeabd3c82b64c2a7 279aafba2e6b69b4b1ef603ba4025e1665dd8ee4c2ce91e3485830f1e47d9a54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/js/commons.js | 222.85.156.110 | 200 | 6.6 kB |
URL GET HTTP/1.1222.85.156.110:8881/js/commons.js IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash6d70a4e49e0b591fc5cac69009a15ebd ceb508abdc7fd88785f0633b088810cadb241a0f 321c0401e68d81d4c9217194987eedde05d0afb880a8092f2a9a61413c15fb84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/commons.js HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/plugins/tips/jquery.tips.js | 222.85.156.110 | 200 | 1.5 kB |
URL GET HTTP/1.1222.85.156.110:8881/plugins/tips/jquery.tips.js IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash92e797d5ac56072eb488b23b60c75693 9ce4c3ae1b4664af53f27de9d0d0340752647b31 cfcf5e197780bb652db6f524c679cd0975992e66bebb4e2f7a11a1ef864a07a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /plugins/tips/jquery.tips.js HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/js/login.js | 222.85.156.110 | 200 | 1.2 kB |
URL GET HTTP/1.1222.85.156.110:8881/js/login.js IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash05a80ad788a72487aa0ab8b85a575f91 ed527ac1c080512318cfe2832a609614c09c8d23 127fb6f736e2b641b88cda4678f41a507e848591bfcb8ac679d9b6aaf5f741ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/login.js HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/assets/css/ace-rtl.min.css | 222.85.156.110 | 200 | 6.5 kB |
URL GET HTTP/1.1222.85.156.110:8881/assets/css/ace-rtl.min.css IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeASCII text, with very long lines (36873), with no line terminators Hash78df1b15700117ef2c3e425485de8be3 eb97e990f560848d9029c1b85822af816228988d be72a2621f281f07d32abb393aa9d6e606f3f31ec54c9cb4aaeb74d2e6970185
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/ace-rtl.min.css HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/assets/css/ace.min.css | 222.85.156.110 | 200 | 44 kB |
URL GET HTTP/1.1222.85.156.110:8881/assets/css/ace.min.css IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeASCII text, with very long lines (65536), with no line terminators Hashc1082546d6e6c8423006d85619b7c44a 59ef933f7c105d5b220a75f475fcd9814606dcec 2fc5fe537c1e0072dc7d9f2c65247069dfd79678c8c6ebc0247a1855c52043b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/ace.min.css HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/js/jquery-1.7.2.js | 222.85.156.110 | 200 | 75 kB |
URL GET HTTP/1.1222.85.156.110:8881/js/jquery-1.7.2.js IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8a11b53e0e215eb262e6a9b5d23e29e0 759167135cf863e84cc8d62934e8d6865a91b943 452429d3ee81023bdf964994ce4ad3d4b7ece4205cbc04ad4fce75be4de72af4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-1.7.2.js HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Content-Encoding: gzip
|
|
| 222.85.156.110:8881/css/login_.css | 222.85.156.110 | 200 | 290 B |
URL GET HTTP/1.1222.85.156.110:8881/css/login_.css IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeASCII text, with CRLF line terminators Hash6bb103714ab4531dcce709d53da565f2 cf55ef5bfc286f1d6222ab79b406c046b07effa9 385508c147ecd3ccaeb834b5cc98e310601aa99aeebe99cfcc66d14f6882fc76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/login_.css HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:22 GMT
Content-Type: text/css
Content-Length: 290
Connection: keep-alive
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Accept-Ranges: bytes
|
|
| 222.85.156.110:8881/img/yan.png | 222.85.156.110 | 200 | 405 B |
URL GET HTTP/1.1222.85.156.110:8881/img/yan.png IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typePNG image data, 27 x 23, 8-bit colormap, non-interlaced Hashbe9f09f2e0a54b9db88cf370c3634624 998d47ad4f461ec91bac30b3a895436d76b36fcd 88976f231b8e6067df6b8703e5dbed90ff09dfba4099fbfdaa742593e3f2d548
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/yan.png HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:22 GMT
Content-Type: image/png
Content-Length: 405
Connection: keep-alive
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Accept-Ranges: bytes
|
|
| 222.85.156.110:8881/code?t=1714479384683 | 222.85.156.110 | 200 | 1.2 kB |
URL GET HTTP/1.1222.85.156.110:8881/code?t=1714479384683 IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 70x25, components 3 Hash3b441945ff8bb1e81608c41d52792f92 493ee721e8c687cfd78338f889b2e6111e0d3719 cc74a8f25b6044d5b4ad7bfe243333b26adf5bcf761d46e84a5fb4e826033ad5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /code?t=1714479384683 HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:22 GMT
Content-Length: 1203
Connection: keep-alive
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Set-Cookie: JSESSIONID=986712d4-f50e-429a-a46f-e389def0d99f; Path=/; HttpOnly; SameSite=lax
|
|
| 222.85.156.110:8881/img/login_bg.jpg | 222.85.156.110 | 200 | 109 kB |
URL GET HTTP/1.1222.85.156.110:8881/img/login_bg.jpg IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1080, components 3 Size109 kB (108588 bytes) Hashb532ef4c93b85551bd4e54729e677124 8ec410344c42487e8ca322b243bc6bdb393d5a2b 0573297d0032560093a3d565232f798a12c068bc64ab3f50c4f09984512721e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/login_bg.jpg HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/css/login_.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:22 GMT
Content-Type: image/jpeg
Content-Length: 108588
Connection: keep-alive
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Accept-Ranges: bytes
|
|
| 222.85.156.110:8881/favicon.ico | 222.85.156.110 | 200 | 946 B |
URL GET HTTP/1.1222.85.156.110:8881/favicon.ico IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeMS Windows icon resource - 1 icon, 16x13, 32 bits/pixel Hash0488faca4c19046b94d07c3ee83cf9d6 02fb8c5e4c3d113f310651a4d021aecc68f79d54 a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/login
Cookie: JSESSIONID=986712d4-f50e-429a-a46f-e389def0d99f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:23 GMT
Content-Type: image/x-icon
Content-Length: 946
Connection: keep-alive
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Accept-Ranges: bytes
|
|
| 222.85.156.110:8881/assets/font/fontawesome-webfont.woff?v=3.2.1 | 222.85.156.110 | 200 | 44 kB |
URL GET HTTP/1.1222.85.156.110:8881/assets/font/fontawesome-webfont.woff?v=3.2.1 IP222.85.156.110:8881
Requested byhttp://222.85.156.110:8881/login
File typeWeb Open Font Format, TrueType, length 43572, version 1.0 Hashb683029bafe0305ac2234038a03e1541 12f8c193902e99348493ace32e498031bf79b654 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/font/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: 222.85.156.110:8881
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://222.85.156.110:8881/assets/css/font-awesome.min.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Tue, 30 Apr 2024 12:16:23 GMT
Content-Type: application/font-woff
Content-Length: 43572
Connection: keep-alive
X-Application-Context: com.guiyang.fire.control.admin:prod:9000
Last-Modified: Sat, 23 Mar 2024 14:00:33 GMT
Accept-Ranges: bytes
|
|