| 124.6.156.60/main/portal/admin/ | 124.6.156.60 | | 2.0 kB |
URL User Request GET 124.6.156.60/main/portal/admin/ IP124.6.156.60:0
File typeHTML document, ASCII text Hashc10f99288bce17daa01f85f2f16e57e2 02e3463d6023e81419aed3945c7b662bca478b50 430deb2a6946c717777d6f7919ac5ef9c2e34590a94d4517b1825fe6f9cf6dc0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/admin/ HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:24 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Set-Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1996
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
|
|
| 124.6.156.60/main/portal/includes/jscript/JSCookMenu_mini.js | 124.6.156.60 | 200 OK | 4.4 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/includes/jscript/JSCookMenu_mini.js IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeHTML document, ASCII text, with very long lines (449), with CRLF line terminators Hasha1b4bbddc3e6eb2c2d040ced96689e5b 09a13221279b3a971f8aaa6aecaaeeda27c60f91 af9f826e47586180d11df6055cdcce7bddacc909a5ec7315026f80b1a4d29376
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/includes/jscript/JSCookMenu_mini.js HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:24 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:49:34 GMT
ETag: "463d-53f2e05542780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4364
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 124.6.156.60/main/portal/includes/jscript/jquery/ui/css/cupertino/jquery-ui-1.7.2.custom.css | 124.6.156.60 | 200 OK | 5.2 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/includes/jscript/jquery/ui/css/cupertino/jquery-ui-1.7.2.custom.css IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeASCII text, with very long lines (1471) Hash3440b08bc9286614be48a120ac940077 a55e031d2900fa2748bad49452422864923560dd 28475329e14da643e2d7af7b63cea7a9eebbd0aaacd28c99506e42b9c994f4d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/includes/jscript/jquery/ui/css/cupertino/jquery-ui-1.7.2.custom.css HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:24 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:49:46 GMT
ETag: "6b83-53f2e060b4280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5150
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 124.6.156.60/main/portal/includes/jscript/bbyscript.js | 124.6.156.60 | 200 OK | 1.7 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/includes/jscript/bbyscript.js IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
Hashe18dfc835f0f36801daa0db19ac373b1 e2cb08f24037d78cea21eea92cc85a05025b688f 161f293959f932845f4ddc0f9b95ca6fcd7ec9e1a78be8f075d9ae7509c18559
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/includes/jscript/bbyscript.js HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:24 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:49:34 GMT
ETag: "12aa-53f2e05542780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1691
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 124.6.156.60/main/portal/themes/default/css/admin.css.php?thpath=/main/portal/admin/../themes/default | 124.6.156.60 | 200 OK | 1.6 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/themes/default/css/admin.css.php?thpath=/main/portal/admin/../themes/default IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeassembler source, ASCII text Hash16d2e4a3a7470d085d4dad2352246239 9467cab3ae601b3374c76fa305f84b105cc62d29 7584d3ce2e2b8c07a57e51c77b3ddf7f64713fc6cb4276f6fdbe9795c95c89cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/themes/default/css/admin.css.php?thpath=/main/portal/admin/../themes/default HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:24 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1612
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 124.6.156.60/main/portal/includes/jscript/ThemeOffice/theme.css | 124.6.156.60 | 200 OK | 1.2 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/includes/jscript/ThemeOffice/theme.css IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeASCII text, with CRLF line terminators Hashbee610ea35c898f61b379c4f6f3b9662 02887ad47eba58bbc6133314f924ee54e8e4a776 f73a426154089167634b76cb66a24a5c8cfe146e1bdbf85707e08a1626afcbda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/includes/jscript/ThemeOffice/theme.css HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:24 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:49:34 GMT
ETag: "1735-53f2e05542780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 124.6.156.60/main/portal/includes/jscript/JSCookMenu.js | 124.6.156.60 | 200 OK | 8.5 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/includes/jscript/JSCookMenu.js IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeISO-8859 text, with CRLF line terminators Hash235eb0919745d2a4456e109823396cd4 3778abb1ee7dcfe41a3b2edfb36d1d9963d338b8 df4496495be139feeadd886257dc042ec314caf6f9ab1f96b09b38f419d355e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/includes/jscript/JSCookMenu.js HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:25 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:49:34 GMT
ETag: "78e7-53f2e05542780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8545
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 124.6.156.60/var/www/html/main/portal/includes/jscript/jquery-1.3.2.min.js | 124.6.156.60 | 404 Not Found | 336 B |
URL GET HTTP/1.1124.6.156.60/var/www/html/main/portal/includes/jscript/jquery-1.3.2.min.js IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeHTML document, ASCII text Hashf8125bcdeba0462e98b0e2d1fbdea470 48c0cafcfe3bacbd725315eabd93775e1b39834a 3b688ede2f17bf829da900059683fb59086c297a0719f2e88ff31f58554003fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /var/www/html/main/portal/includes/jscript/jquery-1.3.2.min.js HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 29 Mar 2024 11:47:25 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 336
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 124.6.156.60/main/portal/themes/default/images/admin/dps_logo.gif | 124.6.156.60 | 200 OK | 5.6 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/themes/default/images/admin/dps_logo.gif IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeGIF image data, version 89a, 62 x 80 Hash2a7f7e36b5674f54687b168792640b6e 326cc5722f169483e6038e82a1f835eff0a6e467 7dd3e327ad8cdc536ecbb8602e4c81566e6e4e586a752c8a6b9576a247f0986e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/themes/default/images/admin/dps_logo.gif HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:25 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:50:04 GMT
ETag: "15dc-53f2e071deb00"
Accept-Ranges: bytes
Content-Length: 5596
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 124.6.156.60/main/portal/themes/default/images/admin/lock.gif | 124.6.156.60 | 200 OK | 3.4 kB |
URL GET HTTP/1.1124.6.156.60/main/portal/themes/default/images/admin/lock.gif IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeGIF image data, version 89a, 95 x 105 Hashdcfba4767ecf0b04f5158e7c73ef4987 1bea64b4fae38eb621c031a48a78eb5c012d86f0 158de137f53e0b6558357d0fd0c42a1b86e1b6b57bdccbd28573e31deb76add2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main/portal/themes/default/images/admin/lock.gif HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:47:25 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Oct 2016 01:50:04 GMT
ETag: "d6a-53f2e071deb00"
Accept-Ranges: bytes
Content-Length: 3434
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
|
|
| 124.6.156.60/favicon.ico | 124.6.156.60 | 404 Not Found | 286 B |
IP124.6.156.60:80
Requested byhttp://124.6.156.60/main/portal/admin/
File typeHTML document, ASCII text Hash5f18b3cd4113e85966b18de6bc32a1ff 542e405df1591ded77b442ba3154cad556a71056 3c8c4f221eedde86c8a2f25bbd698bd45268e421fd6219081c0217b19d5be669
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 124.6.156.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.6.156.60/main/portal/admin/
Cookie: main_portal_%243%24%2410n=niu3duvq95a70si45u9712l2k1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 29 Mar 2024 11:47:25 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 286
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=tuA8j6rxEBGSr9IcmdNAyAmWY6-RS527Pb045IReY_i7t2MqPMuL4KG__YgidyqFScHfzWJRR5AXFzjnKxNCmBJAKQ4Q19U2k-lX6T4K4Xyav65-uyARI2qKpDtLccR1
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 29 Mar 2024 11:47:45 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 80
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|