| ns3109813.ip-54-36-127.eu/ | 54.36.127.183 | | 0 B |
URL User Request GET ns3109813.ip-54-36-127.eu/ IP54.36.127.183:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET / HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
X-Powered-By: PHP/8.2.4
Set-Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: login.php
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| ns3109813.ip-54-36-127.eu/login.php | 54.36.127.183 | | 5.0 kB |
URL User Request GET ns3109813.ip-54-36-127.eu/login.php IP54.36.127.183:0
File typeHTML document, ASCII text, with CRLF line terminators Hash62640b8e4dc7f904febb03cf137a0f0c 510cf483a1564e18f47e2026c0cb77c16317e0ba abc13f0a9c0a554aa65cf74f4f6b2c5265f9b8cb90ef7f96ff7a4b5d600d94d8
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | ThreatFox | malicious | Unknown malware |
GET /login.php HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
X-Powered-By: PHP/8.2.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 5000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/fontawesome-free/css/all.min.css | 54.36.127.183 | 200 OK | 59 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/fontawesome-free/css/all.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (59158), with CRLF line terminators Hash5a6c200378fa114299418364d6382279 cb7d6e8bf44bcaeac573c32061137a843849a8b6 fd493524c8be6d84cf95959f93103680b3faa2a47c92482d43ff1836d8c08055
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/fontawesome-free/css/all.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "e7d4-5ddeaf2af58fb"
Accept-Ranges: bytes
Content-Length: 59348
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/select2/css/select2.min.css | 54.36.127.183 | 200 OK | 15 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/select2/css/select2.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (14965), with CRLF line terminators Hashba5948c0bda0f5f26bd3068ce565deaa 6d28595693ce13f1a79db7d5c73bd82b13cf63b5 c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/select2/css/select2.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "3a77-5ddeaf2b069a2"
Accept-Ranges: bytes
Content-Length: 14967
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/jquery-confirm/jquery-confirm.css | 54.36.127.183 | 200 OK | 29 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/jquery-confirm/jquery-confirm.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with CRLF line terminators Hashba26b64928d3d532b835d0a27c95f096 8f5bd50faa9d555d51ef41b02f697f67d5189cd5 acdb01fc196fd91f7bde36265f951e67d818de69f5b3597e9a32cbf00cac44e2
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/jquery-confirm/jquery-confirm.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "6ffc-5ddeaf2affc94"
Accept-Ranges: bytes
Content-Length: 28668
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-bs4/css/dataTables.bootstrap4.min.css | 54.36.127.183 | 200 OK | 5.2 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-bs4/css/dataTables.bootstrap4.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (5224), with CRLF line terminators Hash1220faeb5a59f560dfcb0d3e004c0006 d860c77692747665319484ba97c03331f867efab 804ba5f70849aad42094f37ef76db9514a0dc00f2c6715545ad3eddb7d9babc6
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-bs4/css/dataTables.bootstrap4.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "1471-5ddeaf2ad485b"
Accept-Ranges: bytes
Content-Length: 5233
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/sweetalert2/sweetalert2.min.css | 54.36.127.183 | 200 OK | 24 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/sweetalert2/sweetalert2.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (24454), with no line terminators Hashb1ab0f2f72a18c5131a1969b88549c8c 397e30c517bde3fd86c22962dec839a3d6a3e512 e6e66c379d6664d3e2c2cc6516d66f7917216c21dc1e43e82231bb376638ac85
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/sweetalert2/sweetalert2.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "5f86-5ddeaf2b0b789"
Accept-Ranges: bytes
Content-Length: 24454
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-responsive/css/responsive.bootstrap4.min.css | 54.36.127.183 | 200 OK | 4.5 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-responsive/css/responsive.bootstrap4.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (4462), with CRLF line terminators Hashc5e7f7247315eccba9da4f4936c3cfb1 36af1ee17707e0f77c898780ca6dd48c515154bb 036dd0e4c5a1fe70d269bb30fedf073dfc1494fd21bd3365333f927f6aca19d0
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-responsive/css/responsive.bootstrap4.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "1170-5ddeaf2ad82cc"
Accept-Ranges: bytes
Content-Length: 4464
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/overlayScrollbars/css/OverlayScrollbars.min.css | 54.36.127.183 | 200 OK | 20 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/overlayScrollbars/css/OverlayScrollbars.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (19782), with CRLF line terminators Hash84d2d24e7ca3b710cd48145b0099da70 3e5d820e098908c470931b3650fb1fbf0ec7e594 e14d12f06750dde7d05d13560b19f7a522c9746fc123d62e6958d21999b9398a
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/overlayScrollbars/css/OverlayScrollbars.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "4e35-5ddeaf2b02f36"
Accept-Ranges: bytes
Content-Length: 20021
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/izitoast/css/iziToast.css | 54.36.127.183 | 200 OK | 51 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/izitoast/css/iziToast.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (1938), with CRLF line terminators Hash227439ed4d28c0fb480e3b48e22319f6 1c4d5ed11b948cd67eabebf01f817cfd57035519 d279240764a09ccdf499cbaf0a794b9d01bc71a129a7f6e5a01969ae1c3b08e1
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/izitoast/css/iziToast.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "c8a7-5ddeaf2aff4c9"
Accept-Ranges: bytes
Content-Length: 51367
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/css/buttons.bootstrap4.min.css | 54.36.127.183 | 200 OK | 3.5 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/css/buttons.bootstrap4.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (3498), with CRLF line terminators Hashf610784fb9d887d5d530f67b0d20bee9 679ed34f3d48c58cae1aa46bf38f84de6f31858c c8075605bbc72d920eed01aeb47cb9d6460916b33d53aafd9399344b775fdf95
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-buttons/css/buttons.bootstrap4.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "dac-5ddeaf2ad502b"
Accept-Ranges: bytes
Content-Length: 3500
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/css/bootstrap.custom.css | 54.36.127.183 | 404 Not Found | 311 B |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/css/bootstrap.custom.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeHTML document, ASCII text Hash18f9f4e4380a04fe327279812c8f120c 97c95a0a583bb72f268d3b7134ef82a43ef305f8 ef3339187d6ad19050ec226052dc1fb93489b94edf956463217a475f62522d31
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/css/bootstrap.custom.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Content-Length: 311
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| ns3109813.ip-54-36-127.eu/assets/css/custom.css | 54.36.127.183 | 200 OK | 5.7 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/css/custom.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeassembler source, ASCII text, with CRLF line terminators Hash99d9051b8e8d154fd4ea00717e8d6c11 7c0e35feceeac09eafe524c9daa4e9fdf65599ed 168209d68f960bc68cdfb0a9c699014f09f5760f2991f046b29edcc320b62406
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/css/custom.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Wed, 21 Dec 2022 19:51:47 GMT
ETag: "1623-5f05be1ff3dcd"
Accept-Ranges: bytes
Content-Length: 5667
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/jquery-confirm/jquery-confirm.js | 54.36.127.183 | 200 OK | 53 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/jquery-confirm/jquery-confirm.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with CRLF line terminators Hash919d4cea2deffd6984ab935e6a576855 69297362f23a1d7e07ab5a540cc88a8bfae28fb6 00b87d5d4a0f88363089016d7ef2e87f785c8c77bc90165b673ae571adf8f2b5
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/jquery-confirm/jquery-confirm.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "cebb-5ddeaf2b00079"
Accept-Ranges: bytes
Content-Length: 52923
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-bs4/js/dataTables.bootstrap4.min.js | 54.36.127.183 | 200 OK | 2.1 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-bs4/js/dataTables.bootstrap4.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (510), with CRLF line terminators Hash2a89ca63a92c50483bb174ae4d6546e1 e101caca4d7b948d0ba956b8e59ce4534796cacb 76c326f778b97c32b35890a115e3bd59f4a4c90b864d13ef7dab55d9bffc3cb1
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-bs4/js/dataTables.bootstrap4.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "83a-5ddeaf2ad4c4c"
Accept-Ranges: bytes
Content-Length: 2106
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-responsive/js/dataTables.responsive.min.js | 54.36.127.183 | 200 OK | 14 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-responsive/js/dataTables.responsive.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (554), with CRLF line terminators Hash915beed79de8c04f5139989f7306a839 6aea0b2fe1103884016060f071f87c3d0e13d6bb 0ea502296f5a244abb8837d1fae77fd2eb829178efc737e37ed05f2f41ffcbcd
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-responsive/js/dataTables.responsive.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "36d6-5ddeaf2ad8a96"
Accept-Ranges: bytes
Content-Length: 14038
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables/jquery.dataTables.min.js | 54.36.127.183 | 200 OK | 84 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables/jquery.dataTables.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (539), with CRLF line terminators Hash48dcaafef025581ddd06fa44293aa1d8 236b2a9b29e5a08c90c6689c9b4a95a00ee9982d e23bd7c3432a2dc87d90ae631204ae845155752ca51d378fec7554a0946895d3
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables/jquery.dataTables.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "1473a-5ddeaf2ade6f4"
Accept-Ranges: bytes
Content-Length: 83770
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.bootstrap4.min.js | 54.36.127.183 | 200 OK | 1.0 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.bootstrap4.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators Hash7706bdd870bb12cd48fad63c41a53138 223a57b45c0a4043e034a7eb6acb197bca767d29 56b0b3abae428ccf772cbcf2f5935c9413c052efcbb75d58ad8686b02ff98d84
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-buttons/js/buttons.bootstrap4.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "419-5ddeaf2ad502b"
Accept-Ranges: bytes
Content-Length: 1049
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/css/adminlte.min.css | 54.36.127.183 | 200 OK | 1.4 MB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/css/adminlte.min.css IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with very long lines (65148), with CRLF line terminators Size1.4 MB (1382986 bytes) Hashefd25adb317155ad5b5e3ab8a9a692dd db0afb70249f3787a94bd4e97ebda0878191d394 8777aaf5d50b19f517d03349f82ac8634fac8d2d4ef71a715fead6a43435ee25
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/css/adminlte.min.css HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Tue, 20 Dec 2022 23:52:48 GMT
ETag: "151a4a-5f04b2214d873"
Accept-Ranges: bytes
Content-Length: 1382986
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-responsive/js/responsive.bootstrap4.min.js | 54.36.127.183 | 200 OK | 1.3 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-responsive/js/responsive.bootstrap4.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (808), with CRLF line terminators Hash1b5009cf9f8c7a714c2d572435ca2039 eca3775b077a6568158041e4ceb057766e0d29e9 0b580d6fde9be41dd86a9ff39c6e4b603710d2b38237811d3b9c32131cde90ff
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-responsive/js/responsive.bootstrap4.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "4e2-5ddeaf2ad8a96"
Accept-Ranges: bytes
Content-Length: 1250
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.html5.min.js | 54.36.127.183 | 200 OK | 25 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.html5.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10031), with CRLF line terminators Hash836769076baedd0c99c3c7042ac60ea9 82d310ff8470d827e1e454429dd3385fbe22baa5 d20e7c388442ed1332e321aaf27af05421eddd71e6464d767456f0e6d8d124a3
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-buttons/js/buttons.html5.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "611f-5ddeaf2ad5bd9"
Accept-Ranges: bytes
Content-Length: 24863
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/dataTables.buttons.min.js | 54.36.127.183 | 200 OK | 20 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/dataTables.buttons.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (560), with CRLF line terminators Hash0944f2137f2df871c18dab612494be14 061a08b77badc566e78c4e1ce436996da02c1d2a af4152af534a2718f484f42c4ceca2170e149f9de659597438cfdc4340207d6b
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-buttons/js/dataTables.buttons.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "4f83-5ddeaf2ad5fbe"
Accept-Ranges: bytes
Content-Length: 20355
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.print.min.js | 54.36.127.183 | 200 OK | 2.2 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.print.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (526), with CRLF line terminators Hashd992f746793e3edece767923bda07a32 4f7931769238c8aea21fdada7475bab7ccff59fa bc0114f0d2e08e6d597daa42f78283ef7daa7a9646fb1093fff6aa601204e3cc
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-buttons/js/buttons.print.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "8a9-5ddeaf2ad5bd9"
Accept-Ranges: bytes
Content-Length: 2217
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/jquery/jquery.min.js | 54.36.127.183 | 200 OK | 90 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/jquery/jquery.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators Hash0732e3eabbf8aa7ce7f69eedbd07dfdd 4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/jquery/jquery.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "15d9f-5ddeaf2b013f2"
Accept-Ranges: bytes
Content-Length: 89503
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.colVis.min.js | 54.36.127.183 | 200 OK | 2.8 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/datatables-buttons/js/buttons.colVis.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (558), with CRLF line terminators Hasha4f260a1363ab33b3ac6ccf8f07bc8a8 d503adc53fe34923b7a20d49b8815c0c6ee98785 b5f8f5b7b97296ce0d00d0d11af5ddc73f496fa1d746753f928d7041881c7b50
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/datatables-buttons/js/buttons.colVis.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "b1c-5ddeaf2ad540e"
Accept-Ranges: bytes
Content-Length: 2844
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/select2/js/select2.min.js | 54.36.127.183 | 200 OK | 71 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/select2/js/select2.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64130), with CRLF line terminators Hash37dd3c4be796c3e4d2914e336fc84624 efd00b3c59b9093335cfcc043fa0576587676636 d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/select2/js/select2.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:07 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "114c4-5ddeaf2b0abd9"
Accept-Ranges: bytes
Content-Length: 70852
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/overlayScrollbars/js/jquery.overlayScrollbars.min.js | 54.36.127.183 | 200 OK | 43 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/overlayScrollbars/js/jquery.overlayScrollbars.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (42375), with CRLF line terminators Hashbc16ae2b903284c4ceac6125b97a42eb 70a76de9919c00007dfb340242f096982e039967 32b547c248eb02f9615bf8e21d8c757cf5810780ab9935694d96c0b00ab71c4e
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/overlayScrollbars/js/jquery.overlayScrollbars.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "a676-5ddeaf2b03ae4"
Accept-Ranges: bytes
Content-Length: 42614
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/sweetalert2/sweetalert2.min.js | 54.36.127.183 | 200 OK | 48 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/sweetalert2/sweetalert2.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (47965), with no line terminators Hashc7cffc8b283719a988fa85b6b5f77a85 9a62bf49bbd6ca0dc23ef1c4c6bc55e83e00b5a8 cad04f1e55ed6543d1dbd9672e6ea9f9d658c0053e8345e9c8cb160f88b4947e
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/sweetalert2/sweetalert2.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "bb5d-5ddeaf2b0bb6e"
Accept-Ranges: bytes
Content-Length: 47965
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/izitoast/js/iziToast.min.js | 54.36.127.183 | 200 OK | 18 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/izitoast/js/iziToast.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (18398), with CRLF line terminators Hashdf383d4feeb05ea8bfe86a0569ef0524 c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4 df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/izitoast/js/iziToast.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "4836-5ddeaf2affc94"
Accept-Ranges: bytes
Content-Length: 18486
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/jquery-mousewheel/jquery.mousewheel.js | 54.36.127.183 | 200 OK | 8.5 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/jquery-mousewheel/jquery.mousewheel.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with CRLF line terminators Hash303c4ba89b4e5aec521e09b2c28c5687 c7ab27c23a5e200918bbb07715913f091a65de0f 0c8cf6e01a692a481a0b546d0ba61f09abdf578973cbcf3149a725385144eb62
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/jquery-mousewheel/jquery.mousewheel.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "2128-5ddeaf2b0045e"
Accept-Ranges: bytes
Content-Length: 8488
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/raphael/raphael.min.js | 54.36.127.183 | 200 OK | 93 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/raphael/raphael.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65518), with no line terminators Hashd215c2fcffdaa7759bf99e6da9f7c402 eee7f2ccba4c7fbbcd87057694221985db44fa45 4da6e9aca75e3576d27ac0962ccadc6d6483cd486901d70d3dee50e77ae7f588
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/raphael/raphael.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "16bef-5ddeaf2b05628"
Accept-Ranges: bytes
Content-Length: 93167
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/bootstrap/js/bootstrap.bundle.min.js | 54.36.127.183 | 200 OK | 84 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/bootstrap/js/bootstrap.bundle.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (65294), with CRLF line terminators Hash96b79e4fd55cfeb144bda37cb9dee866 f6644ccddf43f83d4459e10fdc83027eb24ce530 2f5454be2251ba125af6a2b8836bcf682ec83d9dcb8043b5d71dc4e1ea399094
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "149a0-5ddeaf2ad2168"
Accept-Ranges: bytes
Content-Length: 84384
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/chartjs/chartjs-adapter-date-fns.bundle.min.js | 54.36.127.183 | 200 OK | 51 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/chartjs/chartjs-adapter-date-fns.bundle.min.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (50495) Hash87f55b2580c452ec3431f18b5fada114 94fb6f22ccbcff719e8612e0702af5f8935c7886 ea7ab30d26c38dcf1f2d26bb43e73a94537b58f1906f55e1a546dd09321b5615
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/chartjs/chartjs-adapter-date-fns.bundle.min.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Wed, 21 Dec 2022 14:01:48 GMT
ETag: "c5da-5f056fe5d5f78"
Accept-Ranges: bytes
Content-Length: 50650
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/js/adminlte.js | 54.36.127.183 | 200 OK | 103 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/js/adminlte.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (377), with CRLF line terminators Size103 kB (102908 bytes) Hash32b91417a6d23c42338d6a9095de4a4a 8676668b72dde84eedfb39b9d8b11a0de233064e 1be6813edcb0739873e09c30a87e04d455426c91d1ac2df195b422afd0938bc8
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/js/adminlte.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "191fc-5ddeaf2acd767"
Accept-Ranges: bytes
Content-Length: 102908
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/chartjs/chart.umd.js | 54.36.127.183 | 200 OK | 203 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/chartjs/chart.umd.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeJavaScript source, ASCII text, with very long lines (57336) Size203 kB (202889 bytes) Hash10c8431fbf76ad4eab813ca969e291ae da070ff7e9aa680a9760c8320a133c4f04c1f3df 9792d6f5a07f0569f16a04b60fbc2bde1984227f6bd1abc47ff3a8b0f60e5193
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/chartjs/chart.umd.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
ETag: "31889-1c5fc537f6900"
Accept-Ranges: bytes
Content-Length: 202889
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/__UNAM_LIB/unam_lib.js | 54.36.127.183 | 200 OK | 952 B |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/__UNAM_LIB/unam_lib.js IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeASCII text, with CRLF line terminators Hash8c7fb12cb6f7e2df13448f35fcc57fb4 d21730a298168b00466ccf8d73232794c789bc23 203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /__UNAM_LIB/unam_lib.js HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:06 GMT
ETag: "3b8-5ddeaf2aa77c7"
Accept-Ranges: bytes
Content-Length: 952
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ns3109813.ip-54-36-127.eu/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 | 54.36.127.183 | 200 OK | 78 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/assets/modules/fontawesome-free/css/all.min.css
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "13174-5ddeaf2aff0e4"
Accept-Ranges: bytes
Content-Length: 78196
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| ns3109813.ip-54-36-127.eu/favicon.ico | 54.36.127.183 | 200 OK | 15 kB |
URL GET HTTP/1.1ns3109813.ip-54-36-127.eu/favicon.ico IP54.36.127.183:80
Requested byhttp://ns3109813.ip-54-36-127.eu/login.php
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash2df3bd966f2c8af0095423679735a325 4eabcce6b2b7458895e58e740d82489f2b5020f5 dd09fc33e56f0f4f92970ea4d40f17683e9179006c04bb7583711e737b88efbd
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel |
GET /favicon.ico HTTP/1.1
Host: ns3109813.ip-54-36-127.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ns3109813.ip-54-36-127.eu/login.php
Cookie: PHPSESSID=8g86iq2r4b3co9e822anooaeu2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:58:08 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Last-Modified: Sun, 01 May 2022 03:34:07 GMT
ETag: "3c2e-5ddeaf2b0cb03"
Accept-Ranges: bytes
Content-Length: 15406
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/x-icon
|
|