| 188.120.242.78:8081/KKtPz8IS1e/allfiles.zip | 188.120.242.78 | 200 OK | 5.1 kB |
URL User Request GET HTTP/1.1188.120.242.78:8081/KKtPz8IS1e/allfiles.zip IP188.120.242.78:8081
File typeHTML document, ASCII text, with very long lines (835) Hash69c979cec8f98255fdd71fdc56c816af 0451f8074b33ff8425be0025849389fee36ef693 3c5445869e1c29cee257d35304ea14367216b6928f2c3df97a64a9afc8f727f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /KKtPz8IS1e/allfiles.zip HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Transfer.sh HTTP Server
Vary: Range, Referer, X-Decrypt-Password
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
|
|
| 188.120.242.78:8081/fonts/fonts.css?family=Source+Sans+Pro:100,200,300 | 188.120.242.78 | 200 OK | 4.1 kB |
URL GET HTTP/1.1188.120.242.78:8081/fonts/fonts.css?family=Source+Sans+Pro:100,200,300 IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeASCII text, with CRLF line terminators Hashf837cf62966beb5c97b92f894f3c76f1 add1e6310cec9c04fc599d91e6328f61cfa9cb5b a4df9d99df6efc18c30549cdb22cb577f231fd25358e0e88c6077a8d71cdc05d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/fonts.css?family=Source+Sans+Pro:100,200,300 HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 4059
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/fonts/fonts.css?family=Droid+Sans+Mono | 188.120.242.78 | 200 OK | 4.1 kB |
URL GET HTTP/1.1188.120.242.78:8081/fonts/fonts.css?family=Droid+Sans+Mono IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeASCII text, with CRLF line terminators Hashf837cf62966beb5c97b92f894f3c76f1 add1e6310cec9c04fc599d91e6328f61cfa9cb5b a4df9d99df6efc18c30549cdb22cb577f231fd25358e0e88c6077a8d71cdc05d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/fonts.css?family=Droid+Sans+Mono HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 4059
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/scripts/vendor/modernizr.js | 188.120.242.78 | 200 OK | 11 kB |
URL GET HTTP/1.1188.120.242.78:8081/scripts/vendor/modernizr.js IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeJavaScript source, ASCII text, with very long lines (10785), with no line terminators Hash1167e9d01ba4947354c13b262fb5933d bfd0268e4204c37d9fdd7df76b63f35582b25641 1a7c584616a7e60c85ab2cf672dfa659ed515205a5106b415be2ca4af06e937d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/vendor/modernizr.js HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 10785
Content-Type: text/javascript; charset=utf-8
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/styles/main.css | 188.120.242.78 | 200 OK | 134 kB |
URL GET HTTP/1.1188.120.242.78:8081/styles/main.css IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeASCII text, with very long lines (65536), with no line terminators Size134 kB (134129 bytes) Hashc1ce729a03cef9bdf8d3d7d30636c18b fc84879c6bcbf49a11df1b7fd1b2371127d288a3 9900057aac9358709b9df007e829afc418f3fe8123a923badfbb4047569de395
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles/main.css HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 134129
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/images/Logo-orange.png | 188.120.242.78 | 200 OK | 9.1 kB |
URL GET HTTP/1.1188.120.242.78:8081/images/Logo-orange.png IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typePNG image data, 1000 x 126, 8-bit colormap, non-interlaced Hash20dddb5da8625839af8fb0d33080640d cf9b6ec17aa2c3ba2eaff4ec15ca421dab3ce768 5a54776361c8ea5bfd434f0199f43756320886db8e93a3fe3b6ac57bca82f1d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Logo-orange.png HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 9074
Content-Type: image/png
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/scripts/main.js | 188.120.242.78 | 200 OK | 146 kB |
URL GET HTTP/1.1188.120.242.78:8081/scripts/main.js IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size146 kB (146294 bytes) Hashc8a36bcd41c6e7d6beebc39dac78eefd ac815c949fc22b8d825500228d35533e0aab3295 f053fae005a8e0786278b7df85302e3de76f24c4f0cce69d52507c154e55a585
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/main.js HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 146294
Content-Type: text/javascript; charset=utf-8
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/fonts/source-sans-pro-300-normal-latin.woff2 | 188.120.242.78 | 200 OK | 13 kB |
URL GET HTTP/1.1188.120.242.78:8081/fonts/source-sans-pro-300-normal-latin.woff2 IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeWeb Open Font Format (Version 2), TrueType, length 12956, version 1.0 Hash1c772d9d0531b187db80bcfc199c1786 c0c04fb334190e10dffed0dcc5c817c2a6041a15 122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/source-sans-pro-300-normal-latin.woff2 HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/fonts/fonts.css?family=Droid+Sans+Mono
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 12956
Content-Type: font/woff2
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67 | 185.199.111.133 | 403 Forbidden | 14 B |
URL GET HTTP/2camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67 IP185.199.111.133:443
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hashdf326a1cbbfbf9ef856c5f56ef35035c 1527115e9b66b29502c06ff93caf64535cffad7a c7804bbca2b7d140a0ffd884a2d1a6a02480a1c795d7f6d893d98ba9664f1b5b
GET /38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67 HTTP/1.1
Host: camo.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
cache-control: no-cache, no-store, private, must-revalidate
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
content-type: text/plain; charset=utf-8
server: github-camo (26ae088d)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 9292:2C0C22:2119D3F:23079ED:661FB91A
accept-ranges: bytes
date: Wed, 17 Apr 2024 11:57:26 GMT
via: 1.1 varnish
x-served-by: cache-hel1410023-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713355047.620209,VS0,VE124
x-fastly-request-id: 944f21fa2e9f03d39e7d8aaf09686095f02592ac
timing-allow-origin: https://github.com
content-length: 14
X-Firefox-Spdy: h2
|
|
| 188.120.242.78:8081/fonts/droid-sans-mono-400-normal-latin.woff2 | 188.120.242.78 | 200 OK | 18 kB |
URL GET HTTP/1.1188.120.242.78:8081/fonts/droid-sans-mono-400-normal-latin.woff2 IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeWeb Open Font Format (Version 2), TrueType, length 18400, version 1.0 Hashbca50bf4a4e3b8abac8f1665032dfe34 edcb128ece330477d413d42a7fdb081cfb95f39e 1a8e7108949ee83e8eeadd9cd0ed0f98bd8870f2afa75c26ccdc9e795fb58e30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/droid-sans-mono-400-normal-latin.woff2 HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/fonts/fonts.css?family=Droid+Sans+Mono
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 18400
Content-Type: font/woff2
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/fonts/source-sans-pro-200-normal-latin.woff2 | 188.120.242.78 | 200 OK | 13 kB |
URL GET HTTP/1.1188.120.242.78:8081/fonts/source-sans-pro-200-normal-latin.woff2 IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeWeb Open Font Format (Version 2), TrueType, length 12680, version 1.0 Hash7996b24caa1cfc66f4f15a949e974826 2523f1ff45314e977722ef1e477e34d0b2390a07 570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/source-sans-pro-200-normal-latin.woff2 HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/fonts/fonts.css?family=Droid+Sans+Mono
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 12680
Content-Type: font/woff2
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/fonts/transfersh.woff | 188.120.242.78 | 200 OK | 3.1 kB |
URL GET HTTP/1.1188.120.242.78:8081/fonts/transfersh.woff IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeWeb Open Font Format, CFF, length 3060, version 1.0 Hashcabfd85984a9595ec5217b87afe6b743 8fc07314540a7e281b4dd83661994b1886e230c2 da0a988fdcd19ac15c792e72f8f9807b55b1b6cc6db081ff4b6ca880b703713d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/transfersh.woff HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/styles/main.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 3060
Content-Type: font/woff
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|
| 188.120.242.78:8081/favicon.ico | 188.120.242.78 | 200 OK | 7.7 kB |
URL GET HTTP/1.1188.120.242.78:8081/favicon.ico IP188.120.242.78:8081
Requested byhttp://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
File typeMS Windows icon resource - 1 icon, 75x75, 8 bits/pixel Hash3e6539d4bd26ce0b58dd275bcc5db0ea fe53e0eda7946bdc33f703fea4b52724f1a9283a e27519877e9a69cae23b28baeecf1be5df7802d4b02e498bf7862448abcdce7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 188.120.242.78:8081
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.120.242.78:8081/KKtPz8IS1e/allfiles.zip
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 7686
Content-Type: image/vnd.microsoft.icon
Last-Modified: Tue, 16 Apr 2024 08:43:44 GMT
Server: Transfer.sh HTTP Server
X-Made-With: <3 by DutchCoders
X-Served-By: Proudly served by DutchCoders
Date: Wed, 17 Apr 2024 11:57:26 GMT
|
|