| 62.212.226.194/admin/dm-launcher.msi | 62.212.226.194 | 200 OK | 9.7 kB |
URL User Request GET HTTP/1.162.212.226.194/admin/dm-launcher.msi IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
File typeHTML document, ASCII text, with very long lines (6259) Hash79b94df062452942a2f6c76dcabf09ba 32ebc1ef21db2652346878e530d47c1514cf28ee 086a03524c50f2d21d305262901a93904f192231aefa171eb90ead2e4845875d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /admin/dm-launcher.msi HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: text/html
Content-Length: 9742
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:54 GMT
ETag: "661e0ab6-260e"
Accept-Ranges: bytes
|
|
| 62.212.226.194/runtime.acd32fa6e04c165790d0.js | 62.212.226.194 | 200 OK | 2.9 kB |
URL GET HTTP/1.162.212.226.194/runtime.acd32fa6e04c165790d0.js IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
File typeJavaScript source, ASCII text, with very long lines (2946), with no line terminators Hash16fdc80ac694ecb14cf3ca97bfff38c1 bb80f235ccf70c97a14c75b93987219c4a145ab4 367f11f3bb1cdeac7fc77bdf25b01282773adb93a72d7907b7b4c78a4065a63f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /runtime.acd32fa6e04c165790d0.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 2946
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-b82"
Accept-Ranges: bytes
|
|
| 62.212.226.194/polyfills.af904fdfac577cb36dfa.js | 62.212.226.194 | 200 OK | 38 kB |
URL GET HTTP/1.162.212.226.194/polyfills.af904fdfac577cb36dfa.js IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
File typeJavaScript source, ASCII text, with very long lines (37450), with no line terminators Hashe50a2a6d8a6e4eb665ec545a6c33fd5e 02a90687c8d8b645cb14bbf7cbf75d8c62c3c160 c97174a9bc162b3c11490317c5f916548bdc86ca4893e38ac9ec886c2a906a6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.af904fdfac577cb36dfa.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 37450
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-924a"
Accept-Ranges: bytes
|
|
| 62.212.226.194/scripts.8702c3c79ce5d458da2a.js | 62.212.226.194 | 200 OK | 481 kB |
URL GET HTTP/1.162.212.226.194/scripts.8702c3c79ce5d458da2a.js IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size481 kB (480617 bytes) Hash58becb9855d065106110035746d8ad43 368a34aafb0069345a21db38cd76b21e18027058 956d1b97acc1127b92c50aea87438d506e6d18a4899fd7fc95affc164fcc18d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts.8702c3c79ce5d458da2a.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 480617
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-75569"
Accept-Ranges: bytes
|
|
| pro.fontawesome.com/releases/v5.14.0/css/all.css | 104.18.40.68 | 200 OK | 799 kB |
URL GET HTTP/2pro.fontawesome.com/releases/v5.14.0/css/all.css IP104.18.40.68:443
Requested byhttp://62.212.226.194/admin/dm-launcher.msi CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Size799 kB (798595 bytes) Hash5d1b1f37123dade8f81521bc36e534d3 a5cd141e793573ea04c69b3dd75b32eb4729f202 84dc3d0e828150665d54435ab0b97570a8157c0416664d5a99d4e19389218202
GET /releases/v5.14.0/css/all.css HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 12:43:08 GMT
content-type: text/css
x-amz-id-2: dPNQMHebB85ZT6b3dWj2uwuzgtkmMbxGzbbkV0UFQZ6vOiZ8My8gHT/bfdka4ysv8L+70e6eR/Y=
x-amz-request-id: W2C7XP0KMF45R1K2
last-modified: Mon, 28 Jun 2021 17:12:47 GMT
etag: W/"1dfe138ae594553bc5ddec1f1f1ef389"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 12200216
vary: Accept-Encoding
server: cloudflare
cf-ray: 8754426279c5b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 IP216.58.207.227:443
Requested byhttp://62.212.226.194/admin/dm-launcher.msi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19156, version 1.0 Hash0ceb759015a6df090ad355231fdb39f1 b947749baab5bfa0bee35d31e5a5050d4beefe9b db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
GET /s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://62.212.226.194
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:30:42 GMT
expires: Fri, 11 Apr 2025 02:30:42 GMT
cache-control: public, max-age=31536000
age: 468747
last-modified: Tue, 02 May 2023 16:04:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 62.212.226.194/main.aa7ae144848883b050e6.js | 62.212.226.194 | 200 OK | 4.7 MB |
URL GET HTTP/1.162.212.226.194/main.aa7ae144848883b050e6.js IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size4.7 MB (4712793 bytes) Hash6c30837ae23225b58b1357a9e441c1dc 25e2a0c6798eff6b78d9fe48ecf32aba6c1195e0 8d8bc2784c86353f000389c2bb00bd95244b50f5123bb09d5f58dc0174663c18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main.aa7ae144848883b050e6.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 4712793
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-47e959"
Accept-Ranges: bytes
|
|
| 62.212.226.194/assets/images/logo-l.png | 62.212.226.194 | 200 OK | 11 kB |
URL GET HTTP/1.162.212.226.194/assets/images/logo-l.png IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
File typePNG image data, 195 x 200, 8-bit/color RGBA, non-interlaced Hash0dbf0b582f6badaa463631dc0a12ac73 d3c036b269582a3095e4834fd1ae7bfba52a48d7 5e3f5632af38493412cece112883ad96cada8f0fc19c909c2745efbb9b5e0c13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/logo-l.png HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:10 GMT
Content-Type: image/png
Content-Length: 10812
Connection: keep-alive
Last-Modified: Sun, 14 Apr 2024 15:24:28 GMT
ETag: "661bf52c-2a3c"
Accept-Ranges: bytes
|
|
| 62.212.226.194/assets/i18n/az.json | 62.212.226.194 | 200 OK | 8.7 kB |
URL GET HTTP/1.162.212.226.194/assets/i18n/az.json IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
Hash9f63c608ced7f76313ab1a86b17b275b e6e1de0e5ecc9273aa1ae5f06390822b91d568ba 9d55ace49ca13aca0bb14424cef06fd72c40b08b9c4ec9f46d540f3a0b28cf38
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/i18n/az.json HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:10 GMT
Content-Type: application/json
Content-Length: 8696
Connection: keep-alive
Last-Modified: Sun, 14 Apr 2024 15:24:28 GMT
ETag: "661bf52c-21f8"
Accept-Ranges: bytes
|
|
| 62.212.226.194/styles.da36ce98f1f3591393ab.css | 62.212.226.194 | 200 OK | 766 kB |
URL GET HTTP/1.162.212.226.194/styles.da36ce98f1f3591393ab.css IP62.212.226.194:80 ASN#29049 Delta Telecom Ltd
Requested byhttp://62.212.226.194/admin/dm-launcher.msi
Size766 kB (765903 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles.da36ce98f1f3591393ab.css HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: text/css
Content-Length: 765903
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-bafcf"
Accept-Ranges: bytes
|
|
| fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap | 142.250.74.106 | 200 OK | 8.9 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap IP142.250.74.106:443
Requested byhttp://62.212.226.194/admin/dm-launcher.msi CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (9068), with no line terminators Hash3462a4b3d3c9e6124ab5aa73499a04db a096b3d89dee3f2b79a875c5a8062bc9054581e5 50c90a520ce6e9ffa67c2a0898a58f76fc69319c1284af0090c0adaba4503d26
GET /css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 12:43:09 GMT
date: Tue, 16 Apr 2024 12:43:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;body,html{height:100%;}body{font-family:Roboto,Helvetica%20Neue,sans-serif;}:root{--bs-blue: | 142.250.74.106 | 400 Bad Request | 0 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;body,html{height:100%;}body{font-family:Roboto,Helvetica%20Neue,sans-serif;}:root{--bs-blue: IP142.250.74.106:443
Requested byhttp://62.212.226.194/admin/dm-launcher.msi CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css2?family=IBM+Plex+Sans:wght@300;body,html{height:100%;}body{font-family:Roboto,Helvetica%20Neue,sans-serif;}:root{--bs-blue: HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 12:43:08 GMT
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|