Report - 161.53.85.16/

Report Overview

Submitted URL
161.53.85.16/
IP
161.53.85.16
ASN
#2108 Croatian Academic and Research Network
Submitted
2024-05-10 07:55:11
Access
public
Website Title
Geologia Croatica
Final URL
161.53.85.16/index.php/GC
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.geologia-croatica.hr	unknown	2001-12-10	2014-04-13	2018-01-10	1.4 kB	43 kB	161.53.85.16
wos-journal.info	unknown	2022-06-29	2022-06-30	2023-11-26	426 B	3.3 kB	104.21.5.225
161.53.85.16	unknown	unknown	2019-04-12	2022-09-22	11 kB	3.3 MB	161.53.85.16
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-09	688 B	207 kB	142.250.74.106
www.scimagojr.com	264517	2007-07-05	2017-01-30	2024-04-24	353 B	378 B	159.69.32.122
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	432 B	1.5 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	2.1 kB	79 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed
2024-05-10	medium	161.53.85.16	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js	272 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-20 19:57:36 Times Seen60778 Hash 6a07da9fae934baf3f749e876bbfdd96 46a436eba01c79acdb225757ed80bf54bad6416b d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/jquery-ui.js	520 kB	2023-03-08	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/jquery-ui.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:40:56 Last Seen2024-05-10 09:55:21 Times Seen156 Hash 540b3fea1b8c4af37343dcbd255040cd 40112996be9f29554100f4995081a3f817398ae7 d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729 Loading...

	161.53.85.16/lib/pkp/js/lib/jquery/plugins/jquery.tag-it.js	24 kB	2023-03-07	2024-05-10
Pretty URL 161.53.85.16/lib/pkp/js/lib/jquery/plugins/jquery.tag-it.js IP 161.53.85.16 ASN #2108 Croatian Academic and Research Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:03 Last Seen2024-05-10 09:55:21 Times Seen120 Hash 3a8a6fe98aabf3d558738a70ff2fe53a 17fa8d4ff0e6e7c242f3ffaa2d4e47aa4c51fa3c d195ba80074d70a7077b66ac96c7d6418ccc34a6d3b79e55f0993ef94cbff85c Loading...

	161.53.85.16/plugins/themes/bootstrap3/bootstrap/js/bootstrap.min.js	40 kB	2023-03-07	2024-05-20
Pretty URL 161.53.85.16/plugins/themes/bootstrap3/bootstrap/js/bootstrap.min.js IP 161.53.85.16 ASN #2108 Croatian Academic and Research Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 19:59:31 Times Seen12538 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

HTTP Transactions (39)

URL IP Response Size

161.53.85.16/

161.53.85.16

302 Found

0 B

URL User Request GET HTTP/1.1
161.53.85.16/
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 10 May 2024 07:54:45 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou; path=/; domain=161.53.85.16
Location: http://161.53.85.16/index.php/GC
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

161.53.85.16/index.php/GC

161.53.85.16

200 OK

5.6 kB

URL User Request GET HTTP/1.1
161.53.85.16/index.php/GC
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2858), with CRLF, LF line terminators
Size
5.6 kB (5584 bytes)
Hash
b114ede91b6ee5339522c506fef282aa
5fb5c9c87a3990c7e16571046404d2e195e245d9
e131f5e30a05433d1751642819f627fb2bad170bec90a209e00a086d0a0e017a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.php/GC HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:45 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-store
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5584
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js

142.250.74.106

200 OK

81 kB

URL GET HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC

File type
JavaScript source, ASCII text
Size
81 kB (80667 bytes)
Hash
6a07da9fae934baf3f749e876bbfdd96
46a436eba01c79acdb225757ed80bf54bad6416b
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 80667
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 06:23:27 GMT
Expires: Sat, 10 May 2025 06:23:27 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 5483
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/jquery-ui.js

142.250.74.106

200 OK

125 kB

URL GET HTTP/1.1
ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/jquery-ui.js
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC

File type
JavaScript source, ASCII text, with very long lines (1002)
Size
125 kB (124884 bytes)
Hash
540b3fea1b8c4af37343dcbd255040cd
40112996be9f29554100f4995081a3f817398ae7
d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729

HTTP Headers

GET /ajax/libs/jqueryui/1.12.0/jquery-ui.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 124884
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 04:50:15 GMT
Expires: Fri, 09 May 2025 04:50:15 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 97475
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

161.53.85.16/index.php/GC/$$$call$$$/page/page/css?name=bootstrapTheme-superhero

161.53.85.16

200 OK

22 kB

URL GET HTTP/1.1
161.53.85.16/index.php/GC/$$$call$$$/page/page/css?name=bootstrapTheme-superhero
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
ASCII text, with very long lines (65297)
Size
22 kB (21738 bytes)
Hash
d1e26e822f0afff17ad993879262eb73
dd1faeedf3a20ded09846b64f699d8aaefa18cdd
13b7da60bc8e7893e1527b9a4f1662f78fff50dad15b194903a1435294852d7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.php/GC/$$$call$$$/page/page/css?name=bootstrapTheme-superhero HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:50 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 28 Dec 2023 12:58:07 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21738
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

161.53.85.16/plugins/generic/orcidProfile/css/orcidProfile.css

161.53.85.16

200 OK

274 B

URL GET HTTP/1.1
161.53.85.16/plugins/generic/orcidProfile/css/orcidProfile.css
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
ASCII text
Size
274 B (274 bytes)
Hash
c694f6f6029aca78f474217b6bce5c58
db9949942fe53bf8331dca3ec69984f42d23f248
5448d15cdf7d37e9dae1f8883266ec9b11f7ab73e57aae4811f1d031413cb2ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /plugins/generic/orcidProfile/css/orcidProfile.css HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:50 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Tue, 22 Dec 2020 15:09:36 GMT
ETag: "243-5b70ef67fdb40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

161.53.85.16/lib/pkp/js/lib/jquery/plugins/jquery.tag-it.js

161.53.85.16

200 OK

5.6 kB

URL GET HTTP/1.1
161.53.85.16/lib/pkp/js/lib/jquery/plugins/jquery.tag-it.js
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JavaScript source, ASCII text
Size
5.6 kB (5579 bytes)
Hash
3a8a6fe98aabf3d558738a70ff2fe53a
17fa8d4ff0e6e7c242f3ffaa2d4e47aa4c51fa3c
d195ba80074d70a7077b66ac96c7d6418ccc34a6d3b79e55f0993ef94cbff85c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/pkp/js/lib/jquery/plugins/jquery.tag-it.js HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:50 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 28 Feb 2019 22:19:43 GMT
ETag: "5bee-582fbafe55dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5579
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

161.53.85.16/plugins/themes/bootstrap3/bootstrap/js/bootstrap.min.js

161.53.85.16

200 OK

11 kB

URL GET HTTP/1.1
161.53.85.16/plugins/themes/bootstrap3/bootstrap/js/bootstrap.min.js
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JavaScript source, ASCII text, with very long lines (39553)
Size
11 kB (10940 bytes)
Hash
2f34b630ffe30ba2ff2b91e3f3c322a1
b16fd8226bd6bfb08e568f1b1d0a21d60247cefb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /plugins/themes/bootstrap3/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:50 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Wed, 01 May 2019 08:30:40 GMT
ETag: "9b00-587cf5524ac00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10940
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

161.53.85.16/public/site/images/tfluksi/znak1002.jpg

161.53.85.16

200 OK

3.7 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/znak1002.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x47, components 3
Size
3.7 kB (3656 bytes)
Hash
0d1eda8acbfb7ffc56f3ac3c898f79e8
210ff26f6c2bf26d57d52af5f3a097329fdb6b52
9191330e3d80703a5ce741287ee9a20cd9187502151f3760d3547cec29baca02

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/znak1002.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 21 Aug 2020 09:29:02 GMT
ETag: "e48-5ad5fde0ac770"
Accept-Ranges: bytes
Content-Length: 3656
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/tfluksi/2020-09-1811.png

161.53.85.16

200 OK

8.0 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/2020-09-1811.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 75 x 70, 8-bit/color RGBA, non-interlaced
Size
8.0 kB (8015 bytes)
Hash
5cd2851d459c85558dabef9b45d29430
138915b9773b3df6af57ffeb0672471ddf04729d
b477f2d3485cbaccbca61c64e48030942f48ae56fc91f3a34e1c4e0ecadd9272

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/2020-09-1811.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 18 Sep 2020 11:40:56 GMT
ETag: "1f4f-5af94f9550561"
Accept-Ranges: bytes
Content-Length: 8015
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/public/site/images/tfluksi/DOA_Logo1.jpg

161.53.85.16

200 OK

11 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/DOA_Logo1.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 290x155, components 3
Size
11 kB (11237 bytes)
Hash
c521b0c6241159159d62e0ea1ce179a3
e8efd3cb8e24cedc64b9597094f00c9c05bc0bea
c3fae0dab50ad11d2a5dc8641777f882e287cfc4f147377dab0b0ceab3912112

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/DOA_Logo1.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 12 Jan 2023 18:53:57 GMT
ETag: "2be5-5f215a3a44b62"
Accept-Ranges: bytes
Content-Length: 11237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/tfluksi/Capture3.PNG

161.53.85.16

200 OK

2.5 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/Capture3.PNG
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 245 x 136, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2510 bytes)
Hash
ea74123455934c065becb4b6c9df79dd
9807d1a50e3bd75ddcc88d9a911fcd8f1819c15c
d58e3ce2315281255f2c3dbd55de20c2ebedfdd9169f17798b294910b83a9ef1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/Capture3.PNG HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 02 Feb 2024 11:56:17 GMT
ETag: "9ce-61064ccb2ca53"
Accept-Ranges: bytes
Content-Length: 2510
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/templates/images/ojs_brand.png

161.53.85.16

200 OK

13 kB

URL GET HTTP/1.1
161.53.85.16/templates/images/ojs_brand.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 300 x 195, 8-bit/color RGBA, non-interlaced
Size
13 kB (13150 bytes)
Hash
09f9ad1b2d255e9413189adbb182026b
21b0f6d8bbcafa999e656cdc36d35ed0154773e7
3b90e3099af18f3134a0139dc2da85567d21106b60e09db3cc3a3d0615a7a744

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/images/ojs_brand.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 28 Feb 2019 22:17:54 GMT
ETag: "335e-582fba9662880"
Accept-Ranges: bytes
Content-Length: 13150
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

www.scimagojr.com/journal_img.php?id=26336

159.69.32.122

301 Moved Permanently

162 B

URL GET HTTP/1.1
www.scimagojr.com/journal_img.php?id=26336
IP
159.69.32.122:80
ASN
#24940 Hetzner Online GmbH

Requested by
http://161.53.85.16/index.php/GC

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /journal_img.php?id=26336 HTTP/1.1
Host: www.scimagojr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 10 May 2024 07:54:51 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.scimagojr.com/journal_img.php?id=26336

161.53.85.16/public/site/images/lgalovic/GV_-_logo.jpg

161.53.85.16

200 OK

32 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/GV_-_logo.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 99x99, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 509x191, components 3
Size
32 kB (32275 bytes)
Hash
100e43bea24360dc6fb7b6675c911274
a93c26bf4e90f00a0d64ac9cca5ec95381ff5438
d746e00ca36b20cead732de2cb34d37dbbd14f555d934bed559e59522dce9a3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/GV_-_logo.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Dec 2018 09:29:59 GMT
ETag: "7e13-57d70c64192fe"
Accept-Ranges: bytes
Content-Length: 32275
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/lgalovic/Scopus_logo.jpg

161.53.85.16

200 OK

4.4 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/Scopus_logo.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x60, components 3
Size
4.4 kB (4438 bytes)
Hash
50314313cdece6022e0a3bfde91c38e5
97ac6d9011ce0f21a3a1aacff60b00bfa9341877
372b0bcd793ae40ad6024caedbfdcd00fb32f3fd548d989e10553ffdaf9f964b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/Scopus_logo.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 08 Apr 2021 13:24:42 GMT
ETag: "1156-5bf75f85c58cf"
Accept-Ranges: bytes
Content-Length: 4438
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/tfluksi/wos.jpg

161.53.85.16

200 OK

5.7 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/wos.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 229x70, components 3
Size
5.7 kB (5659 bytes)
Hash
4c63b672bfb0c1c4d257677b6cc14f42
db6877767c139b561e00642d4862c13872260ba1
99e1ecd8d751ad7a28a16fd38fae4fb1ce654df9290a925a62affcd98863578a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/wos.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 09 Apr 2021 10:04:50 GMT
ETag: "161b-5bf874b65d02c"
Accept-Ranges: bytes
Content-Length: 5659
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/alisa/Logo_dimensions2.jpg

161.53.85.16

200 OK

4.0 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/alisa/Logo_dimensions2.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 221x56, components 3
Size
4.0 kB (3968 bytes)
Hash
34d0f2851a55b9b8e7e2e6af777c2205
0187d66789b0b66c9fbacc5537fbc79d61f33134
f67d443eb40c21bf1d68f71ebf27f25def44466ca91dd03553de02b17612432d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/alisa/Logo_dimensions2.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 09 Apr 2021 09:51:44 GMT
ETag: "f80-5bf871c9212d7"
Accept-Ranges: bytes
Content-Length: 3968
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.googleapis.com/css?family=Lato:300,400,700

142.250.74.106

200 OK

871 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
871 B (871 bytes)
Hash
2300e7f91276c6eea4a2d28018cdae1e
50653e8b004207032ffade1374cc4b167b27479d
83f87fdab667c33d9be11859acdfe5512f52d7c10eec3c4c7aec094bf9d6a11d

HTTP Headers

GET /css?family=Lato:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:54:51 GMT
date: Fri, 10 May 2024 07:54:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

161.53.85.16/public/site/images/lgalovic/SJR_logo_1.png

161.53.85.16

200 OK

1.7 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/SJR_logo_1.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 400 x 123, 8-bit colormap, non-interlaced
Size
1.7 kB (1662 bytes)
Hash
fed5badb71ea639cbe1f1b80e86f708a
55ebcf18f47d53e987fe711ce30dbbcead84f96e
98ecdcbb5595a6c96db8cf497e1f2adc8c778491ac19ef86bf54d8d0d401b5a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/SJR_logo_1.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 08 Apr 2021 13:28:32 GMT
ETag: "67e-5bf76060b5d95"
Accept-Ranges: bytes
Content-Length: 1662
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/public/site/images/tfluksi/hrcak-oznaka21.png

161.53.85.16

200 OK

7.0 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/hrcak-oznaka21.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 60 x 59, 8-bit/color RGB, non-interlaced
Size
7.0 kB (6985 bytes)
Hash
832523fc1e98fc7236325b564dc4976d
c9d7aa03afbf9bd9facb781cefc36996e98e36ed
029fd46484bd7225a84910a026e9d6cca423d207b90d5f506ae268042f131aeb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/hrcak-oznaka21.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 21 Aug 2020 09:31:37 GMT
ETag: "1b49-5ad5fe74e3c32"
Accept-Ranges: bytes
Content-Length: 6985
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/public/site/images/alisa/doaj_logo.png

161.53.85.16

200 OK

6.6 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/alisa/doaj_logo.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 478 x 105, 8-bit colormap, non-interlaced
Size
6.6 kB (6640 bytes)
Hash
fc96a30ed17f8a0c38554581f25d0e64
8fa7b88128061412df18a9a6d695cfcd314cc173
287bcd42c3c404592fbb8b7ec6c2ca46fef38848b23d6ae3a6e267df5abf3b2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/alisa/doaj_logo.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 09 Apr 2021 10:34:02 GMT
ETag: "19f0-5bf87b3d3fa63"
Accept-Ranges: bytes
Content-Length: 6640
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 01:55:22 GMT
expires: Sat, 10 May 2025 01:55:22 GMT
cache-control: public, max-age=31536000
age: 21569
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

161.53.85.16/public/site/images/lgalovic/Crossref_logo1.JPG

161.53.85.16

200 OK

32 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/Crossref_logo1.JPG
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 804x578, components 3
Size
32 kB (31995 bytes)
Hash
b66dd062d57df61d841d164640f359db
c87ad45e48d43e0e16e8f8f7641790dc340608f5
b33f59877bfbe0d87bbe7e10fcc45c53b85afb0434aaedf37cf78cf7e4e0c22b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/Crossref_logo1.JPG HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 08 Apr 2021 13:01:54 GMT
ETag: "7cfb-5bf75a6cf24e8"
Accept-Ranges: bytes
Content-Length: 31995
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/tfluksi/sherparomeo11.png

161.53.85.16

200 OK

21 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/tfluksi/sherparomeo11.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 250 x 40, 8-bit/color RGBA, non-interlaced
Size
21 kB (20591 bytes)
Hash
a6992a821d555c3f1a4bf8124cc22d86
a35349ae7639cea6f9e6af76adbe2fb5fc9bbcd2
2717671fe74a1de2de7efe8174a3404e6290dbfd93d16a09c693ad68bec36fc6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/tfluksi/sherparomeo11.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 18 Sep 2020 11:40:49 GMT
ETag: "506f-5af94f8e1e92a"
Accept-Ranges: bytes
Content-Length: 20591
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 13:49:40 GMT
expires: Fri, 09 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
age: 65111
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23236, version 1.0
Size
23 kB (23236 bytes)
Hash
716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 22:03:34 GMT
expires: Fri, 09 May 2025 22:03:34 GMT
cache-control: public, max-age=31536000
age: 35477
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

216.58.207.227

200 OK

5.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://161.53.85.16/index.php/GC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5472, version 1.0
Size
5.5 kB (5472 bytes)
Hash
4bde07f991ba6af69a1e009fd7ce9d1a
ed53e9f8967142ea4aa2fd113f696799319d91b2
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5472
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:48:28 GMT
expires: Fri, 09 May 2025 01:48:28 GMT
cache-control: public, max-age=31536000
age: 108383
last-modified: Tue, 02 May 2023 15:17:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

161.53.85.16/public/site/images/lgalovic/CC_BY_logo1.png

161.53.85.16

200 OK

13 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/CC_BY_logo1.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 403 x 141, 8-bit/color RGBA, non-interlaced
Size
13 kB (12588 bytes)
Hash
04d377d968557a6092bccb1617db5a65
fe3f0d8e5e8fc2e27015df79121b885ee45a2110
633aae44a5d5b8915debc82f56a8e05c1b62b567b1aefeabc18617b81d8a04a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/CC_BY_logo1.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 08 Apr 2021 12:32:51 GMT
ETag: "312c-5bf753ef5d163"
Accept-Ranges: bytes
Content-Length: 12588
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/public/journals/1/pageHeaderLogoImage_en_US.jpg

161.53.85.16

200 OK

314 kB

URL GET HTTP/1.1
161.53.85.16/public/journals/1/pageHeaderLogoImage_en_US.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:11:12 12:49:29], baseline, precision 8, 2055x673, components 3
Size
314 kB (313840 bytes)
Hash
fd4b11733ab92c39e164e29dc9103692
4d228ea391d77dc7315416d65b0023a8acf96447
3c0cbe924bcd0fccbe801ac98dac8df647f3692638cf73778de59a8092c3efa3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/journals/1/pageHeaderLogoImage_en_US.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 03 Dec 2020 10:47:20 GMT
ETag: "4c9f0-5b58d159403e0"
Accept-Ranges: bytes
Content-Length: 313840
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/journals/1/homepageImage_en_US.jpg

161.53.85.16

200 OK

314 kB

URL GET HTTP/1.1
161.53.85.16/public/journals/1/homepageImage_en_US.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:11:12 12:49:29], baseline, precision 8, 2055x673, components 3
Size
314 kB (313840 bytes)
Hash
fd4b11733ab92c39e164e29dc9103692
4d228ea391d77dc7315416d65b0023a8acf96447
3c0cbe924bcd0fccbe801ac98dac8df647f3692638cf73778de59a8092c3efa3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/journals/1/homepageImage_en_US.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 03 Dec 2020 10:49:24 GMT
ETag: "4c9f0-5b58d1cf16b03"
Accept-Ranges: bytes
Content-Length: 313840
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

161.53.85.16/public/site/images/lgalovic/publons-logo-blue2.png

161.53.85.16

200 OK

6.6 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/publons-logo-blue2.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 325 x 155, 8-bit colormap, non-interlaced
Size
6.6 kB (6626 bytes)
Hash
7cab92765b947fc79b12f9890c10d49c
38c0d93b39a9a5684a4eaf83beb141b59f5eef2d
5fa900e9d37cb33e9f9c25aa9fe5c180a43848dff67b8abaeac91749d95f01f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/publons-logo-blue2.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 08 Apr 2021 12:34:26 GMT
ETag: "19e2-5bf75449333dd"
Accept-Ranges: bytes
Content-Length: 6626
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/public/site/images/lgalovic/ithenticate_logo2.png

161.53.85.16

200 OK

6.4 kB

URL GET HTTP/1.1
161.53.85.16/public/site/images/lgalovic/ithenticate_logo2.png
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
PNG image data, 401 x 126, 8-bit colormap, non-interlaced
Size
6.4 kB (6387 bytes)
Hash
0d23edf0d6c8925348f1748ba1e33ee8
072fbdb7cd40e73c3fd1ed406a83d4d6e252cb82
b9a6c138f4aff1085a749c5b5205c86722e7993a6226f886f12e3e330b40182d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/site/images/lgalovic/ithenticate_logo2.png HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 08 Apr 2021 12:33:11 GMT
ETag: "18f3-5bf7540190d05"
Accept-Ranges: bytes
Content-Length: 6387
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

161.53.85.16/favicon.ico

161.53.85.16

200 OK

1.2 kB

URL GET HTTP/1.1
161.53.85.16/favicon.ico
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
38aa930e2cd559868d5b97aae7e7e2bb
2640b3d817af76f9cd2fd9dac754bf9bda468e99
62ae6128ca87c961400dd580afff54cc51f467f9e89a1f5280b163c70b118a75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:52 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 28 Feb 2019 22:17:54 GMT
ETag: "47e-582fba9662880"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

161.53.85.16/public/journals/1/cover_issue_85_en_US.jpg

161.53.85.16

200 OK

2.5 MB

URL GET HTTP/1.1
161.53.85.16/public/journals/1/cover_issue_85_en_US.jpg
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2586x1834, components 3
Size
2.5 MB (2479977 bytes)
Hash
bf07bcf9779082a7a468254008dcaf0f
6a960821f1b3e70f4af9044db611cd54b33900ec
0937cd9a7629f2cde3f77d4deb714617ac76d334eb2e480ad07a68231952491e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/journals/1/cover_issue_85_en_US.jpg HTTP/1.1
Host: 161.53.85.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/index.php/GC
Cookie: OJSSID=sam8hn30r31nq2ig93mcncahou
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 23 Feb 2024 11:17:45 GMT
ETag: "25d769-6120ab5923dda"
Accept-Ranges: bytes
Content-Length: 2479977
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

www.geologia-croatica.hr/plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.ttf

161.53.85.16

200 OK

14 kB

URL GET HTTP/1.1
www.geologia-croatica.hr/plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.ttf
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
TrueType Font data, 15 tables, 1st "FFTM"
Size
14 kB (14193 bytes)
Hash
35daedf142a7b98ea3750a5330e6797b
693ad2400782c301e4f9acb002d0c47b15795779
e63ed6ae9b0500e4513a6f210833c1a3824d6310dfb735cb5ba26a6e3acffd59

HTTP Headers

GET /plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.ttf HTTP/1.1
Host: www.geologia-croatica.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 11 Apr 2019 09:44:29 GMT
ETag: "b15c-5863e084e5940"
Accept-Ranges: bytes
Content-Length: 45404
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/ttf

wos-journal.info/journalide/21317

104.21.5.225

200 OK

2.6 kB

URL GET HTTP/2
wos-journal.info/journalide/21317
IP
104.21.5.225:443
ASN
#13335 CLOUDFLARENET

Requested by
http://161.53.85.16/index.php/GC
Certificate
IssuerGoogle Trust Services LLC
Subjectwos-journal.info
Fingerprint88:C2:A1:25:34:71:44:AD:43:9B:21:B4:52:11:83:3D:63:D8:AA:9F
ValiditySat, 23 Mar 2024 12:26:11 GMT - Fri, 21 Jun 2024 12:26:10 GMT

File type
PNG image data, 320 x 120, 8-bit colormap, non-interlaced
Size
2.6 kB (2613 bytes)
Hash
755d42d5e4132837f862ba298a336f2b
e0c12b1be1e9f65346ebd8d5818d96474462599a
ab29386b6336c54b78a9cb17ca824ba9dfc30913268e13fdcc160f177109442f

HTTP Headers

GET /journalide/21317 HTTP/1.1
Host: wos-journal.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:54:51 GMT
content-type: image/png
x-powered-by: PHP/7.4.33
expires: -1
cache-control: no-store,no-cache,must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HG4JKWhBLKHAA7lpfVThC8Sk8%2BQqSY%2FzFLIcm5R3qQGXWbCGy7ysaJUlO4HxMUAw50i81djsvh0%2Bqlz2XZUkuqPMKyXWROs%2FU9YMpqxRy8AxSlJ2ic3NkjJ6Wus7LhbyJlYb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88185d13fd8056c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.geologia-croatica.hr/plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.woff

161.53.85.16

200 OK

14 kB

URL GET HTTP/1.1
www.geologia-croatica.hr/plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.woff
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
Web Open Font Format, TrueType, length 23424, version 1.0
Size
14 kB (14192 bytes)
Hash
2723226ec3d11fb249aafd26a4244dbf
5e57f69871516b9fc9d87d0d6883f492c513fea6
a8afd31cb6464db425b15875c20f8e90e2c09ac85a14e315b41e5958b9cf5ede

HTTP Headers

GET /plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: www.geologia-croatica.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 11 Apr 2019 09:44:29 GMT
ETag: "5b80-5863e084e5940"
Accept-Ranges: bytes
Content-Length: 23424
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff

www.geologia-croatica.hr/plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.woff2

161.53.85.16

200 OK

14 kB

URL GET HTTP/1.1
www.geologia-croatica.hr/plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.woff2
IP
161.53.85.16:80
ASN
#2108 Croatian Academic and Research Network

Requested by
http://161.53.85.16/index.php/GC

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Size
14 kB (14191 bytes)
Hash
0cc1ef6a9e92df8d00b466ca820f923a
a11fbb9674926b00d2ad54e89309c16517dd82c7
ffe58c307a528df2a4fe13934fcdb99ff003fb4090e73dcbd5485222445fee3d

HTTP Headers

GET /plugins/themes/bootstrap3/bootstrap/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.geologia-croatica.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://161.53.85.16
DNT: 1
Connection: keep-alive
Referer: http://161.53.85.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 07:54:51 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 11 Apr 2019 09:44:29 GMT
ETag: "466c-5863e084e5940"
Accept-Ranges: bytes
Content-Length: 18028
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (39)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1