Report - 124.105.225.137/mis/login.php

Report Overview

Submitted URL
124.105.225.137/mis/login.php
IP
124.105.225.137
ASN
#9299 Philippine Long Distance Telephone Company
Submitted
2024-05-07 09:03:01
Access
public
Website Title
BNHS-SHS MIS - Login Form
Final URL
124.105.225.137/mis/login.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
110

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
124.105.225.137	unknown	unknown	No data	No data	39 kB	5.5 MB	124.105.225.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed
2024-05-07	medium	124.105.225.137	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	124.105.225.137/mis/login.php	0 B	2023-03-07	2024-05-19
Pretty URL 124.105.225.137/mis/login.php IP 124.105.225.137 ASN #9299 Philippine Long Distance Telephone Company Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 16:16:18 Times Seen37832314 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	124.105.225.137/mis/assets/js/jquery.min.js	96 kB	2023-03-07	2024-05-19
Pretty URL 124.105.225.137/mis/assets/js/jquery.min.js IP 124.105.225.137 ASN #9299 Philippine Long Distance Telephone Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-05-19 12:13:37 Times Seen10369 Hash 5790ead7ad3ba27397aedfa3d263b867 8130544c215fe5d1ec081d83461bf4a711e74882 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Loading...

	124.105.225.137/mis/assets/bootstrap/js/bootstrap.min.js	36 kB	2024-05-07	2024-05-07
Pretty URL 124.105.225.137/mis/assets/bootstrap/js/bootstrap.min.js IP 124.105.225.137 ASN #9299 Philippine Long Distance Telephone Company Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 11:03:08 Last Seen2024-05-07 11:03:08 Times Seen2 Hash c11a6f8a4709f79c593069e7babd41f0 4d0eb93dc812488a606cd4f98b885fa8bfc0c242 c014e3b36180902c160bb475a516ee6b91084b1e2e5210d1f9a766f265422b1a Loading...

	124.105.225.137/mis/assets/js/announcer.js	3.4 kB	2024-05-07	2024-05-07
Pretty URL 124.105.225.137/mis/assets/js/announcer.js IP 124.105.225.137 ASN #9299 Philippine Long Distance Telephone Company Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 11:03:08 Last Seen2024-05-07 11:03:08 Times Seen2 Hash 540b292b9ac42e0ee72283d0259d7096 511263b8749e51351564d097c0f8ee0669420656 515ab33c9d4f951ce9ac117b0898ce182ad3cc5fdb3a23af926177efaf89a1fa Loading...

	124.105.225.137/mis/assets/js/jquery.js	94 kB	2023-03-07	2024-05-19
Pretty URL 124.105.225.137/mis/assets/js/jquery.js IP 124.105.225.137 ASN #9299 Philippine Long Distance Telephone Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-05-19 15:49:17 Times Seen16991 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

HTTP Transactions (55)

URL IP Response Size

124.105.225.137/mis/login.php

124.105.225.137

200 OK

7.4 kB

URL User Request GET HTTP/1.1
124.105.225.137/mis/login.php
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

File type
HTML document, ASCII text, with CRLF line terminators
Size
7.4 kB (7449 bytes)
Hash
c4e17832b3c5edecedbfa6178801c870
a6cd5e9841e59258bd5a4c56b57667c23133b2f7
238d7f6cb8b55686db87a6fe74f437f0b6f25437df6a20d942796201df12507c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/login.php HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:36 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Set-Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 7449
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

124.105.225.137/mis/assets/css/bootstrap.css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/bootstrap/css/bootstrap-theme.css

124.105.225.137

200 OK

22 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/bootstrap/css/bootstrap-theme.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
ASCII text
Size
22 kB (22334 bytes)
Hash
53442f944ce104d451c7f06f3cf095c3
a809c65dbcf81f7b371c36022b4283a508818610
9c8ee843b9a190e2a86f778a0199c2b68c748a2fa5c6f2b2bbb9b444be1e3cfa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/bootstrap/css/bootstrap-theme.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:36 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 06:59:04 GMT
ETag: "400000001dfeb-573e-51331110dde00"
Accept-Ranges: bytes
Content-Length: 22334
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

124.105.225.137/mis/assets/boostrap/js/bootstrap.min.js

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/style.css

124.105.225.137

200 OK

13 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/style.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
ASCII text
Size
13 kB (13062 bytes)
Hash
a889b1fa662f48398242a77e359c4706
57e475f30c2e9cc66af02126028362c823d9d0f6
fbce234e202916fa2e2e828869150cf1c885cc22b769e37c495e7ed2dc5eb671

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/style.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 10:05:54 GMT
ETag: "400000001e000-3306-51333ad38e480"
Accept-Ranges: bytes
Content-Length: 13062
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

124.105.225.137/mis/assets/css/signin.css

124.105.225.137

200 OK

2.3 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/signin.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
ASCII text
Size
2.3 kB (2317 bytes)
Hash
13d43ca44863e2f374869c34cbd88f26
a63c4f82eea95d6a3b220dbdfb1145b584e16374
4b6a0cc0b057a36f2eb0168581e53c7c6f7c821fc72f5978ebae8f956bc57971

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/signin.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 12:53:22 GMT
ETag: "400000001dfff-90d-5133604213480"
Accept-Ranges: bytes
Content-Length: 2317
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/select2.css

124.105.225.137

200 OK

18 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/select2.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
ASCII text
Size
18 kB (17679 bytes)
Hash
24e9629458609cc1b89e0364b7f4e305
68a33a49cd874c9855e14316b7e28252de4d1e1b
098b72da8a72f92e6393aaacb7d7ebb2a8ebc83315c3f8c864da9c233a00c58b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/select2.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 08:45:10 GMT
ETag: "400000001dffe-450f-513328c7f5180"
Accept-Ranges: bytes
Content-Length: 17679
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/bootstrap/css/bootstrap.min.css

124.105.225.137

200 OK

118 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/bootstrap/css/bootstrap.min.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
ASCII text, with very long lines (65177)
Size
118 kB (118202 bytes)
Hash
db50ff30d3dae437ff1b857021999bf1
95e9566a72705c523b28c6e0e5fd22e44a68b452
4852463fb1cf7cc4059b16769db41d7bb1b4e8d78aba51ad34b285d179ee6643

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:36 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 06:59:04 GMT
ETag: "400000001dfee-1cdba-51331110dde00"
Accept-Ranges: bytes
Content-Length: 118202
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/bootstrap/js/bootstrap.min.js

124.105.225.137

200 OK

36 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/bootstrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
JavaScript source, ASCII text, with very long lines (32052)
Size
36 kB (36146 bytes)
Hash
c11a6f8a4709f79c593069e7babd41f0
4d0eb93dc812488a606cd4f98b885fa8bfc0c242
c014e3b36180902c160bb475a516ee6b91084b1e2e5210d1f9a766f265422b1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 06:59:04 GMT
ETag: "400000001dff7-8d32-51331110dde00"
Accept-Ranges: bytes
Content-Length: 36146
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/announcements.js

124.105.225.137

200 OK

330 B

URL GET HTTP/1.1
124.105.225.137/mis/announcements.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
ASCII text
Size
330 B (330 bytes)
Hash
eaa306298d41957db8f50be82d9ff4de
b560dc0b8e8870a580757337d957246740713b8c
fb3b20384be31dee9ade24a7e60f7d6444c461e73d9283eab5044084571df498

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/announcements.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Thu, 27 Jun 2019 00:49:36 GMT
ETag: "700000001441f-14a-58c43893fe630"
Accept-Ranges: bytes
Content-Length: 330
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/js/jquery.js

124.105.225.137

200 OK

94 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/js/jquery.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
JavaScript source, ASCII text, with very long lines (65483)
Size
94 kB (93636 bytes)
Hash
3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/js/jquery.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:37 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Mon, 24 Dec 2012 07:47:36 GMT
ETag: "10000000338f3-16dc4-4d19469215600"
Accept-Ranges: bytes
Content-Length: 93636
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

124.105.225.137/mis/assets/js/announcer.js

124.105.225.137

200 OK

3.4 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/js/announcer.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
JavaScript source, ASCII text
Size
3.4 kB (3372 bytes)
Hash
540b292b9ac42e0ee72283d0259d7096
511263b8749e51351564d097c0f8ee0669420656
515ab33c9d4f951ce9ac117b0898ce182ad3cc5fdb3a23af926177efaf89a1fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/js/announcer.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Sun, 06 Nov 2016 00:05:42 GMT
ETag: "10000000338e6-d2c-54096ab042180"
Accept-Ranges: bytes
Content-Length: 3372
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:39 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/js/jquery.min.js

124.105.225.137

200 OK

96 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/js/jquery.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
JavaScript source, ASCII text, with very long lines (32047)
Size
96 kB (95931 bytes)
Hash
5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/js/jquery.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:38 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 08 Apr 2015 07:17:18 GMT
ETag: "10000000338f4-176bb-513315242fb80"
Accept-Ranges: bytes
Content-Length: 95931
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:41 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:42 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:42 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:42 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:42 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:42 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:42 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:43 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:43 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/login.php?prev_url=/mis/assets/css/bootstrap.css
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137

302 Found

9.5 kB

URL GET HTTP/1.1
124.105.225.137/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
9.5 kB (9492 bytes)
Hash
93386b01acff04ab9358fcf45de6b022
585eae528f26ea4c78cda532590ef9c847ca8a7a
5580cbf4a5396616208da7a1990880e19ac4308850f535ce29ff9130fdf23a2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.105.225.137/mis/login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 09:02:43 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/login.php?prev_url=/mis/assets/boostrap/js/bootstrap.min.js
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

124.105.225.137/mis/assets/images/sanhs_logo.png

124.105.225.137

200 OK

2.3 MB

URL GET HTTP/1.1
124.105.225.137/mis/assets/images/sanhs_logo.png
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
PNG image data, 1968 x 1975, 8-bit/color RGBA, non-interlaced
Size
2.3 MB (2337364 bytes)
Hash
ebfa2f16fdfcd9c749fd034059f5c824
97563b46cc10b4ec9324dd4a20190b95319cd7ea
7f47286dfcc874e959cd19c63ac5db25f25e03afced52cfb5a936101f13f42b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/images/sanhs_logo.png HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:40 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 09 Jun 2021 06:34:54 GMT
ETag: "60f0000000100fc-23aa54-5c44f78f12a64"
Accept-Ranges: bytes
Content-Length: 2337364
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

124.105.225.137/mis/assets/images/seal.png

124.105.225.137

200 OK

2.3 MB

URL GET HTTP/1.1
124.105.225.137/mis/assets/images/seal.png
IP
124.105.225.137:80
ASN
#9299 Philippine Long Distance Telephone Company

Requested by
http://124.105.225.137/mis/login.php

File type
PNG image data, 1968 x 1975, 8-bit/color RGBA, non-interlaced
Size
2.3 MB (2337364 bytes)
Hash
ebfa2f16fdfcd9c749fd034059f5c824
97563b46cc10b4ec9324dd4a20190b95319cd7ea
7f47286dfcc874e959cd19c63ac5db25f25e03afced52cfb5a936101f13f42b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mis/assets/images/seal.png HTTP/1.1
Host: 124.105.225.137
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.105.225.137/mis/login.php
Cookie: PHPSESSID=2t076cnbngcv7crk8kh0gj8ci2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 09:02:43 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Wed, 09 Jun 2021 06:34:54 GMT
ETag: "400000001e014-23aa54-5c44f78f16787"
Accept-Ranges: bytes
Content-Length: 2337364
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (55)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1