| | 85.185.20.208 | | 10 kB |
IP85.185.20.208:0 ASN#58224 Iran Telecommunication Company PJS
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash51112305a3beee0b212d75926a446b4f 85466d10a31335a8a87af48dfb403d6989bda0e9 5b89154fbd3a83180ef4cf4c4705ea81bbcfa6c37250c62ce3987b3f18fd1e80
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 10094
P3P: CP=CAO PSA OUR
CONTENT-TYPE: text/html
|
|
| 85.185.20.208/jsCore/md5.js | 85.185.20.208 | 200 OK | 1.6 kB |
URL GET HTTP/1.185.185.20.208/jsCore/md5.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashac32581aa7484ac41ffa93a9b49f3a76 e58f3f9b29e85ceb0131e7e1898e7fb312cb76fe 9ddca40481524361e3b6081ff62c0479d342f5a118bd2cec3cdddd94ef75bc91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/md5.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1623
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/base64.js | 85.185.20.208 | 200 OK | 563 B |
URL GET HTTP/1.185.185.20.208/jsCore/base64.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash8ba26ea431a06be823cd3fc0173ea7f9 927f9fa4c0afce8a886c284dbb740c05f527bfb0 ae958e77f92f2e8d6655c5f814de677c10ac3f77738087eb1ab883e2a1e0e266
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/base64.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 563
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/rpcCore.js | 85.185.20.208 | 200 OK | 5.2 kB |
URL GET HTTP/1.185.185.20.208/jsCore/rpcCore.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashff0f7d3c48261d8e3d9a08337f6dcbb4 0b1a05c0cb13b06bcc9577c1b1bbfd8981745666 f9d0a54dd841eed3034a9ef6dfe03ce882d0e3aee0c927063457ccd6c63355dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/rpcCore.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 5161
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/more.js | 85.185.20.208 | 200 OK | 7.9 kB |
URL GET HTTP/1.185.185.20.208/jsCore/more.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashae2ac9881141942d49d8fe713be13fe3 b10e883d4809bf7effa6c86c029f750d326c3489 7de60c731fe00a344e5b54d72978748081cd2fe4c1952a517e61a18ddf882980
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/more.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 7927
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/m.js | 85.185.20.208 | 200 OK | 19 kB |
URL GET HTTP/1.185.185.20.208/jsCore/m.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashdb39b44306166a07a87e0575853f1fbb 84f8c22038dd1a03698d8ae7c9669d6f30d3e5cc a2629452ffff157b07f1e7c4fc4f98b5db9862e011d96cefe6e9bae8b313f713
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/m.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 18807
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/rpcLogin.js | 85.185.20.208 | 200 OK | 894 B |
URL GET HTTP/1.185.185.20.208/jsCore/rpcLogin.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash69eb1ac5bc72e100aa9386fcaa072948 b07f7601e3a004667958cb20fa38d81f622c576d f37ee56603d63e95b33f9607f676a06f0214814d790e108bb81d5e27ab235ecd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/rpcLogin.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 894
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/common.js | 85.185.20.208 | 200 OK | 2.1 kB |
URL GET HTTP/1.185.185.20.208/jsCore/common.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash0c8a6a64f71dac92006acea3d02756c3 310e9a6c88fdc02cf9d2d0adb129c49306524aac db52f74466841d69cd4882f89d7678a3ace3ce4daa2d896aacd227e06fa84928
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/common.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2133
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/rpcCoreEx.js | 85.185.20.208 | 200 OK | 313 B |
URL GET HTTP/1.185.185.20.208/js/rpcCoreEx.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash57dff3a9eea5d203c9fc7946c443304a 07268c91b49ec6e16bb6247b0a83da5274ec70a6 b0dcc18ff2613d8800139046540a780a2a29c943d1193cda3574ed1fdbbba591
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/rpcCoreEx.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 313
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/system.js | 85.185.20.208 | 200 OK | 698 B |
URL GET HTTP/1.185.185.20.208/js/system.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash28a5c292dbeb494ae08d7647efc6d9a7 be1ff33944269b02de198e1b7320488dd211cbb3 2f2bb66197d042d326061c4db1f81e0bffc026c1ae4158933f23d79c233db67d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/system.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 698
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/loginEx.js | 85.185.20.208 | 200 OK | 2.1 kB |
URL GET HTTP/1.185.185.20.208/js/loginEx.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash3401877560c3d837c782232a7aaeaceb cc1ad8f8d315128c4ba881e97cec2fe487552e4d e8ddd3589d04b41f7f286cf85f8c1e9c425d7aba727fe1e2cb948c5789aab1d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/loginEx.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2090
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/appAbility.js | 85.185.20.208 | 200 OK | 318 B |
URL GET HTTP/1.185.185.20.208/js/appAbility.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash08faa77c049fbe05c4059f39976dc1cb bb256347ba38e6c25fef4322ece294f60466d436 202926d2dd7a6c559259dc1e554941f1719bb5a0226f11342a2c7700a1d69bef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/appAbility.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 318
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/index.js | 85.185.20.208 | 200 OK | 6.8 kB |
URL GET HTTP/1.185.185.20.208/js/index.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash76b60a598e0c1425e31fa862dd90416e 51ac60e023ab62f84361fe99076d2167d9026048 04cd1b58f60d3ffa520a99633c1b8d73f2a5ae089427940136522340602fbe61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/index.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 6780
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/qt.js | 85.185.20.208 | 200 OK | 3.2 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash63edb812051a46a5a997fee6a063f163 be66a70b3417e5a3ec78de79e71a62b6ff40e7bb 171fd7a75ddc35eb59d3ee25ad8b517709246746904c84878528a70f8a3f95ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/qt.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 3175
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/eventScript.js | 85.185.20.208 | 200 OK | 1.4 kB |
URL GET HTTP/1.185.185.20.208/js/eventScript.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashfa83928974e2630ff312a6625b6be7ca ce08a397548519937b5fcf0ae5d4991d4e69c142 f28800179ea2c00ce44748fbd3eac92617236781eda942dcdd6b0a8f2df58aad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/eventScript.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1375
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/olp.js | 85.185.20.208 | 200 OK | 812 B |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashee6170c6c8fbd2f71789f430598e8f34 6c62d478e071ea8940e266ffae078cdc01a09985 6afa6efe9c6993b8a5cea02cc412fd712a405d277eccf34c3b9ed05fa6788be6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /olp.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 812
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/current_config/WebCapConfig | 85.185.20.208 | 200 OK | 83 B |
URL GET HTTP/1.185.185.20.208/current_config/WebCapConfig IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash4f6822417b3d5b89e949c3c0f5561f4f 829bc9fac2e2720fbc35695479dd55bb701332c4 2544db836da71b4f09a598f8f6642b3c97e184889eb98eefd69b1f185be79287
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /current_config/WebCapConfig HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
X-Request: JSON
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 83
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/octet-stream
|
|
| 85.185.20.208/css/fn.css | 85.185.20.208 | 200 OK | 2.2 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash96bff59ac2e59ce0582ed11078330bd8 61fbb2873022c54ae4294a5a4160206523bb99a5 c9cb55a8ffed1dca8700e79fb579e11bea52a03ca5851ab33080301e645f2e52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/fn.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2213
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/reset.css | 85.185.20.208 | 200 OK | 645 B |
URL GET HTTP/1.185.185.20.208/css/reset.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash2b8e62339a37d621cadf321a85314585 faee1fc127555b7f5dc06016762c02c4950f95ec 92555b2667dffa1141cdcfddb17d45aee317ced75647d31950b53eaacee1ecbd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/reset.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 645
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/ui.css | 85.185.20.208 | 200 OK | 6.5 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashf2d02e3d654657fa33a5863166844bf8 7f2d0d74e4f8b81c25c67a7b268c266a587b52cb d6c35666096c93fe272af58cb1a90c79a4990f9f3dabefd75a8c7ae314c30995
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/ui.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 6470
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/skin.css | 85.185.20.208 | 200 OK | 3.7 kB |
URL GET HTTP/1.185.185.20.208/css/skin.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash65ee71307b112eec928c58b537c51f8c f3932edd7595ea1051d53b9b564d44ae65763f40 faf588e868618c34e2c5c40dcedc276283c0f0182d2073c90a7b717e3a9dd87f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/skin.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 3740
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/index.css | 85.185.20.208 | 200 OK | 1.1 kB |
URL GET HTTP/1.185.185.20.208/css/index.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hasha235053c5e06f58dc18a546f3e426108 9cf6a7ed4b11c6158d3ea067883e2b623889f710 db93afc2a67dcbfcb0e092cc43dbda0001bfb8488d124296a477a9cc135c656c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/index.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1130
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/playbackindex.css | 85.185.20.208 | 200 OK | 4.3 kB |
URL GET HTTP/1.185.185.20.208/css/playbackindex.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash5ffbf011614517b0a6cd235a4a9c70df 297860b87ef7480a8aec42a86245cc23bf01926a a229a0e0c8b4ed02d911db2b705f38ebb084c90ab6f0dbe50591d858d621968f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/playbackindex.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 4346
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/current_config/preLanguage | 85.185.20.208 | 200 OK | 32 B |
URL GET HTTP/1.185.185.20.208/current_config/preLanguage IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash58a5e3951d3522546d9588ac46b9aee4 958abab7dcb7044cdda4fc669538539a12e54715 7306e07945e900fbd5ec1ecf7170a48c20f4d99e06b7822d70fc2b1b999fc462
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /current_config/preLanguage HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
X-Request: JSON
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 32
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/octet-stream
|
|
| 85.185.20.208/custom_lang/English.txt | 85.185.20.208 | 404 Not Found | 48 B |
URL GET HTTP/1.185.185.20.208/custom_lang/English.txt IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typeHTML document, ASCII text, with no line terminators Hashde47b8952cf60220f474d5004f9f04df d44daa88381eacd58e1186a9d7a36bdc5adae7d3 a5ab8a7699e699284cf698b35a5172defde53ab4db229b33d24307656cbed54b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /custom_lang/English.txt HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
X-Request: JSON
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
CONNECTION: close
CONTENT-LENGTH: 48
CONTENT-TYPE: text/html
|
|
| 85.185.20.208/web_lang/English.txt | 85.185.20.208 | 200 OK | 57 kB |
URL GET HTTP/1.185.185.20.208/web_lang/English.txt IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash28e1d8150b6ab1453c51de642b88391c 6679d20214077385a2b800627e5117d7619a273a 4b7ab8f5cef79f7c04ea3442dacc93e294eb576969258e0cdf74e9dcc52b1da7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web_lang/English.txt HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
X-Request: JSON
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 57099
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/octet-stream
|
|
| 85.185.20.208/html/previewindex.htm?undefined | 85.185.20.208 | 200 OK | 5.5 kB |
URL GET HTTP/1.185.185.20.208/html/previewindex.htm?undefined IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashb91f064e2ae3ab746fd3a4dfe1a3b73b cac932e0e978db3545385dfa17606dfaf937c2eb 486390638f7ff3d0e9aab5846a7b820b8f908b7cfd6a52c929463dd365f6f054
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /html/previewindex.htm?undefined HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 5467
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/html
|
|
| 85.185.20.208/image/bg.png?version=2.210 | 85.185.20.208 | 200 OK | 985 B |
URL GET HTTP/1.185.185.20.208/image/bg.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typePNG image data, 1 x 170, 8-bit colormap, non-interlaced Hash88f54be55f085162342d5bb51af52a26 b3a1734a05eb9395f83ad17adefadf6e249f75a8 632ac2a6c5d940bdb01830a0c090eba277209be1e0d16094971319cfc31bafff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/bg.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 985
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/lgbg.jpg?version=2.210 | 85.185.20.208 | 200 OK | 6.3 kB |
URL GET HTTP/1.185.185.20.208/image/lgbg.jpg?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 483x317, components 3 Hash4ff53be6165e430af41d782e00207fda a83930048e73d8e67fbfd284b1e7a9c15cef9b1d e5cc6df02c1d12a041e4cf906f2f5465fb07c0a55d55a6e42be0a99894219e27
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/lgbg.jpg?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 6255
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/jpeg
|
|
| 85.185.20.208/image/loginlogo.jpg?version=2.210 | 85.185.20.208 | 200 OK | 5.0 kB |
URL GET HTTP/1.185.185.20.208/image/loginlogo.jpg?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 474x56, components 3 Hash31f1053201e77e60aee661b0ecc791ba 7e720eddfdd7dfd37d71efdb0b81c6611b685822 7fff97e119264488f61073ab0e236a09a784bce2340b234466dda27ec241ae62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/loginlogo.jpg?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 5021
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/jpeg
|
|
| 85.185.20.208/image/allbg.png?version=2.210 | 85.185.20.208 | 200 OK | 1.9 kB |
URL GET HTTP/1.185.185.20.208/image/allbg.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 1 x 600, 8-bit colormap, non-interlaced Hasha98e6e124a4610c0e0aa4e5ebc632ee4 d01f47191118723638fd7bbc22c1476ec3057aaa 54bb9b575dd080f3219d22984f0fe0fd45891f39f3fa57180f588344629a10a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/allbg.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1927
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/logo.jpg?version=2.210 | 85.185.20.208 | 200 OK | 2.0 kB |
URL GET HTTP/1.185.185.20.208/image/logo.jpg?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 165x55, components 3 Hash922d04b3362aa37f5f650696fa612dc6 48f5269c4928ee5d3c29805d59a3c1b41303ea63 7fbc9ae240bb2577a31fbeac3677ffee4dbcc4aa2d32fce99a652458a869823c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/logo.jpg?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2033
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/jpeg
|
|
| 85.185.20.208/js/Calendar.js | 85.185.20.208 | 200 OK | 1.5 kB |
URL GET HTTP/1.185.185.20.208/js/Calendar.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash484bab165612866bb012aa518b369e44 349d468811f33efc0652880516913f412ba5903d 014defb84b51b0187c084668c18b3317cc03bb25e2e1694c705eac284fed1d7c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/Calendar.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1490
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/PlayControl.js | 85.185.20.208 | 200 OK | 288 B |
URL GET HTTP/1.185.185.20.208/js/PlayControl.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash22e6663ff5ba43b3ba17e1878bbeb2d6 4c9894e8ce0821de66d7de4f1f5852a76e121432 53a215bd8f4309b4e339e176d7439bead61a32bb9faa70b7874e22d66639b821
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/PlayControl.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 288
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/FileList.js | 85.185.20.208 | 200 OK | 997 B |
URL GET HTTP/1.185.185.20.208/js/FileList.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash82d29eba461ab741020fb78df5b9f2d8 4e16474f391ea8eb8231c486c123070978b60273 065054e7ca56ee1bba6159ab93dc520edbe96386a9ba8aede2c18a017698e47d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/FileList.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 997
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/WindowManager.js | 85.185.20.208 | 200 OK | 409 B |
URL GET HTTP/1.185.185.20.208/js/WindowManager.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashfa2613f6863ffdf5b6efd1d34a07a1c0 d98f3e5e816f624cd4b6213c3ee750d24283c005 45d1d1f87113dcee7e6722d7280c1b970a85b4a35fd3a426cd337682ae88fcc3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/WindowManager.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 409
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/Grid.js | 85.185.20.208 | 200 OK | 326 B |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash6df1d984bbff59edcbf41e2788f11439 924fc5532079a2e67c00d2469d5c9aca1e412932 15db7c0700a40bf6a4442ff76237c92928ef583ec375a843cd94c68ad6652160
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/Grid.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 326
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/GroupControl.js | 85.185.20.208 | 200 OK | 945 B |
URL GET HTTP/1.185.185.20.208/js/GroupControl.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash71f56e2075169b78c10ab925beb13460 47b071e90b24ee5dc3e2ec387837037157bc8f62 40358d5c8910ae7ac89949d72fcc26072b7708013a01f7779810d90e20b64e4b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/GroupControl.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 945
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/publicFunc.js | 85.185.20.208 | 200 OK | 13 kB |
URL GET HTTP/1.185.185.20.208/js/publicFunc.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/alarmindex.htm?undefined
Hash2c5c3019c4d067b9491cd32920f1cf40 c20da607e701581fe549434c8f8b6e39aa4cd21e 941836e7061b882a163050f5e78c4e21d91d0ab97675ad4ca2632a00f9eb4f42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/publicFunc.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 13321
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/more.js | 85.185.20.208 | 200 OK | 7.9 kB |
URL GET HTTP/1.185.185.20.208/jsCore/more.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashae2ac9881141942d49d8fe713be13fe3 b10e883d4809bf7effa6c86c029f750d326c3489 7de60c731fe00a344e5b54d72978748081cd2fe4c1952a517e61a18ddf882980
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/more.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 7927
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/md5.js | 85.185.20.208 | 200 OK | 1.6 kB |
URL GET HTTP/1.185.185.20.208/jsCore/md5.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashac32581aa7484ac41ffa93a9b49f3a76 e58f3f9b29e85ceb0131e7e1898e7fb312cb76fe 9ddca40481524361e3b6081ff62c0479d342f5a118bd2cec3cdddd94ef75bc91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/md5.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1623
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/base64.js | 85.185.20.208 | 200 OK | 563 B |
URL GET HTTP/1.185.185.20.208/jsCore/base64.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash8ba26ea431a06be823cd3fc0173ea7f9 927f9fa4c0afce8a886c284dbb740c05f527bfb0 ae958e77f92f2e8d6655c5f814de677c10ac3f77738087eb1ab883e2a1e0e266
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/base64.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 563
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/playbackindex.js | 85.185.20.208 | 200 OK | 21 kB |
URL GET HTTP/1.185.185.20.208/js/playbackindex.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash408baa003781319c3f19f17eb0be5f99 40f3209a3170e3bb3ad13c345a9de9c170257659 e89115e0bc15e0ab202e511b05977c880704a58d21a0e10037f0cec5e2ccc0c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/playbackindex.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 20796
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/rpcCore.js | 85.185.20.208 | 200 OK | 5.2 kB |
URL GET HTTP/1.185.185.20.208/jsCore/rpcCore.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashff0f7d3c48261d8e3d9a08337f6dcbb4 0b1a05c0cb13b06bcc9577c1b1bbfd8981745666 f9d0a54dd841eed3034a9ef6dfe03ce882d0e3aee0c927063457ccd6c63355dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/rpcCore.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 5161
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/m.js | 85.185.20.208 | 200 OK | 19 kB |
URL GET HTTP/1.185.185.20.208/jsCore/m.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashdb39b44306166a07a87e0575853f1fbb 84f8c22038dd1a03698d8ae7c9669d6f30d3e5cc a2629452ffff157b07f1e7c4fc4f98b5db9862e011d96cefe6e9bae8b313f713
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/m.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 18807
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/rpcLogin.js | 85.185.20.208 | 200 OK | 894 B |
URL GET HTTP/1.185.185.20.208/jsCore/rpcLogin.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash69eb1ac5bc72e100aa9386fcaa072948 b07f7601e3a004667958cb20fa38d81f622c576d f37ee56603d63e95b33f9607f676a06f0214814d790e108bb81d5e27ab235ecd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/rpcLogin.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 894
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/loginEx.js | 85.185.20.208 | 200 OK | 2.1 kB |
URL GET HTTP/1.185.185.20.208/js/loginEx.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash3401877560c3d837c782232a7aaeaceb cc1ad8f8d315128c4ba881e97cec2fe487552e4d e8ddd3589d04b41f7f286cf85f8c1e9c425d7aba727fe1e2cb948c5789aab1d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/loginEx.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2090
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/ptzCtrl.js | 85.185.20.208 | 200 OK | 984 B |
URL GET HTTP/1.185.185.20.208/js/ptzCtrl.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash85f0fde502f7a147078db99ed675525e 1049e120ef3894f6527ba027cc327680a984f2b9 9e3501265d7009613322586d210fa94ec11ef201875eb06eff0e617f6c37ad3e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ptzCtrl.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 984
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/cap.js | 85.185.20.208 | 200 OK | 255 B |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashb0a0ae6bde77440dbbc8eadc3d737e84 ef8c5575e69bf54d1f1bcc9c3c6f548c931ee13c 4076bfa33154833847b1cb53dd28c410d33a4fbada784fa2bafe0229af5bbe8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cap.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONTENT-LENGTH: 255
CONNECTION: close
Content-type: application/x-javascript;charset=utf-8
|
|
| 85.185.20.208/js/previewindex.js | 85.185.20.208 | 200 OK | 13 kB |
URL GET HTTP/1.185.185.20.208/js/previewindex.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash31e175eb5fb9dd45a490896a91d05545 569a19ba4863ef39d35cb57082f41275b2c4978d 0360d57388385bf7a7da801484670039046f6e96db5819b380106f1e8467010e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/previewindex.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 13366
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/ft.js | 85.185.20.208 | 200 OK | 54 B |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashd6922fec5d7e406532b8ec79d6d4bf80 df155b26f55a5a1480312c12d8013b081a2d6a91 f2946d49dd3a7fc2e133ffa08938a4ce03d11c02fac4f7106526ff22b94b2fa7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ft.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 54
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/local.png | 85.185.20.208 | 200 OK | 9.4 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typeISO-8859 text, with very long lines (308), with CRLF line terminators Hash0b11f67e59614b912e2ad3eb02c92c8a 580a8593334578445de9ac4e3ead0ba087a53c44 b17ae44a6dda2e42e6e8514e23db77eb81d4e914b4e6d568c4f652ee1819d162
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /local.png HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 9429
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/html/alarmindex.htm?undefined | 85.185.20.208 | 200 OK | 1.6 kB |
URL GET HTTP/1.185.185.20.208/html/alarmindex.htm?undefined IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash3e2fa57a25b1e2d6dfad61fa0d98f0cd d006a635883a778f54056395b334bdfa701dbb86 3e376f15f9badea5dc1aa2ea8031a97581980ee5131a2d412099e3ba7578fd82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /html/alarmindex.htm?undefined HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1620
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/html
|
|
| 85.185.20.208/image/pic.png?version=2.210 | 85.185.20.208 | 200 OK | 13 kB |
URL GET HTTP/1.185.185.20.208/image/pic.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 454 x 250, 8-bit/color RGBA, non-interlaced Hash708884eb71bf71058c5971fff6f21467 15d0816dc0766b09970dbdb70f12300e1e97d543 d3fae0c355a6021578e9396b21aa60d24289668bc96222cfd6ef33fae78944c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/pic.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 13139
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/current_config/WebCapConfig | 85.185.20.208 | 200 OK | 83 B |
URL GET HTTP/1.185.185.20.208/current_config/WebCapConfig IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash4f6822417b3d5b89e949c3c0f5561f4f 829bc9fac2e2720fbc35695479dd55bb701332c4 2544db836da71b4f09a598f8f6642b3c97e184889eb98eefd69b1f185be79287
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /current_config/WebCapConfig HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
X-Request: JSON
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 83
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/octet-stream
|
|
| 85.185.20.208/favicon.ico | 85.185.20.208 | 200 OK | 1.2 kB |
URL GET HTTP/1.185.185.20.208/favicon.ico IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashbd9e17c46bbbc18af2a2bd718dddad0e f8548e9f44dd45eefadd22bf0c758cb2d04912d7 95720d030ba3db423c71eef7c6d919151b2e868b9331506577bcf1050f846f98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1150
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/x-icon
|
|
| 85.185.20.208/jsCore/more.js | 85.185.20.208 | 200 OK | 7.9 kB |
URL GET HTTP/1.185.185.20.208/jsCore/more.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashae2ac9881141942d49d8fe713be13fe3 b10e883d4809bf7effa6c86c029f750d326c3489 7de60c731fe00a344e5b54d72978748081cd2fe4c1952a517e61a18ddf882980
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/more.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 7927
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/rpcCore.js | 85.185.20.208 | 200 OK | 5.2 kB |
URL GET HTTP/1.185.185.20.208/jsCore/rpcCore.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashff0f7d3c48261d8e3d9a08337f6dcbb4 0b1a05c0cb13b06bcc9577c1b1bbfd8981745666 f9d0a54dd841eed3034a9ef6dfe03ce882d0e3aee0c927063457ccd6c63355dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/rpcCore.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 5161
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/js/publicFunc.js | 85.185.20.208 | 200 OK | 13 kB |
URL GET HTTP/1.185.185.20.208/js/publicFunc.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/alarmindex.htm?undefined
Hash2c5c3019c4d067b9491cd32920f1cf40 c20da607e701581fe549434c8f8b6e39aa4cd21e 941836e7061b882a163050f5e78c4e21d91d0ab97675ad4ca2632a00f9eb4f42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/publicFunc.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 13321
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/jsCore/m.js | 85.185.20.208 | 200 OK | 19 kB |
URL GET HTTP/1.185.185.20.208/jsCore/m.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashdb39b44306166a07a87e0575853f1fbb 84f8c22038dd1a03698d8ae7c9669d6f30d3e5cc a2629452ffff157b07f1e7c4fc4f98b5db9862e011d96cefe6e9bae8b313f713
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jsCore/m.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 18807
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/css/reset.css | 85.185.20.208 | 200 OK | 645 B |
URL GET HTTP/1.185.185.20.208/css/reset.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash2b8e62339a37d621cadf321a85314585 faee1fc127555b7f5dc06016762c02c4950f95ec 92555b2667dffa1141cdcfddb17d45aee317ced75647d31950b53eaacee1ecbd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/reset.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 645
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/js/alarmindex.js | 85.185.20.208 | 200 OK | 1.6 kB |
URL GET HTTP/1.185.185.20.208/js/alarmindex.js IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/alarmindex.htm?undefined
Hash26a3f2f2352168b2bbcab2e3260844b1 66d60a1eec1481a2fde2298ad4b6d2af943ae73c cbe6cbca6956943d0ba0427f403277f3ba2a5f9a32f66db6533b5dea8017d285
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/alarmindex.js HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1584
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: application/x-javascript
|
|
| 85.185.20.208/css/fn.css | 85.185.20.208 | 200 OK | 2.2 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash96bff59ac2e59ce0582ed11078330bd8 61fbb2873022c54ae4294a5a4160206523bb99a5 c9cb55a8ffed1dca8700e79fb579e11bea52a03ca5851ab33080301e645f2e52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/fn.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2213
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/skin.css | 85.185.20.208 | 200 OK | 3.7 kB |
URL GET HTTP/1.185.185.20.208/css/skin.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash65ee71307b112eec928c58b537c51f8c f3932edd7595ea1051d53b9b564d44ae65763f40 faf588e868618c34e2c5c40dcedc276283c0f0182d2073c90a7b717e3a9dd87f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/skin.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 3740
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/local.png | 85.185.20.208 | 200 OK | 9.4 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typeISO-8859 text, with very long lines (308), with CRLF line terminators Hash0b11f67e59614b912e2ad3eb02c92c8a 580a8593334578445de9ac4e3ead0ba087a53c44 b17ae44a6dda2e42e6e8514e23db77eb81d4e914b4e6d568c4f652ee1819d162
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /local.png HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 9429
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/css/previewindex.css | 85.185.20.208 | 200 OK | 2.1 kB |
URL GET HTTP/1.185.185.20.208/css/previewindex.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hashdef833ca870405099dee0cc9f7bdca07 19bd2e81d4fab5f765e8dc2d418c32e82f6025a1 8db0d2bf8d2252ab6e7338524247ec3bfb8e858e6065355e30a968f043c16ae7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/previewindex.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2056
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/ui.css | 85.185.20.208 | 200 OK | 6.5 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashf2d02e3d654657fa33a5863166844bf8 7f2d0d74e4f8b81c25c67a7b268c266a587b52cb d6c35666096c93fe272af58cb1a90c79a4990f9f3dabefd75a8c7ae314c30995
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/ui.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/previewindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 6470
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/fn.css | 85.185.20.208 | 200 OK | 2.2 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash96bff59ac2e59ce0582ed11078330bd8 61fbb2873022c54ae4294a5a4160206523bb99a5 c9cb55a8ffed1dca8700e79fb579e11bea52a03ca5851ab33080301e645f2e52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/fn.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2213
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/skin.css | 85.185.20.208 | 200 OK | 3.7 kB |
URL GET HTTP/1.185.185.20.208/css/skin.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash65ee71307b112eec928c58b537c51f8c f3932edd7595ea1051d53b9b564d44ae65763f40 faf588e868618c34e2c5c40dcedc276283c0f0182d2073c90a7b717e3a9dd87f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/skin.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 3740
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/alarmindex.css | 85.185.20.208 | 200 OK | 335 B |
URL GET HTTP/1.185.185.20.208/css/alarmindex.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/alarmindex.htm?undefined
Hash55cccaaccb23e19150b5a3bea2e7f2b1 7dc9b93c7c984c466f549ccdcbb06a819a14bdcc 37a09f8be091f5be75b7f20c20ad309d2ff3ac380806a58baf28435603aa906a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/alarmindex.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 335
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/local.png | 85.185.20.208 | 200 OK | 9.4 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typeISO-8859 text, with very long lines (308), with CRLF line terminators Hash0b11f67e59614b912e2ad3eb02c92c8a 580a8593334578445de9ac4e3ead0ba087a53c44 b17ae44a6dda2e42e6e8514e23db77eb81d4e914b4e6d568c4f652ee1819d162
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /local.png HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 9429
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/css/reset.css | 85.185.20.208 | 200 OK | 645 B |
URL GET HTTP/1.185.185.20.208/css/reset.css IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
Hash2b8e62339a37d621cadf321a85314585 faee1fc127555b7f5dc06016762c02c4950f95ec 92555b2667dffa1141cdcfddb17d45aee317ced75647d31950b53eaacee1ecbd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/reset.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 645
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/css/ui.css | 85.185.20.208 | 200 OK | 6.5 kB |
IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hashf2d02e3d654657fa33a5863166844bf8 7f2d0d74e4f8b81c25c67a7b268c266a587b52cb d6c35666096c93fe272af58cb1a90c79a4990f9f3dabefd75a8c7ae314c30995
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/ui.css HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/html/alarmindex.htm?undefined
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 6470
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/css
|
|
| 85.185.20.208/image/allbg.png?version=2.210 | 85.185.20.208 | 200 OK | 1.9 kB |
URL GET HTTP/1.185.185.20.208/image/allbg.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 1 x 600, 8-bit colormap, non-interlaced Hasha98e6e124a4610c0e0aa4e5ebc632ee4 d01f47191118723638fd7bbc22c1476ec3057aaa 54bb9b575dd080f3219d22984f0fe0fd45891f39f3fa57180f588344629a10a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/allbg.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1927
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/pic.png?version=2.210 | 85.185.20.208 | 200 OK | 13 kB |
URL GET HTTP/1.185.185.20.208/image/pic.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 454 x 250, 8-bit/color RGBA, non-interlaced Hash708884eb71bf71058c5971fff6f21467 15d0816dc0766b09970dbdb70f12300e1e97d543 d3fae0c355a6021578e9396b21aa60d24289668bc96222cfd6ef33fae78944c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/pic.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 13139
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/allbg.png?version=2.210 | 85.185.20.208 | 200 OK | 1.9 kB |
URL GET HTTP/1.185.185.20.208/image/allbg.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 1 x 600, 8-bit colormap, non-interlaced Hasha98e6e124a4610c0e0aa4e5ebc632ee4 d01f47191118723638fd7bbc22c1476ec3057aaa 54bb9b575dd080f3219d22984f0fe0fd45891f39f3fa57180f588344629a10a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/allbg.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1927
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/html/playbackindex.htm?undefined | 85.185.20.208 | 200 OK | 8.0 kB |
URL GET HTTP/1.185.185.20.208/html/playbackindex.htm?undefined IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Hash3ae707ce006cda8176f9636575601fc4 4158d92fd0a9e794fe00208b30f0e5e4be7c8082 11095e48e6ad11ee8d296c4c318ea1c6385fd08ef6e73da254c98ca92c25c3a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /html/playbackindex.htm?undefined HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 8009
P3P: CP=CAO PSA OUR
CONTENT-ENCODING: deflate
CONTENT-TYPE: text/html
|
|
| 85.185.20.208/image/icons.png?version=2.210 | 85.185.20.208 | 200 OK | 41 kB |
URL GET HTTP/1.185.185.20.208/image/icons.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 540 x 700, 8-bit/color RGBA, non-interlaced Hash103a1a53ac0ed8833a3f72bed33cfb3e 4a20949ded4e9fd72ed19f3e6b0beec5e0b325ca 6f2d0a745939fcbb19fae51b1dd93c96e4a67e1f1b4f52c12edecf350ba837dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/icons.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 41090
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/pause.png | 85.185.20.208 | 200 OK | 1.8 kB |
URL GET HTTP/1.185.185.20.208/image/pause.png IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typePNG image data, 33 x 67, 8-bit colormap, non-interlaced Hash4fbc328bdf9887ec0d5239b7aebf293b bcb44734b4d92fee5ba3e9960775f1d10e13376b 27bdab92685140f162edbbc61c8aa63bf5aac8149d43638b10c57ce89dc1897d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/pause.png HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/playbackindex.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 1794
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/playbackline.png | 85.185.20.208 | 200 OK | 2.1 kB |
URL GET HTTP/1.185.185.20.208/image/playbackline.png IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typePNG image data, 1 x 400, 8-bit colormap, non-interlaced Hashccd87df08164a507bf1181094c261f16 1d541300f7138b8c4198ba3b8b0abe18e8189020 c98d1d7ba912f1cf8686acbaa12c1ffb20a8d8f2f2fd067c30372f58ed21fb83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/playbackline.png HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/playbackindex.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 2074
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/playback.png | 85.185.20.208 | 200 OK | 19 kB |
URL GET HTTP/1.185.185.20.208/image/playback.png IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
File typePNG image data, 486 x 400, 8-bit colormap, non-interlaced Hash65e99e3b8439a699aad73ae2d819455d 6c17da20a79d38206087cfd6c9aa5863203e7731 bf6fc0bfc643418918ae75b2a068d56ec84bc769b44f11cce408699d9c81771f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/playback.png HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/playbackindex.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 18716
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|
| 85.185.20.208/image/icons.png?version=2.210 | 85.185.20.208 | 200 OK | 41 kB |
URL GET HTTP/1.185.185.20.208/image/icons.png?version=2.210 IP85.185.20.208:80 ASN#58224 Iran Telecommunication Company PJS
Requested byhttp://85.185.20.208/html/previewindex.htm?undefined
File typePNG image data, 540 x 700, 8-bit/color RGBA, non-interlaced Hash103a1a53ac0ed8833a3f72bed33cfb3e 4a20949ded4e9fd72ed19f3e6b0beec5e0b325ca 6f2d0a745939fcbb19fae51b1dd93c96e4a67e1f1b4f52c12edecf350ba837dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image/icons.png?version=2.210 HTTP/1.1
Host: 85.185.20.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://85.185.20.208/css/skin.css
Cookie: DHLangCookie30=%2Fweb_lang%2FEnglish.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
CONNECTION: close
CONTENT-LENGTH: 41090
P3P: CP=CAO PSA OUR
CONTENT-TYPE: image/png
|
|