| 187.11.244.5:8090/login | 187.11.244.5 | | 5.6 kB |
IP187.11.244.5:0 ASN#27699 TELEFONICA BRASIL S.A
File typeHTML document, Unicode text, UTF-8 text Hash81de9b439dcbed743f65ff0125386a7e 5b1ae061be6e23ea9c1aec89674995707cc35a3c 1165ee2b4c56951747f556a2f491ed01a35974908ada5baa49dc9574a1fdb760
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Thu, 28 Mar 2024 08:50:00 GMT
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css | 104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css IP104.17.25.14:443
Requested byhttp://187.11.244.5:8090/login CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65317) Hash6cb5a85b30082e3d59d7e371e002ce8d 0c639634f474b4601a7937f440096185f3a9d8d3 01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://187.11.244.5:8090
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 08:50:01 GMT
content-type: text/css; charset=utf-8
content-length: 18688
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4900"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 479022
expires: Tue, 18 Mar 2025 08:50:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7sYZHQcEJ1YJQwUDrLzfCfJohecjW%2FRFyBmvUPaFM8zrNZkhChLS3q%2F8I7x5izJ2epYzkQfK%2BJNHqAPKpx1T7cvaVndUP7l0CUpEdooHUiejvtWtCefomEYHxniQJ1fQ7oXBsikx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b65ec68b7556b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/feather-icons/4.28.0/feather.min.js | 104.17.25.14 | 200 OK | 17 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/feather-icons/4.28.0/feather.min.js IP104.17.25.14:443
Requested byhttp://187.11.244.5:8090/login CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61490) Hash199d840e1af3952233f1756b75a9b1dd 546be62a3e3d88dc2cf232be12879209b465aef1 5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
GET /ajax/libs/feather-icons/4.28.0/feather.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://187.11.244.5:8090
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 08:50:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 17108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e59-12803"
last-modified: Mon, 04 May 2020 16:10:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10989849
expires: Tue, 18 Mar 2025 08:50:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BFybAFRHL0G7%2Fu0bfJxfXVV7e45JyBVKoymxpsft0f4ZuSpdZ26%2FfLa%2FIL2dgqwdM63RKcupk1aU4rexvb%2F%2BtF7owYWxKx%2BiUAYYP8I7zPh2OqEdaZ9arVPh4DN30%2BYaVV0v4H0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b65ec67b7456b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js IP104.17.25.14:443
Requested byhttp://187.11.244.5:8090/login CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 08:50:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 27990
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "63091225-6d56"
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 535860
expires: Tue, 18 Mar 2025 08:50:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ywCIRWc2dTOwMUAuzviCIDDpj6nI7r52Jb2zRQl0nJGO7bpBIp12L63%2BcK553fiQPUfRXm9P4X6rLyoBIholO0MEgcwd4osEbtnFpC0to9vKvF6NRlDPWxmhNinYNcyRpWSETz7S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b65ec67d61b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js | 151.101.1.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js IP151.101.1.229:443
Requested byhttp://187.11.244.5:8090/login CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://187.11.244.5:8090
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: br
accept-ranges: bytes
date: Thu, 28 Mar 2024 08:50:01 GMT
age: 16447849
x-served-by: cache-fra-etou8220114-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
X-Firefox-Spdy: h2
|
|
| 187.11.244.5:8090/assets/js/scripts.js | 187.11.244.5 | 200 | 3.1 kB |
URL GET HTTP/1.1187.11.244.5:8090/assets/js/scripts.js IP187.11.244.5:8090 ASN#27699 TELEFONICA BRASIL S.A
Requested byhttp://187.11.244.5:8090/login
File typeJavaScript source, ASCII text Hashd006a662956a36f2d8692b8442ed0a6b d347930234ecdb23168a9cdd1d580be4867324ce fc4f41b0bf368fb7ba1d8faf475000955ff678176fde36bcb6bc839d773e9c13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/scripts.js HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Last-Modified: Tue, 03 Oct 2023 10:35:53 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 3059
Date: Thu, 28 Mar 2024 08:50:00 GMT
|
|
| 187.11.244.5:8090/assets/css/styles.css | 187.11.244.5 | 200 | 406 kB |
URL GET HTTP/1.1187.11.244.5:8090/assets/css/styles.css IP187.11.244.5:8090 ASN#27699 TELEFONICA BRASIL S.A
Requested byhttp://187.11.244.5:8090/login
File typeUnicode text, UTF-8 text, with very long lines (629) Size406 kB (405645 bytes) Hash4f1a75c64c22d4147d9bae1ba337eaf8 4874feac3ba39def34c220b54b57f3e98a0468fe 96e4186717f798d88dd76123b8e8421613df3fb7453b671c55ba556fc44ed324
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/styles.css HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Last-Modified: Tue, 03 Oct 2023 10:35:53 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 405645
Date: Thu, 28 Mar 2024 08:50:00 GMT
|
|
| 187.11.244.5:8090/assets/images/login/webeasy_logo.png | 187.11.244.5 | 200 | 4.3 kB |
URL GET HTTP/1.1187.11.244.5:8090/assets/images/login/webeasy_logo.png IP187.11.244.5:8090 ASN#27699 TELEFONICA BRASIL S.A
Requested byhttp://187.11.244.5:8090/login
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hashc0da541d8c4ca17920fb0e63ac1ff78f 671f8e852694bee7d4075fd257d43920271a40fc 3dbad4dcf666df2533b53972dcda0d670ebfec757db9689e453a4ff9c517d1ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/login/webeasy_logo.png HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Last-Modified: Tue, 03 Oct 2023 10:35:53 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4346
Date: Thu, 28 Mar 2024 08:50:03 GMT
|
|
| 187.11.244.5:8090/assets/fonts/metropolis/Metropolis-Regular.otf | 187.11.244.5 | 200 | 23 kB |
URL GET HTTP/1.1187.11.244.5:8090/assets/fonts/metropolis/Metropolis-Regular.otf IP187.11.244.5:8090 ASN#27699 TELEFONICA BRASIL S.A
Requested byhttp://187.11.244.5:8090/login
Hashf7b5e589f88206b4bd5cb1408c5362e6 dc10ba3cd5aea203f7d0f5af99e72163514a55d5 6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/metropolis/Metropolis-Regular.otf HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/assets/css/styles.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Last-Modified: Tue, 03 Oct 2023 10:35:53 GMT
Accept-Ranges: bytes
Content-Type: application/x-font-opentype
Content-Length: 23124
Date: Thu, 28 Mar 2024 08:50:03 GMT
|
|
| 187.11.244.5:8090/assets/images/login/logonelsys.png | 187.11.244.5 | 200 | 24 kB |
URL GET HTTP/1.1187.11.244.5:8090/assets/images/login/logonelsys.png IP187.11.244.5:8090 ASN#27699 TELEFONICA BRASIL S.A
Requested byhttp://187.11.244.5:8090/login
File typePNG image data, 811 x 241, 8-bit/color RGBA, non-interlaced Hashf0f6fd6c96490bbd8e8ecd36d3c8888f 42b1ef8283ae20fffffb0f4a83ca45db00dc2de9 ba159a27ed7be1a607cb9d4f744c07c9352325cc5bfb927bb439872d2cad1220
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/login/logonelsys.png HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Last-Modified: Tue, 03 Oct 2023 10:35:53 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 23766
Date: Thu, 28 Mar 2024 08:50:03 GMT
|
|
| 187.11.244.5:8090/assets/img/favicon.png | 187.11.244.5 | 200 | 2.6 kB |
URL GET HTTP/1.1187.11.244.5:8090/assets/img/favicon.png IP187.11.244.5:8090 ASN#27699 TELEFONICA BRASIL S.A
Requested byhttp://187.11.244.5:8090/login
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash8fd55f90c6cb6289dc9af1f31739878a ee687885dc957d716db7140c9a883428ff12ccaf 485468749cdbb45f879b511548c6941bff246307c7ef60c55ca8c5930e0f8838
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/favicon.png HTTP/1.1
Host: 187.11.244.5:8090
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://187.11.244.5:8090/login
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:8090
Last-Modified: Tue, 03 Oct 2023 10:35:53 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2624
Date: Thu, 28 Mar 2024 08:50:03 GMT
|
|