| mitmdetection.services.mozilla.com/ | 54.230.111.49 | | 0 B |
URL mitmdetection.services.mozilla.com/ IP54.230.111.49:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Sat, 04 May 2024 23:00:37 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bxdfh3bMZKtVEekOrGJorVu875lU8W_dUdwvEZ7NdqGPdfAaJArmQg==
X-Firefox-Spdy: h2
|
|
| 213.194.160.223/index.asp | 213.194.160.223 | | 1.6 kB |
URL 213.194.160.223/index.asp IP213.194.160.223:0 ASN#15704 Xtra Telecom S.A.
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hasha1990a104f3f65656681cb0a0c8d782b dd7a711968012c06091fde39b372bbfa87801663 589b52fe7ecf124b181e6e727891ef96ccad580c273a5bfe35998261154778f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index.asp HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:53 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:46 2013
Content-length: 1577
Content-type: text/html
|
|
| 213.194.160.223/doc/script/jquery-1.7.1.min.js | 213.194.160.223 | 200 OK | 94 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/jquery-1.7.1.min.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery-1.7.1.min.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/index.asp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:53 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 93868
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/script/jquery.cookie.js | 213.194.160.223 | 200 OK | 3.8 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/jquery.cookie.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hasha479f46b2a66d5772f839cdf20c24898 dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1 087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery.cookie.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/index.asp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:54 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 3752
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/page/login.asp | 213.194.160.223 | 200 OK | 2.1 kB |
URL User Request GET HTTP/1.0213.194.160.223/doc/page/login.asp IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash00c01055cf583fe441ab0406bdc8404d afff8954b5070a3d876d6878ab5ef9ecbfe4e85c 7869271b32f78492e64b14687dda8475585a8662fb2cfa79a3e5f0ec467819ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/page/login.asp HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/index.asp
Cookie: language=en; updateTips=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:54 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:46 2013
Content-length: 2120
Content-type: text/html
|
|
| 213.194.160.223/doc/css/base.css | 213.194.160.223 | 200 OK | 933 B |
URL GET HTTP/1.0213.194.160.223/doc/css/base.css IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashc9f676955ddb0002f2cf9ae5c9859dfc 74ccdcdcb2bf5fae840cf6327db5660289c2d055 d22dc2e1a7a128730f7e3399a0ac3734f6ae4c499d09a705c90ece12f204201c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/css/base.css HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:55 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:44 2013
Content-length: 933
Content-type: text/css
|
|
| 213.194.160.223/doc/script/login.js | 213.194.160.223 | 200 OK | 5.3 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/login.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashb3db92981c688b307f0b8d4e2c286f48 a4b6e40b105abe07177da212ec7479b8301e5715 0415a5f68531693e39916b718918b4c9db304c002582918eda43671a438c727a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/login.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:55 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 5287
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/script/jquery-1.7.1.min.js | 213.194.160.223 | 200 OK | 94 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/jquery-1.7.1.min.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery-1.7.1.min.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:55 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 93868
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/script/jquery.cookie.js | 213.194.160.223 | 200 OK | 3.8 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/jquery.cookie.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hasha479f46b2a66d5772f839cdf20c24898 dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1 087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/jquery.cookie.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:55 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 3752
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/script/common.js | 213.194.160.223 | 200 OK | 43 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/common.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1119), with CRLF line terminators Hash6af9be6f89844707dc29b4c6bfedbe23 1744db68468cd3e7715df86980fc56a0384ce681 2860a4601c88bf98c95bf87d0b93ee23c6f291837a33ecf3765b8ad1da46ab8d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/common.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:56 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:24:22 2013
Content-length: 43335
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/css/login.css | 213.194.160.223 | 200 OK | 1.1 kB |
URL GET HTTP/1.0213.194.160.223/doc/css/login.css IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeASCII text, with CRLF line terminators Hash9e92089b4549cecdaa845826bae82620 3557726fdf5fd002aac9535ac7668915e8f1ea25 7b4223ddeb4f586881eeba585bdf55a66937486ec981ae702397f010512e6eca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/css/login.css HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:56 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:44 2013
Content-length: 1096
Content-type: text/css
|
|
| 213.194.160.223/doc/script/Translator.js | 213.194.160.223 | 200 OK | 15 kB |
URL GET HTTP/1.0213.194.160.223/doc/script/Translator.js IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash3a0d9389d8f4ed449fdc9ab591290e3f b6920330b42aa1995d0b20004e38b5700ed45e2c af60da9e04e125a7aadca238a8a705a5e4f8c82a2ce5ada0586f264bd035798a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/script/Translator.js HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:56 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 14942
Content-type: application/x-javascript
|
|
| 213.194.160.223/doc/xml/Languages.xml | 213.194.160.223 | 200 OK | 1.3 kB |
URL GET HTTP/1.0213.194.160.223/doc/xml/Languages.xml IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash9c782342293b882a62aa05a626a33d18 57fbf8d466bc8146b420062592afba9c63684d49 105fcc004494497307a51bfe4a1fafceb757eb726da5673ae5c0fe36d9d2de44
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/xml/Languages.xml HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:57 2024
Server: DVRDVS-Webs
Last-modified: Fri Jun 14 07:13:35 2013
Content-length: 1265
Content-type: text/xml
|
|
| 213.194.160.223/doc/images/login/login_14.png | 213.194.160.223 | 200 OK | 129 kB |
URL GET HTTP/1.0213.194.160.223/doc/images/login/login_14.png IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typePNG image data, 716 x 344, 8-bit/color RGB, non-interlaced Size129 kB (129060 bytes) Hashdb859e67185b84403a07a1d9ac0fe132 13263cef9692e829f62ca73c36d1a8d40de90d0f 19b6254ec63693416842339bed7a1ad549512568fabd9a05d4e9609559474e8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/images/login/login_14.png HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/css/login.css
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:57 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 129060
Content-type: text/plain
|
|
| 213.194.160.223/doc/images/login/input_normal.png | 213.194.160.223 | 200 OK | 2.0 kB |
URL GET HTTP/1.0213.194.160.223/doc/images/login/input_normal.png IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typePNG image data, 200 x 28, 8-bit/color RGB, non-interlaced Hash3d3a6af60c23b872f40d94a78c57fecf 4635f2f6ec8b5c0ca4a0f00e0c15096bf3903c47 750e556dd8f121de8550f1244d956e5d2f6ff20e608e15f6dde2a25cf430bf53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/images/login/input_normal.png HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/css/login.css
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:57 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:40 2013
Content-length: 2000
Content-type: text/plain
|
|
| 213.194.160.223/favicon.ico | 213.194.160.223 | 200 OK | 1.2 kB |
URL GET HTTP/1.0213.194.160.223/favicon.ico IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash89b932fcc47cf4ca3faadb0cfdef89cf bbe285bc080460c8d71e80965e993852e62d438f 7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:58 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:46 2013
Content-length: 1150
Content-type: text/plain
|
|
| 213.194.160.223/doc/xml/en/Login.xml | 213.194.160.223 | 200 OK | 854 B |
URL GET HTTP/1.0213.194.160.223/doc/xml/en/Login.xml IP213.194.160.223:443 ASN#15704 Xtra Telecom S.A.
Requested byhttps://213.194.160.223/doc/page/login.asp CertificateIssuerInternet Widgits Pty Ltd Subject FingerprintF2:CF:AD:74:39:6F:F3:A7:64:B8:97:4F:FE:35:0A:0A:41:F8:23:DF ValidityFri, 23 Nov 2012 12:36:33 GMT - Thu, 20 Aug 2015 12:36:33 GMT
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hash1491dea09bb7fb0897823065a959bc54 8bd6134910e17a107b9a0671ce25fdaa906ddca2 5d8c60ebea2c4a3e3f5c9ae2fe395496a67c56674aa27d9ebd69ab0295b7d308
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /doc/xml/en/Login.xml HTTP/1.1
Host: 213.194.160.223
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://213.194.160.223/doc/page/login.asp
Cookie: language=en; updateTips=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 00:41:58 2024
Server: DVRDVS-Webs
Last-modified: Wed Jun 5 02:00:30 2013
Content-length: 854
Content-type: text/xml
|
|