IP12.189.63.212:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 12.189.63.212
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: http://12.189.63.212/ord
Content-Length: 0
|
IP12.189.63.212:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ord HTTP/1.1
Host: 12.189.63.212
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Set-Cookie: niagara_origin_uri=/ord; Path=/; HttpOnly; SameSite=Lax
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://12.189.63.212/login
Content-Length: 0
|
IP12.189.63.212:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 12.189.63.212
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Security-Policy: connect-src 'self' workbench ws://12.189.63.212:80 wss://12.189.63.212:80; default-src 'self' workbench; img-src 'self' workbench data: module:; report-uri /csp-reports; script-src 'self' workbench 'unsafe-inline' 'unsafe-eval'; style-src 'self' workbench 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: http://12.189.63.212/prelogin
Content-Length: 0
|
IP12.189.63.212:0
File typeHTML document, ASCII text Hash38cd9809f7327ddf96ae8bce0404b5ad 6e19f15745eb56690bed6b18bd51c7089116efed b5654e517513a2dceacffa89e3372a3ad31629ba2ba08d48426c8970fd08a14f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prelogin HTTP/1.1
Host: 12.189.63.212
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Security-Policy: connect-src 'self' workbench ws://12.189.63.212:80 wss://12.189.63.212:80; default-src 'self' workbench; img-src 'self' workbench data: module:; report-uri /csp-reports; script-src 'self' workbench 'unsafe-inline' 'unsafe-eval'; style-src 'self' workbench 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: niagara_current_sso_scheme=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax
niagara_failure_cause=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax
niagara_failure_info=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax
Content-Length: 2473
|