Report - 93.67.83.49

Report Overview

Visited public
2023-11-28 12:42:53
Tags
URL
93.67.83.49
Finishing URL
93.67.83.49/WebClient.html
IP / ASN
93.67.83.49
#30722 Vodafone Italia S.p.A.
Title
Web Client

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
93.67.83.49	unknown	unknown	No data	No data	9.9 kB	354 kB	93.67.83.49

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed
2023-11-28	medium	93.67.83.49	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	93.67.83.49/language/english_us/string.js	ScriptElement	23 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/language/english_us/string.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:54 Last Seen2025-04-24 07:56 Times Seen94 Hash 8abd4712acfeb4b50fcbfc926c254dbc c7a524e48791ac96e3b496a6507b80294deddab5 b78925bb475f19b2376d06534a72ed6f8749c07c8aecbe95451dd69233147582 Loading...

	93.67.83.49/script/main_menu.js	ScriptElement	4.7 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/script/main_menu.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:43 Last Seen2025-04-24 07:56 Times Seen206 Hash d0a6cb4852b3edd976f26cd7737fdcaf 63943f76b162946cd2dfb2621f73f8243b9931a7 7325e489c60c8e1155b66aa11889e5e4af956d2dd80e8ba0a33562ed00f91784 Loading...

	unknown	EventHandler	12 B	2023-10-20	2025-04-24
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-10-20 21:15 Last Seen2025-04-24 07:56 Times Seen323 Hash a8cf7a5b84dd64436d5802f2ab03393c 41ddae3b3332950adb0bd587074316d8599c760b a87ee25cb411b176e487366d38530ce88a92a28a43d8f708ba62e50ab4739b67 Loading...

	unknown	ScriptElement	52 kB	2023-03-09	2025-03-06
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:11 Last Seen2025-03-06 22:05 Times Seen20 Hash 3861f92b16e53aac1b7817bdfe793f90 6ee3b48fe27de68c117486f1db6f17d1f606d77f 032fd7851240eb30a36afec8050d734ea7fd42eae589a53d63047e3231c61a94 Loading...

	93.67.83.49/css_style/uistyle.js	ScriptElement	2.2 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/css_style/uistyle.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:07 Last Seen2025-04-24 07:56 Times Seen233 Hash bc4bf860ce512168779948643c45f50e 426941917291d080e9c1f3f75a26b6bb9378755c e5d53c56868885f76444ffae252d0bcad1a8c5a52a1f271344b54bc758b78472 Loading...

	93.67.83.49/script/device_param.js	ScriptElement	13 kB	2023-03-09	2025-03-06
Pretty URL 93.67.83.49/script/device_param.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:11 Last Seen2025-03-06 22:05 Times Seen21 Hash a0e0516b51ac2ad1e1133637ab408cc4 d584ce200084d61c99517150b44c2cf57ae6bbf1 09fba5f3b51681a9a149ad48d9f921fbf050d5e22d5c4be6916a8664aa90d70d Loading...

	93.67.83.49/WebClient.html	ScriptElement	14 B	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/WebClient.html IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:34 Last Seen2025-04-24 07:56 Times Seen323 Hash f2e08104506ec23fbb4239f4c2e43c46 9c04572c33c17d6481c7d14f1d95663ebf955a5a d0a431548b1aff3c507b987300b160617d77149c2d7d9bbb95280ea2c4b11980 Loading...

	93.67.83.49/server.js	ScriptElement	54 B	2023-03-09	2025-03-28
Pretty URL 93.67.83.49/server.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:13 Last Seen2025-03-28 19:11 Times Seen83 Hash 75ac64328dce02d83ed6a341837f524b 424b8182787f6ef747ca4f4fdd0810bf364d972f 4c005d5d02f3fad8b119d8340658eaf086eea40e15575762a5abdf2a8b95587a Loading...

	93.67.83.49/script/login.js	ScriptElement	10 kB	2023-03-08	2025-04-17
Pretty URL 93.67.83.49/script/login.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:07 Last Seen2025-04-17 13:36 Times Seen97 Hash 6b76940d9c2d07ea6bcaacfaf483f351 348ceb4f083f0349669eb6768af72f050bceee3b e749109275b2f709927c040d164208515a3892c2f7241f0f897e3880368143f8 Loading...

	93.67.83.49/script/ctrl_multi_edit.js	ScriptElement	5.6 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/script/ctrl_multi_edit.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34 Last Seen2025-04-24 07:56 Times Seen324 Hash ae054a93cacb2db1c649a1f3c9b3d705 00eef2fe413561a4f0760d88de125715a2749f37 b4d945a8e17efb535abf97fa3e378b34e158397eb261b16756846c81e97018a3 Loading...

	93.67.83.49/script/protocol.js	ScriptElement	28 kB	2023-03-09	2025-03-06
Pretty URL 93.67.83.49/script/protocol.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:11 Last Seen2025-03-06 22:05 Times Seen25 Hash e49396b54eee70e22183d038cdfaa190 cf9ccdbee342d435a156ff67f511aeb2ce738011 d10422d54f2a24471b4c33246249228378e240aaf8b799aef4e0983b9a4b5d77 Loading...

	93.67.83.49/script/main.js	ScriptElement	20 kB	2023-03-09	2025-03-06
Pretty URL 93.67.83.49/script/main.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:13 Last Seen2025-03-06 22:05 Times Seen12 Hash 22d4532e4213b0ede883eef08faadd6a b26ab36169b3b2d29be4aee8e4598822343080af 2444fd60f1804ab985c486f16f91e5ce610c1c4fd301addb2a00888e558a3ad8 Loading...

	93.67.83.49/script/ctrl_generator.js	ScriptElement	3.7 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/script/ctrl_generator.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:43 Last Seen2025-04-24 07:56 Times Seen211 Hash c75af18c7289303233b580be255e57f3 296e287492c9610980e01fcce4f604868b5e2501 5335f46509786ac0aeda3f525e6f29cac0d9d280397f6364b648d39c87e7d85c Loading...

	unknown	EventHandler	14 B	2023-10-20	2025-04-24
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-10-20 21:15 Last Seen2025-04-24 07:56 Times Seen323 Hash d84f428549281e37e774835c63d95888 21dbd8c9cc97b5ab394a69ffe988ccc63facce3f e46206874b1479aec3c1d7141f7bb634123b6eb8ee25bbac4facc7be759a1611 Loading...

	93.67.83.49/WebClient.html	ScriptElement	1.5 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/WebClient.html IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:43 Last Seen2025-04-24 07:56 Times Seen230 Hash 6514f0ab23db3a1eb907be1f821acf73 6271f2ea439810ad97448b633a251c28edc99b10 6a8aa3fe90634bceaa949f7c3d4a7b810e8298e0769e7d0bf5d4128fff66f9fe Loading...

	93.67.83.49/script/live.js	ScriptElement	28 kB	2023-03-09	2025-03-06
Pretty URL 93.67.83.49/script/live.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:11 Last Seen2025-03-06 22:05 Times Seen24 Hash b92bd835b863cc156e1289d2d81efd3d 64b74fb33a382415db3a9cf4cca7e4619703340b e2e8f2e26cfe6340217ffa2983f87b8479959b15a7f13e5e410fe90cbd05412d Loading...

	93.67.83.49/script/ctrl_slider.js	ScriptElement	2.2 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/script/ctrl_slider.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:43 Last Seen2025-04-24 07:56 Times Seen205 Hash 9e59af2fe73446aab0b60a06d7409821 8eebcaeb46bfe4a249c41280a8b748434a7a9911 2ef0d1347306de245f1d32e65971809776c4c53e046c56e378eb3201afc5a4a8 Loading...

	93.67.83.49/script/flush_string.js	ScriptElement	934 B	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/script/flush_string.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34 Last Seen2025-04-24 07:56 Times Seen276 Hash 75281e705d42652cdd0603f626789df9 25f7ad7b08378e22d93c279184e07ebcf9de3198 649aa476241533e9289853262a1a4e8581405e7f7e28b8de65fd1f044d3bbc76 Loading...

	93.67.83.49/script/Load_WebKit.js	ScriptElement	2.3 kB	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/script/Load_WebKit.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:43 Last Seen2025-04-24 07:56 Times Seen187 Hash 6d03205189cdc81bb6322b831f4e989d 0fb310cc0db35768abb21462da2bb14b075d775c fc3016364d71d1b864be199eb010b121585a49eb3129ba3efb57471375f2a2ef Loading...

	93.67.83.49/logo/logo.js	ScriptElement	117 B	2023-03-08	2025-04-24
Pretty URL 93.67.83.49/logo/logo.js IP 93.67.83.49 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:43 Last Seen2025-04-24 07:56 Times Seen254 Hash 14d7a8a2ebdce57cd36471019f557a43 f9556bd307354ad039d159a3428bd04ba67761d7 9fb18cad887bd1324fd64b8ff052bb03a3f8039d251459d9fd85ead09f1c5b6e Loading...

	unknown	EventHandler	10 B	2023-10-20	2025-04-24
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-10-20 21:15 Last Seen2025-04-24 07:56 Times Seen326 Hash 5ba3e99205488aec327d7949e1e7aaf0 ed5795533c072a9a8f9779d6349fff0ca3e8bf12 a2334a4fa68196cb2bacd4288f5cfbc8f0e3021363ecd1575fbb57f93bfcae08 Loading...

		Size	First Seen	Last Seen
	#1 Write - 05d592ca056e1237a1d67faf1d06c590	30 B	2023-03-08 15:34	2025-04-24 07:56
Pretty Observations First Seen2023-03-08 15:34 Last Seen2025-04-24 07:56 Times Seen319 Hash 05d592ca056e1237a1d67faf1d06c590 2dd681e01714783682ae9248ca3f80170e91617e 8d31b4a1980885aee0c448d21c803b20cee95956b20c7a67683d29dbc538dae7 Loading...

HTTP Transactions (28)

URL IP Response Size

93.67.83.49/

93.67.83.49

3.2 kB

URL
93.67.83.49/
IP
93.67.83.49:0
ASN
#30722 Vodafone Italia S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Size
3.2 kB (3233 bytes)
Hash
60bcf4be48fceb7aa434428535d176a7
107a24cf3636dc5052eb94037b24d6ab11fe7b38
5f95428d420237e71af78f2c98e96926bed3ba58b6a0dc5eca197bb1f714a23e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 3233
Content-type: text/html

93.67.83.49/WebClient.html

93.67.83.49

200 OK

47 kB

URL User Request GET HTTP/1.1
93.67.83.49/WebClient.html
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
47 kB (46687 bytes)
Hash
d2472d397a6f9b8289c57d0a5d95cc54
a5b235c683e2be7d95f40284031e80333169f23b
2a97ca463a565053208b5a21cae6b27ade6b03cfe47ec8e22e8ed4739e4656f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WebClient.html HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://93.67.83.49/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 46687
Content-type: text/html

93.67.83.49/server.js

93.67.83.49

200 OK

54 B

URL GET HTTP/1.1
93.67.83.49/server.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with CRLF, LF line terminators
Size
54 B (54 bytes)
Hash
75ac64328dce02d83ed6a341837f524b
424b8182787f6ef747ca4f4fdd0810bf364d972f
4c005d5d02f3fad8b119d8340658eaf086eea40e15575762a5abdf2a8b95587a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /server.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 54
Content-type: application/octet-stream

93.67.83.49/logo/logo.js

93.67.83.49

200 OK

120 B

URL GET HTTP/1.1
93.67.83.49/logo/logo.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
120 B (120 bytes)
Hash
298202ce30f13b1e23d3203aec961917
f30ee08b1a834852eb6cd5ca3b43c4669e5508db
d78544dce7a9adc0b6e2af5c944d2e721b4317a4ee7f003832bcc7cc5518399d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logo/logo.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 120
Content-type: application/octet-stream

93.67.83.49/script/flush_string.js

93.67.83.49

200 OK

934 B

URL GET HTTP/1.1
93.67.83.49/script/flush_string.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (934), with no line terminators
Size
934 B (934 bytes)
Hash
75281e705d42652cdd0603f626789df9
25f7ad7b08378e22d93c279184e07ebcf9de3198
649aa476241533e9289853262a1a4e8581405e7f7e28b8de65fd1f044d3bbc76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/flush_string.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 934
Content-type: application/octet-stream

93.67.83.49/script/Load_WebKit.js

93.67.83.49

200 OK

2.3 kB

URL GET HTTP/1.1
93.67.83.49/script/Load_WebKit.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 text, with very long lines (2077), with no line terminators
Size
2.3 kB (2261 bytes)
Hash
6d03205189cdc81bb6322b831f4e989d
0fb310cc0db35768abb21462da2bb14b075d775c
fc3016364d71d1b864be199eb010b121585a49eb3129ba3efb57471375f2a2ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/Load_WebKit.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 2261
Content-type: application/octet-stream

93.67.83.49/script/login.js

93.67.83.49

200 OK

10 kB

URL GET HTTP/1.1
93.67.83.49/script/login.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (10267), with no line terminators
Size
10 kB (10267 bytes)
Hash
6b76940d9c2d07ea6bcaacfaf483f351
348ceb4f083f0349669eb6768af72f050bceee3b
e749109275b2f709927c040d164208515a3892c2f7241f0f897e3880368143f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/login.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 10267
Content-type: application/octet-stream

93.67.83.49/script/protocol.js

93.67.83.49

200 OK

28 kB

URL GET HTTP/1.1
93.67.83.49/script/protocol.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (27524), with no line terminators
Size
28 kB (27524 bytes)
Hash
e49396b54eee70e22183d038cdfaa190
cf9ccdbee342d435a156ff67f511aeb2ce738011
d10422d54f2a24471b4c33246249228378e240aaf8b799aef4e0983b9a4b5d77

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/protocol.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 27524
Content-type: application/octet-stream

93.67.83.49/script/main.js

93.67.83.49

200 OK

20 kB

URL GET HTTP/1.1
93.67.83.49/script/main.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 text, with very long lines (19540), with no line terminators
Size
20 kB (19752 bytes)
Hash
22d4532e4213b0ede883eef08faadd6a
b26ab36169b3b2d29be4aee8e4598822343080af
2444fd60f1804ab985c486f16f91e5ce610c1c4fd301addb2a00888e558a3ad8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/main.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 19752
Content-type: application/octet-stream

93.67.83.49/css_style/uistyle.js

93.67.83.49

200 OK

2.2 kB

URL GET HTTP/1.1
93.67.83.49/css_style/uistyle.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
2.2 kB (2213 bytes)
Hash
02246033164562fdd20b6fd7411c051d
34300074c1af007da2186f8ef055747f766f20f0
e2d4e60dbae04b3a4fdc8c2418b5e36110172d558cc51d73336c1fbd9da0f2b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css_style/uistyle.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 2213
Content-type: application/octet-stream

93.67.83.49/script/ctrl_multi_edit.js

93.67.83.49

200 OK

5.6 kB

URL GET HTTP/1.1
93.67.83.49/script/ctrl_multi_edit.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (5619), with no line terminators
Size
5.6 kB (5619 bytes)
Hash
ae054a93cacb2db1c649a1f3c9b3d705
00eef2fe413561a4f0760d88de125715a2749f37
b4d945a8e17efb535abf97fa3e378b34e158397eb261b16756846c81e97018a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/ctrl_multi_edit.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 5619
Content-type: application/octet-stream

93.67.83.49/script/device_param.js

93.67.83.49

200 OK

13 kB

URL GET HTTP/1.1
93.67.83.49/script/device_param.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 text, with very long lines (12770), with no line terminators
Size
13 kB (12890 bytes)
Hash
a0e0516b51ac2ad1e1133637ab408cc4
d584ce200084d61c99517150b44c2cf57ae6bbf1
09fba5f3b51681a9a149ad48d9f921fbf050d5e22d5c4be6916a8664aa90d70d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/device_param.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 12890
Content-type: application/octet-stream

93.67.83.49/language/english_us/string.js

93.67.83.49

200 OK

23 kB

URL GET HTTP/1.1
93.67.83.49/language/english_us/string.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
23 kB (22867 bytes)
Hash
3fdaf60345eb2633b1a9f6e6e8f77e0b
cca89ecde9450411a13ab522a440e431d311a10c
535bc0b32162ccfb1263d5fd1af23529a76e2049196b3c88a51c50241ec33f6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /language/english_us/string.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 22867
Content-type: application/octet-stream

93.67.83.49/script/ctrl_slider.js

93.67.83.49

200 OK

2.2 kB

URL GET HTTP/1.1
93.67.83.49/script/ctrl_slider.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (2187), with no line terminators
Size
2.2 kB (2187 bytes)
Hash
9e59af2fe73446aab0b60a06d7409821
8eebcaeb46bfe4a249c41280a8b748434a7a9911
2ef0d1347306de245f1d32e65971809776c4c53e046c56e378eb3201afc5a4a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/ctrl_slider.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 2187
Content-type: application/octet-stream

93.67.83.49/script/ctrl_generator.js

93.67.83.49

200 OK

3.7 kB

URL GET HTTP/1.1
93.67.83.49/script/ctrl_generator.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (3688), with no line terminators
Size
3.7 kB (3688 bytes)
Hash
c75af18c7289303233b580be255e57f3
296e287492c9610980e01fcce4f604868b5e2501
5335f46509786ac0aeda3f525e6f29cac0d9d280397f6364b648d39c87e7d85c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/ctrl_generator.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 3688
Content-type: application/octet-stream

93.67.83.49/script/main_menu.js

93.67.83.49

200 OK

4.7 kB

URL GET HTTP/1.1
93.67.83.49/script/main_menu.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (4730), with no line terminators
Size
4.7 kB (4730 bytes)
Hash
d0a6cb4852b3edd976f26cd7737fdcaf
63943f76b162946cd2dfb2621f73f8243b9931a7
7325e489c60c8e1155b66aa11889e5e4af956d2dd80e8ba0a33562ed00f91784

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/main_menu.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 4730
Content-type: application/octet-stream

93.67.83.49/script/cfg_main.js

93.67.83.49

200 OK

52 kB

URL GET HTTP/1.1
93.67.83.49/script/cfg_main.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (51554), with no line terminators
Size
52 kB (51554 bytes)
Hash
3861f92b16e53aac1b7817bdfe793f90
6ee3b48fe27de68c117486f1db6f17d1f606d77f
032fd7851240eb30a36afec8050d734ea7fd42eae589a53d63047e3231c61a94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/cfg_main.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 51554
Content-type: application/octet-stream

93.67.83.49/script/live.js

93.67.83.49

200 OK

28 kB

URL GET HTTP/1.1
93.67.83.49/script/live.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (27864), with no line terminators
Size
28 kB (27864 bytes)
Hash
b92bd835b863cc156e1289d2d81efd3d
64b74fb33a382415db3a9cf4cca7e4619703340b
e2e8f2e26cfe6340217ffa2983f87b8479959b15a7f13e5e410fe90cbd05412d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/live.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 27864
Content-type: application/octet-stream

93.67.83.49/logo/login_CNB.jpg

93.67.83.49

404 Not found

192 B

URL GET HTTP/1.1
93.67.83.49/logo/login_CNB.jpg
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
192 B (192 bytes)
Hash
f58cdc9974f4349e84fb11916d2213fb
d46f5a6947122495a2adac763952c4e12f5ab645
75fe6e7bb12556bd829beffab5b2d6ec04623b32d56115b623dd26af317e9cb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logo/login_CNB.jpg HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not found
Accept-Encoding: UTF-8
Content-type: text/html
Content-length: 192

93.67.83.49/res/bg.png

93.67.83.49

200 OK

851 B

URL GET HTTP/1.1
93.67.83.49/res/bg.png
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
PNG image data, 1 x 708, 8-bit colormap, non-interlaced\012- data
Size
851 B (851 bytes)
Hash
983db24b038fd6320977a1b9dd56a2d9
a438cb2b033376982cc7efb2a9a366f021e90317
6b29d14c0adf85191a29529fdfcef506935b615d7afbc0ee28cefc1431137746

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/bg.png HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 851
Content-type: image/png

93.67.83.49/res/wait.gif

93.67.83.49

200 OK

3.1 kB

URL GET HTTP/1.1
93.67.83.49/res/wait.gif
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
GIF image data, version 89a, 64 x 64\012- data
Size
3.1 kB (3097 bytes)
Hash
3086289c33aedc9c7cec8d244bdeeabb
7961b6605d9eb5a9f3ac406cb51d3809bacadfaf
c8130f4e1654fa779d5ceb3ed2b2c83c038d4afe904e3714a3c13637f4f9f998

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/wait.gif HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 3097
Content-type: image/gif

93.67.83.49/res/WebClient.ico

93.67.83.49

200 OK

4.3 kB

URL GET HTTP/1.1
93.67.83.49/res/WebClient.ico
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
8e50e8da0c4ded985a90aebc342b80c6
7db0b78a15d56217f1b1ad295c905bfd9acd240e
c9d33a6afa460fbbcedc033160d5d858e60ca8d1b8eb0cdb0b5ee12715b6315a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/WebClient.ico HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 4286
Content-type: application/octet-stream

93.67.83.49/language/english_us/string.js

93.67.83.49

200 OK

23 kB

URL GET HTTP/1.1
93.67.83.49/language/english_us/string.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
23 kB (22867 bytes)
Hash
3fdaf60345eb2633b1a9f6e6e8f77e0b
cca89ecde9450411a13ab522a440e431d311a10c
535bc0b32162ccfb1263d5fd1af23529a76e2049196b3c88a51c50241ec33f6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /language/english_us/string.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 22867
Content-type: application/octet-stream

93.67.83.49/language/english_us/WebKit_update.xml

93.67.83.49

200 OK

257 B

URL GET HTTP/1.1
93.67.83.49/language/english_us/WebKit_update.xml
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
257 B (257 bytes)
Hash
c2ee5bf80df4f37538abb15c2cf6fd14
a1f3d29f0865e11202529cf4ce48947185b4b3a4
b548b4bce5473f22d98fa77a75a79b85eb048e2a43c13b88471232f491e9dd12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /language/english_us/WebKit_update.xml HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 257
Content-type: text/xml

93.67.83.49/script/device_param.js

93.67.83.49

200 OK

13 kB

URL GET HTTP/1.1
93.67.83.49/script/device_param.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
Unicode text, UTF-8 text, with very long lines (12770), with no line terminators
Size
13 kB (12890 bytes)
Hash
a0e0516b51ac2ad1e1133637ab408cc4
d584ce200084d61c99517150b44c2cf57ae6bbf1
09fba5f3b51681a9a149ad48d9f921fbf050d5e22d5c4be6916a8664aa90d70d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/device_param.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 12890
Content-type: application/octet-stream

93.67.83.49/script/cfg_main.js

93.67.83.49

200 OK

52 kB

URL GET HTTP/1.1
93.67.83.49/script/cfg_main.js
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
ASCII text, with very long lines (51554), with no line terminators
Size
52 kB (51554 bytes)
Hash
3861f92b16e53aac1b7817bdfe793f90
6ee3b48fe27de68c117486f1db6f17d1f606d77f
032fd7851240eb30a36afec8050d734ea7fd42eae589a53d63047e3231c61a94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/cfg_main.js HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 51554
Content-type: application/octet-stream

93.67.83.49/res/load_webkit.jpg

93.67.83.49

200 OK

7.8 kB

URL GET HTTP/1.1
93.67.83.49/res/load_webkit.jpg
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 107x101, components 3\012- data
Size
7.8 kB (7787 bytes)
Hash
bfd0cbf7288ab7ab9082173fcb6c5f55
b74062afccc93d32f89838bddb38696fd2dd9854
6f49fa0de134cd2f72d79a6c395828b686157646c592e327c081e6ba6964f61b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/load_webkit.jpg HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 7787
Content-type: image/jpeg

93.67.83.49/res/90x25_btn.jpg

93.67.83.49

200 OK

2.7 kB

URL GET HTTP/1.1
93.67.83.49/res/90x25_btn.jpg
IP
93.67.83.49:80
ASN
#30722 Vodafone Italia S.p.A.

Requested by
http://93.67.83.49/WebClient.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 90x25, components 3\012- data
Size
2.7 kB (2709 bytes)
Hash
68fc542e3d7dc75d527af13350631682
1c0d07ed6b8826567aa1394ad1edb8c63ecbbb3e
f68a0c80976f9bdc9e4f40df8a173585d1708108acf76923bd68067598b9f115

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/90x25_btn.jpg HTTP/1.1
Host: 93.67.83.49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://93.67.83.49/WebClient.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cross Web Server
Content-length: 2709
Content-type: image/jpeg

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN