Report - pezhvakweb.medalpacs.net/

Report Overview

Submitted URL
pezhvakweb.medalpacs.net/
IP
185.165.116.32
ASN
#207125 Dadeh Gostar Parmis PJS Company
Submitted
2023-06-06 03:58:59
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pezhvakweb.medalpacs.net	unknown	2019-09-18	2023-02-18	2023-05-17	397 B	446 B	185.165.116.32
78.38.24.69:8080	unknown	unknown	No data	No data	11 kB	920 kB	78.38.24.69

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69
2023-06-06	medium	78.38.24.69

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	78.38.24.69:8080/MedalWeb/Scripts/MPLogin.js	1.4 kB	2023-03-07	2024-02-26
Pretty URL 78.38.24.69:8080/MedalWeb/Scripts/MPLogin.js IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:24:55 Last Seen2024-02-26 18:02:47 Times Seen206 Hash 901bbaa76b851a9de497f3608c2b88f5 c15032bd6821993aacc62c00367a3af500c39f47 211e514ff063c8bfd4b273e91bb75eae38976796a60118eb1b6adb1bad215aae Loading...

	78.38.24.69:8080/MedalWeb/css/MPLogin/jquery/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL 78.38.24.69:8080/MedalWeb/css/MPLogin/jquery/jquery-3.2.1.min.js IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 13:10:13 Times Seen62340 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/bootstrap.js	111 kB	2023-03-08	2024-02-15
Pretty URL 78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/bootstrap.js IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:34:17 Last Seen2024-02-15 02:47:32 Times Seen211 Hash 23a49d81e87ad811700e6db0ac345242 0978bf924f1482805e6d89235768f5074fa22af6 d4b9a08cb76970294b39bfc3c10caae6a4dd82d405bd8c620113211c5a23c877 Loading...

	78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/popper.js	82 kB	2023-03-07	2024-04-24
Pretty URL 78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/popper.js IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-04-24 09:36:58 Times Seen824 Hash 426ce17eeabd071e85b0bb50e5a18c6c 00e2321a61daaf93f57669a81f0484d75eca8158 a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059 Loading...

	78.38.24.69:8080/MedalWeb/css/MPLogin/select2/select2.min.js	67 kB	2023-03-07	2024-04-24
Pretty URL 78.38.24.69:8080/MedalWeb/css/MPLogin/select2/select2.min.js IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-04-24 09:36:58 Times Seen1519 Hash e87ca4c3554f7b9e693605ce12d3a234 fffd0bf48918d33bc612be1fefc120ee23b1a1ee fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04 Loading...

	78.38.24.69:8080/MedalWeb/css/MPLogin/tilt/tilt.jquery.min.js	5.6 kB	2023-03-07	2024-04-21
Pretty URL 78.38.24.69:8080/MedalWeb/css/MPLogin/tilt/tilt.jquery.min.js IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-04-21 06:12:36 Times Seen1647 Hash 034d38aaa44f4ac1723c041d215eb146 6dccde4d78b77b035d9da0396385ade6141864cb 6951eec0a8c0c9b2eab72c4f579765e0f190165822919ddc791bb391096fd7c0 Loading...

	78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx	0 B	2023-03-07	2024-04-25
Pretty URL 78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx IP 78.38.24.69 ASN #58224 Iran Telecommunication Company PJS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:10:48 Times Seen37063179 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (24)

URL IP Response Size

pezhvakweb.medalpacs.net/

185.165.116.32

302 Found

150 B

URL User Request GET HTTP/1.1
pezhvakweb.medalpacs.net/
IP
185.165.116.32:80
ASN
#207125 Dadeh Gostar Parmis PJS Company

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
150 B (150 bytes)
Hash
ef61c180825050362f0f25b5a7816e72
2e1c5127d90efaf04e43731d406d7e088ccdb62e
9926543292964852ba924c72cd810a7bccc530e35613ad510965f225b0fbd795

HTTP Headers

GET / HTTP/1.1
Host: pezhvakweb.medalpacs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://78.38.24.69:8080/medalweb/
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 06 Jun 2023 03:58:42 GMT
Content-Length: 150

78.38.24.69:8080/medalweb/

78.38.24.69

302 Found

154 B

URL User Request GET HTTP/1.1
78.38.24.69:8080/medalweb/
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
ee0c88df37c86cb33e6798dff3ecdafd
c287cfdda635c9bd2e9c25836072e0d54a2b53bb
19a65c1c6c63b8d9d0de35c88652f44745937c69219ebebf881bed54e5223af0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /medalweb/ HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /MedalWeb/Login.aspx?url=Default.aspx
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 154

78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

78.38.24.69

200 OK

2.5 kB

URL User Request GET HTTP/1.1
78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304), with CRLF line terminators
Size
2.5 kB (2465 bytes)
Hash
f5e352361dcbe8cf5b4b5d430b2577ce
5e44d6fbaf2ae5b1a2145e02e3eaf2d3f26bbab7
66d1dca0cf2fb4b7305113a64e68d08b50dd1b5b217aab231703a35b212c7ea0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/Login.aspx?url=Default.aspx HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 2465

78.38.24.69:8080/MedalWeb/css/MPLogin/animate/animate.css

78.38.24.69

200 OK

4.3 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/animate/animate.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text
Size
4.3 kB (4344 bytes)
Hash
57db4a2811f951ff841fb4f77220d95b
b6fd60d18ef742ea5f6979df0cddb35791c4fbe5
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/animate/animate.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "4898aa942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 4344

78.38.24.69:8080/MedalWeb/css/MPLogin/css-hamburgers/hamburgers.min.css

78.38.24.69

200 OK

3.4 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/css-hamburgers/hamburgers.min.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with very long lines (19499), with CRLF line terminators
Size
3.4 kB (3350 bytes)
Hash
f4e16dee11e867f501b9aed5878fe1f3
240a14f6f25bfd3338354f36574c617bb4edc6d7
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "88112da942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 3350

78.38.24.69:8080/MedalWeb/css/MPLogin/select2/select2.css

78.38.24.69

200 OK

3.4 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/select2/select2.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with CRLF line terminators
Size
3.4 kB (3423 bytes)
Hash
475b9ecdf92d2f48642665a34c563048
1a74bff44969c9a029a1a7c1f508ab1becce6f3b
40a167f1ecb856ae5409769ccf98dc71c31fb85978551383ffd54427f5d8800f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/select2/select2.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "acfc23a942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 3423

78.38.24.69:8080/MedalWeb/css/MPLogin/main.css

78.38.24.69

200 OK

2.3 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/main.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2283 bytes)
Hash
17aa9d027f7d2138b33eeffe061d6a68
30b97a1d56a50528385c13995f6906c41626a4ec
78dc4ca6d8d995baad86658796346cd3276ed3f9040bc27932c430a21715fef5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/main.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 01 Nov 2020 12:27:31 GMT
Accept-Ranges: bytes
ETag: "f0fd645e4ab0d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 2283

78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/css/bootstrap.min.css

78.38.24.69

200 OK

29 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/css/bootstrap.min.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with very long lines (65320)
Size
29 kB (28629 bytes)
Hash
3ffbab350748e841d3768b5d1ca48933
262e04cab3c1a51024d4f3960c72ebd3968476a7
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:16 GMT
Accept-Ranges: bytes
ETag: "14dd2a842c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 28629

78.38.24.69:8080/MedalWeb/css/MPLogin/Responsive.css

78.38.24.69

200 OK

1.1 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/Responsive.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1122 bytes)
Hash
e5fb1999a04e2ef8d8397ccc44b3907b
329c7a8b68d66817b96a4908dce2de9b5b6e0382
ad541ba9f358c751ce1bf393662c4a7141ff99f976e4b79b61a8b01aeb012ed0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/Responsive.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "1c642ba942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 1122

78.38.24.69:8080/MedalWeb/css/MPLogin/util.css

78.38.24.69

200 OK

17 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/util.css
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with CRLF line terminators
Size
17 kB (17052 bytes)
Hash
9cabf2d2ce5a30ae04a9a78140e4b73e
1cb5c5c9760ff75c095c00a93ec0887b2f093b94
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/util.css HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "4602ca942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 17052

78.38.24.69:8080/MedalWeb/css/MPLogin/tilt/tilt.jquery.min.js

78.38.24.69

200 OK

2.2 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/tilt/tilt.jquery.min.js
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with very long lines (5640), with no line terminators
Size
2.2 kB (2247 bytes)
Hash
034d38aaa44f4ac1723c041d215eb146
6dccde4d78b77b035d9da0396385ade6141864cb
6951eec0a8c0c9b2eab72c4f579765e0f190165822919ddc791bb391096fd7c0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/tilt/tilt.jquery.min.js HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:15 GMT
Accept-Ranges: bytes
ETag: "3af1fa842c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 2247

78.38.24.69:8080/MedalWeb/css/MPLogin/select2/select2.min.js

78.38.24.69

200 OK

25 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/select2/select2.min.js
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
Unicode text, UTF-8 text, with very long lines (32091)
Size
25 kB (25242 bytes)
Hash
e87ca4c3554f7b9e693605ce12d3a234
fffd0bf48918d33bc612be1fefc120ee23b1a1ee
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/select2/select2.min.js HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "267d23a942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 25242

78.38.24.69:8080/MedalWeb/Scripts/MPLogin.js

78.38.24.69

200 OK

659 B

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/Scripts/MPLogin.js
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with CRLF line terminators
Size
659 B (659 bytes)
Hash
901bbaa76b851a9de497f3608c2b88f5
c15032bd6821993aacc62c00367a3af500c39f47
211e514ff063c8bfd4b273e91bb75eae38976796a60118eb1b6adb1bad215aae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/Scripts/MPLogin.js HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:29 GMT
Accept-Ranges: bytes
ETag: "28bb27b042c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 659

78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/bootstrap.js

78.38.24.69

200 OK

32 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/bootstrap.js
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with very long lines (564)
Size
32 kB (31687 bytes)
Hash
23a49d81e87ad811700e6db0ac345242
0978bf924f1482805e6d89235768f5074fa22af6
d4b9a08cb76970294b39bfc3c10caae6a4dd82d405bd8c620113211c5a23c877

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/bootstrap/js/bootstrap.js HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:15 GMT
Accept-Ranges: bytes
ETag: "c4d345a842c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 31687

78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/popper.js

78.38.24.69

200 OK

28 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/bootstrap/js/popper.js
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
Unicode text, UTF-8 text, with very long lines (337)
Size
28 kB (28414 bytes)
Hash
426ce17eeabd071e85b0bb50e5a18c6c
00e2321a61daaf93f57669a81f0484d75eca8158
a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/bootstrap/js/popper.js HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:15 GMT
Accept-Ranges: bytes
ETag: "53d647a842c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 28414

78.38.24.69:8080/MedalWeb/css/fonts/poppins/Poppins-Regular.ttf

78.38.24.69

404 Not Found

1.2 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/fonts/poppins/Poppins-Regular.ttf
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/fonts/poppins/Poppins-Regular.ttf HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/css/MPLogin/main.css
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 1245

78.38.24.69:8080/MedalWeb/css/fonts/poppins/Poppins-Bold.ttf

78.38.24.69

404 Not Found

1.2 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/fonts/poppins/Poppins-Bold.ttf
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/fonts/poppins/Poppins-Bold.ttf HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/css/MPLogin/main.css
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 1245

78.38.24.69:8080/MedalWeb/css/fonts/montserrat/Montserrat-Bold.ttf

78.38.24.69

404 Not Found

1.2 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/fonts/montserrat/Montserrat-Bold.ttf
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/fonts/montserrat/Montserrat-Bold.ttf HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/css/MPLogin/main.css
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 1245

78.38.24.69:8080/MedalWeb/css/fonts/poppins/Poppins-Medium.ttf

78.38.24.69

404 Not Found

1.2 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/fonts/poppins/Poppins-Medium.ttf
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/fonts/poppins/Poppins-Medium.ttf HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/css/MPLogin/main.css
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 1245

78.38.24.69:8080/MedalWeb/Images/MPLogin-images/img-02.png

78.38.24.69

200 OK

26 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/Images/MPLogin-images/img-02.png
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
PNG image data, 500 x 370, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26433 bytes)
Hash
9afab22bef15dd78749e75527776e00f
37cf2a249e65262bdf0a7e2cacefaa5d23214873
454606087625a5859725aac2efd709567a3737bde2769249f3f90e5e372d310e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/Images/MPLogin-images/img-02.png HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Jan 2020 11:10:10 GMT
Accept-Ranges: bytes
ETag: "0958664bc5d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 26433

78.38.24.69:8080/MedalWeb/Images/MPLogin-images/Mobile.png

78.38.24.69

200 OK

187 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/Images/MPLogin-images/Mobile.png
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
PNG image data, 1069 x 343, 8-bit/color RGBA, interlaced\012- data
Size
187 kB (187226 bytes)
Hash
014817f3c07557f80ec5a83bfa4d4853
a953e7e315456e1f88876875d83cbae1b1c51d7d
5e66f614d048289c3d1708e2982f4600978a4b59ee9d4c260d671b39bcf13f3e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/Images/MPLogin-images/Mobile.png HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 30 Jan 2020 09:20:26 GMT
Accept-Ranges: bytes
ETag: "029a8814ed7d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 187226

78.38.24.69:8080/MedalWeb/Images/MPLogin-images/Mobile%202.png

78.38.24.69

200 OK

473 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/Images/MPLogin-images/Mobile%202.png
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
PNG image data, 1308 x 936, 8-bit/color RGBA, non-interlaced\012- data
Size
473 kB (473239 bytes)
Hash
9669ce2323dd879742317d4f2f83c8eb
36d0a3d9df3ea62f3cf2b1f5d449bdbf93681b89
f4acf3076055afdea7dae295d324ed49f61389b2fa4a8fb0b3fbcf0d8cf7fa92

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/Images/MPLogin-images/Mobile%202.png HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Jan 2020 11:10:10 GMT
Accept-Ranges: bytes
ETag: "0958664bc5d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 473239

78.38.24.69:8080/MedalWeb/Images/MPLogin-images/icons/favicon.ico

78.38.24.69

200 OK

32 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/Images/MPLogin-images/icons/favicon.ico
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
7d4140c76bf7648531683bfa4f7f8c22
c072bf985086c9a05c7ecede6eedaa02f76a840c
4d663e7a6b4e495a7261593d9d5e66489adbf75e029604ff6e65c4f0fcd97cd0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/Images/MPLogin-images/icons/favicon.ico HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 07 Jan 2020 11:10:10 GMT
Accept-Ranges: bytes
ETag: "0958664bc5d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:45 GMT
Content-Length: 32038

78.38.24.69:8080/MedalWeb/css/MPLogin/jquery/jquery-3.2.1.min.js

78.38.24.69

200 OK

39 kB

URL GET HTTP/1.1
78.38.24.69:8080/MedalWeb/css/MPLogin/jquery/jquery-3.2.1.min.js
IP
78.38.24.69:8080
ASN
#58224 Iran Telecommunication Company PJS

Requested by
http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx

File type
ASCII text, with very long lines (32058)
Size
39 kB (38743 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MedalWeb/css/MPLogin/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: 78.38.24.69:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://78.38.24.69:8080/MedalWeb/Login.aspx?url=Default.aspx
Cookie: ASP.NET_SessionId=iofhuibabmq1sqxz04hpjogr
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 10:10:17 GMT
Accept-Ranges: bytes
ETag: "b88d1ba942c5d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Jun 2023 03:58:43 GMT
Content-Length: 38743

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL User Request GET HTTP/1.1

IP

ASN

File type