| 58.56.88.162:9080/reader/login.php | 58.56.88.162 | 200 OK | 8.2 kB |
URL User Request GET HTTP/1.158.56.88.162:9080/reader/login.php IP58.56.88.162:9080
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashc69fc9e1afca8f3f2bdafb2d2490de5e f73d9eb54f29d37b360046109a9fe81b8a12cbaa eb35f0a3dc368ff252ae985cf4c92904bea4144fb2e62129c2f0b4329c1bbb54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /reader/login.php HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:41 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 8244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 58.56.88.162:9080/tpl/js/highlighter.js | 58.56.88.162 | 200 OK | 3.4 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/js/highlighter.js IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashb249b5976884a68b36f795c33ff38ca9 cf79267de7b4f7db0dc8939cdd4af527bf725cab c54a19ab79b65cf0142d5df83a9b9179c9a5f881a8a4d7a51f55fdd3739037da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/highlighter.js HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "d73-55bf204b37ecc"
Accept-Ranges: bytes
Content-Length: 3443
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 58.56.88.162:9080/tpl/js/base64.js | 58.56.88.162 | 200 OK | 6.8 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/js/base64.js IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeJavaScript source, ASCII text Hash0c282d9ab2bb518b96a918b05b2d44c6 86ca53325faf2d6f0367a9abc7db09a244214ebf 04ae29c937820b9b3b79bd8cfae6fabf6cc3f4fc14690ae40106189f23b63990
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/base64.js HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "1a8b-55bf204b37ecc"
Accept-Ranges: bytes
Content-Length: 6795
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 58.56.88.162:9080/tpl/css/font-awesome.css | 58.56.88.162 | 200 OK | 25 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/css/font-awesome.css IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typetroff or preprocessor input, ASCII text, with very long lines (305) Hashe4e5f0ff7d97d2851d8f06c26a4e302b 15e5b5a9c81e2cf89c768a80cd06c6180f35ab04 305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/font-awesome.css HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:24:59 GMT
ETag: "626d-55bf2048a8d87"
Accept-Ranges: bytes
Content-Length: 25197
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 58.56.88.162:9080/tpl/js/md5.js | 58.56.88.162 | 200 OK | 8.8 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/js/md5.js IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeASCII text, with CRLF line terminators Hashee3a962f93b0031161f08e7c6503f961 742ebc274ad08267f56e51e585c8720a32c9e3a5 dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/md5.js HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "227b-55bf204b37ecc"
Accept-Ranges: bytes
Content-Length: 8827
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 58.56.88.162:9080/tpl/css/style.css | 58.56.88.162 | 200 OK | 47 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/css/style.css IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeUnicode text, UTF-8 text, with very long lines (735), with CRLF line terminators Hashfefd78213a7a7d9b5e84adbd4d3eb3ce be1a07775469711b8b80cd90ebae005ea5627341 27dd035fc6644e45a489fff85089df3388677c95f75a2f18277d6a86b1c89850
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/style.css HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Thu, 10 May 2018 02:54:09 GMT
ETag: "b6e1-56bd122364ed6"
Accept-Ranges: bytes
Content-Length: 46817
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 58.56.88.162:9080/tpl/css/mylib.css | 58.56.88.162 | | 3.2 kB |
URL 58.56.88.162:9080/tpl/css/mylib.css IP58.56.88.162:0
File typeASCII text, with CRLF line terminators Hashad1748b899d2f2cb6238bb04173d9a14 6a6930c147f4805f45074dd2a9852372416cafb7 800ace76552305746da07f2d6ca8cad5fd17a295eec61a710117d6bbfbf2295d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/mylib.css HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:24:59 GMT
ETag: "c78-55bf2048a8d87"
Accept-Ranges: bytes
Content-Length: 3192
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| 58.56.88.162:9080/tpl/js/jquery.js | 58.56.88.162 | 200 OK | 87 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/js/jquery.js IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/jquery.js HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Tue, 20 Nov 2018 01:29:13 GMT
ETag: "1538f-57b0e8fa4f791"
Accept-Ranges: bytes
Content-Length: 86927
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 58.56.88.162:9080/tpl/css/ui-lightness/jquery-ui.css | 58.56.88.162 | 200 OK | 36 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/css/ui-lightness/jquery-ui.css IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeASCII text, with very long lines (2363) Hashc4a88ec0cb998929a670c0c58d7dc526 03135a88e8dbc36020dd453d1e7407ce9a3a2cc2 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/css/ui-lightness/jquery-ui.css HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Sat, 16 Dec 2017 09:05:27 GMT
ETag: "8c85-560716b14801e"
Accept-Ranges: bytes
Content-Length: 35973
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 58.56.88.162:9080/reader/captcha.php | 58.56.88.162 | 200 OK | 4.0 kB |
URL GET HTTP/1.158.56.88.162:9080/reader/captcha.php IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typePNG image data, 160 x 40, 8-bit/color RGB, non-interlaced Hashbc529d3d28d07540c558a64eff9f3529 de944eb87035226863cc6404c25dc24ab9c20ff5 31a106209ad3eb5356f9bdbbb841a476f47d2b31bb9356a57e0d77a3af50c8de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /reader/captcha.php HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:43 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
|
|
| 58.56.88.162:9080/tpl/js/jquery-ui.js | 58.56.88.162 | 200 OK | 521 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/js/jquery-ui.js IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeJavaScript source, ASCII text, with very long lines (1002) Size521 kB (520714 bytes) Hashab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/js/jquery-ui.js HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Sat, 16 Dec 2017 09:05:27 GMT
ETag: "7f20a-560716b16e17e"
Accept-Ranges: bytes
Content-Length: 520714
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 58.56.88.162:9080/tpl/images/header_img02.jpg | 58.56.88.162 | 200 OK | 47 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/images/header_img02.jpg IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 407x121, components 3 Hash7c7be8d571b7a0cd12f8b6371e6731b9 4f2cbe9205b43386aa92073ee17200dde549af98 b72d1b7984a1b82da218596a4bd0a25155c107ea05e1314b1653b3039059cf47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/images/header_img02.jpg HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.56.88.162:9080/tpl/css/style.css
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "b709-55bf204aebc0b"
Accept-Ranges: bytes
Content-Length: 46857
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 58.56.88.162:9080/tpl/images/headerBg.jpg | 58.56.88.162 | 200 OK | 431 B |
URL GET HTTP/1.158.56.88.162:9080/tpl/images/headerBg.jpg IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1x121, components 3 Hash3e55da1da89060733a6da34bd9d0a61d f263c668bd97094d106906f1cb767769e1b9083d 7739a1c90956f6b0d8efdd1ae077640f15f3fbdcfed4aa99bc2ee332d4437810
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/images/headerBg.jpg HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.56.88.162:9080/tpl/css/style.css
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "1af-55bf204aebc0b"
Accept-Ranges: bytes
Content-Length: 431
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 58.56.88.162:9080/tpl/images/ilib_logo.png | 58.56.88.162 | 200 OK | 5.8 kB |
URL GET HTTP/1.158.56.88.162:9080/tpl/images/ilib_logo.png IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typePNG image data, 65 x 65, 8-bit/color RGBA, interlaced Hash42051aec1f5bbd8ff4c279fb73b88f51 e9709ac5954081d6a2bbe8a459100e32ceb0f6c5 3baae88d8e4e55160f048fc146bc4837d38111efc863fd3b302eda7766b13099
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tpl/images/ilib_logo.png HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://58.56.88.162:9080/tpl/css/style.css
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:25:02 GMT
ETag: "16aa-55bf204aebc0b"
Accept-Ranges: bytes
Content-Length: 5802
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 58.56.88.162:9080/reader/ajax_ep.php | 58.56.88.162 | 200 OK | 366 B |
URL GET HTTP/1.158.56.88.162:9080/reader/ajax_ep.php IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeHTML document, ASCII text, with CRLF line terminators Hash3e9e8ad42f058e7cc5cde9f94df02d83 0ba8d77afc2e01bd7930c8405fab5b2f02eea8b4 1e1dc8dbe3dc36111d10c08e5a66649db2672e4f68ecfdfd1eba8b483f2409c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /reader/ajax_ep.php HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:44 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 366
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 58.56.88.162:9080/favicon.ico | 58.56.88.162 | 200 OK | 1.4 kB |
URL GET HTTP/1.158.56.88.162:9080/favicon.ico IP58.56.88.162:9080
Requested byhttp://58.56.88.162:9080/reader/login.php
File typeMS Windows icon resource - 1 icon, 16x16, 8 bits/pixel Hash226d26f23bc72004c7c8fc22b4876d84 1f5e6cdbd9fffea91f22b32b8d427c7560856512 b7243ca887a76a65b6c16a13fbc9d928080af461ae2565ee9d9faabf8a403619
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 58.56.88.162:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5jj3m7jfuvgqm1sic44j3f5et5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 11:49:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Fri, 20 Oct 2017 03:24:56 GMT
ETag: "57e-55bf2044e9140"
Accept-Ranges: bytes
Content-Length: 1406
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
|
|