| 124.190.34.248/ | 124.190.34.248 | | 0 B |
IP124.190.34.248:0 ASN#1221 Telstra Corporation Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-store
Location: /relogin.htm
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://mymodem.gateway:85
|
|
| 124.190.34.248/relogin.htm | 124.190.34.248 | | 494 B |
URL 124.190.34.248/relogin.htm IP124.190.34.248:0 ASN#1221 Telstra Corporation Ltd
File typeHTML document, ASCII text Hash5ff3f33aafa2fa75c683b900f02ab6be 0a45f23fc92a47ce34f6a18ea2cfcb67067ee5d5 726c6458b24cc624ba65df3202b3fce26c37c932d1d327d7c805a1c3908af504
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /relogin.htm HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:52 GMT
Content-Type: text/html
Content-Length: 494
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-store
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://mymodem.gateway:85
|
|
| 124.190.34.248/favicon.ico | 124.190.34.248 | | 0 B |
URL 124.190.34.248/favicon.ico IP124.190.34.248:0 ASN#1221 Telstra Corporation Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/relogin.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-store
Location: /relogin.htm
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| | 124.190.34.248 | 200 OK | 39 kB |
URL User Request GET HTTP/1.1IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
File typeHTML document, Unicode text, UTF-8 text Hash5aee944b5884165747017e1362005862 7c63e4894a74c2399752632b363ea22fe78adb93 69dccf3b64a9a204d24ce11c6cf82565e92ce8713f5a81ac29dfcc8815e8255f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.htm HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://124.190.34.248/relogin.htm
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: text/html
Content-Length: 38640
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-store
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/css/arc-landing-page.css | 124.190.34.248 | 200 OK | 13 kB |
URL GET HTTP/1.1124.190.34.248/css/arc-landing-page.css IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeASCII text, with CRLF line terminators Hash6cd913ea57a5aae9af1176468b12132c 78010b177b787bbfe2d62a9cd123b1bba38fdca3 b862089eeb0e166a7778593be6fd522a5d50373f2c3a761ee8089cf5b16fcce6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/arc-landing-page.css HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: text/css
Content-Length: 12699
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/state.js | 124.190.34.248 | 200 OK | 10 kB |
URL GET HTTP/1.1124.190.34.248/js/state.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (302) Hashaa5e6065d5aaac220cfd2fc91e48bc7d 009895b823613df3ecee87013e2bf58ab3c06c8e 54ce461354fbe492db18c93f75d8e74829e42a3e948ee6696fd2a9bf6f05a422
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/state.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: application/x-javascript
Content-Length: 10508
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/jquery-1.8.3.min.js | 124.190.34.248 | 200 OK | 94 kB |
URL GET HTTP/1.1124.190.34.248/js/jquery-1.8.3.min.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeJavaScript source, ASCII text, with very long lines (65535) Hashefecd8d5bc48627b2e58f8bf5e85360b 665f3b4490729d593886e5bb6ccd346ea460b3f6 71d8fdeaaa2ec95163559db97d5c876f4db31491e8fcc6f373cd9f238a07b080
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: application/x-javascript
Content-Length: 93581
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/global.js | 124.190.34.248 | 200 OK | 89 kB |
URL GET HTTP/1.1124.190.34.248/js/global.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeJavaScript source, ASCII text, with very long lines (532) Hashb0e0aaee0917c0a66ecd2091fab4b88f 82605abce4ad997453cf68f52a83ba6f8897dd67 759733aefce815675f5e22c37327e99d672ca0217e0c112dfba3545d836b1e31
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/global.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: application/x-javascript
Content-Length: 89386
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/subformvar.js | 124.190.34.248 | 200 OK | 6.1 kB |
URL GET HTTP/1.1124.190.34.248/js/subformvar.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hasha46934eacc49db144369f12d1c877128 caf8364dd3fcb62912b0c6b9e4041ecdd944652a 866ded2fb8170fe699ac32ed2ec7eafdbb520d7ff073dbbb32cc1cb86b69e392
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/subformvar.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:56 GMT
Content-Type: application/x-javascript
Content-Length: 6137
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/maxnum_define.js | 124.190.34.248 | 200 OK | 3.5 kB |
URL GET HTTP/1.1124.190.34.248/js/maxnum_define.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash88b9becbe5baf807a35ae9bbc4626118 09409e1dc9890d2925b2248835d62d78cfbc0cc4 da8518a5b3326eb2be13f42b94566dd87c37f6115535025188e153519cc4886a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/maxnum_define.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:56 GMT
Content-Type: application/x-javascript
Content-Length: 3469
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/menu-super.js | 124.190.34.248 | 200 OK | 3.4 kB |
URL GET HTTP/1.1124.190.34.248/js/menu-super.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash901413beae9660fcad0828fa5ad2289c 43bdb0573159ebb9e65c0b40be61624e17dcce4b 82af137ad40a6086b3239fbbd6609d0a53bb1e66ba8885657ba6b6187514abdd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/menu-super.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:56 GMT
Content-Type: application/x-javascript
Content-Length: 3400
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/main-telstra-min.js | 124.190.34.248 | 200 OK | 183 kB |
URL GET HTTP/1.1124.190.34.248/js/main-telstra-min.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeJavaScript source, ASCII text, with very long lines (1542) Size183 kB (183010 bytes) Hashf43894471d2c0ec86eddb54379b895f7 53c8ffe3ea49eff613ff74109fa17524e713365d ff197e1efdea42d8286526cebb15d7c70019331903b78b833c57327e61e48e69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/main-telstra-min.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: application/x-javascript
Content-Length: 183010
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/popup.js | 124.190.34.248 | 200 OK | 5.8 kB |
URL GET HTTP/1.1124.190.34.248/js/popup.js IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeUnicode text, UTF-8 (with BOM) text Hash1d88d6c3b64c8ed6044dfbc2c7b42a4f fbccd7c65d16e8aa5ce7839874230829f160e1f1 6a009384f2c0aaa7a093d074b14a25e5c0c04f0e5d8c133cfaeec8f653589c1e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/popup.js HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:55 GMT
Content-Type: application/x-javascript
Content-Length: 5832
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_status_online.png | 124.190.34.248 | 200 OK | 675 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_status_online.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash3916eee9f9b242fc54ccfa2546e13841 1ca50e7eac3a8004ec6a28449bc4118e2c09e525 91ea45f3ccdb520aec44fef1c34132e873a525a756c8179eae5219105fad3b3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_status_online.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 675
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_status_link.png | 124.190.34.248 | 200 OK | 377 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_status_link.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash28a0bceb9d7a1591a6305bad6570c1dd 937916691493c978dbd85479175ec6cbba36dbce b5fbcc76bddf689f9189f04611a697af9315afc1b7b9cb30564a2aebccec810c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_status_link.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 377
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_status_mobile.png | 124.190.34.248 | 200 OK | 835 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_status_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash2ce2cede9aaa1f5f70aea155421de908 f41ab7c8d91982d454aaf3f58c40d6199294f927 385d59a671ecf9778417878e4b225aac26f010d0c76f6db9716b4cd1dc4cc4a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_status_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 835
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/pair_button_off.png | 124.190.34.248 | 200 OK | 961 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/pair_button_off.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 33 x 38, 8-bit/color RGBA, non-interlaced Hashe4d926c3f0799abb4c66ceda0915309e 2eb86eed0e6d7fce513070a90df87cfff907484c 327188d28c62a4b4c20646423eebe0ef02b70677cd5840ea728da7c6de70b51b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/pair_button_off.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 961
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_broadband_desktop.png | 124.190.34.248 | 200 OK | 2.5 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_broadband_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash3b442549f4f8443e846798888d0a6c0a a3ea9d5f3273ad489c45c968758933c30964cf9a 935811779ca6f4681793227b609e00cec2dea4f08e12a77c581f1845da8b0a2c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_broadband_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 2474
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_status_signal.png | 124.190.34.248 | 200 OK | 232 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_status_signal.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash74ab859889f9b55c9be2f7ad4fdbff67 9452159b368e692bef65e4b07c2754cc7b1c0703 28d37d5da6a5a6927b06535e71bf1e89536d34e7b66642b751a29a0658420876
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_status_signal.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 232
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/led_off.png | 124.190.34.248 | 200 OK | 323 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/led_off.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hash09f177cee8033bc6a783a1dd152d17c0 7d5720717d4f9c88034764f2f8d64e89ac2e280d 04d1e4fa7339ec275ba1d541324127a27d36843de57dd0977a9bba30c09b084f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/led_off.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/css/arc-landing-page.css
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 323
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/background2.png | 124.190.34.248 | 200 OK | 11 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/background2.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 1919 x 258, 8-bit/color RGBA, non-interlaced Hash867fa008107241fa41a1e85e4190ccd6 71cdbf16ebc4db89810798ae984eb546b8132d54 d775459ae2057841f1ae011183e1443616f6be913521eafb1938fbe77406fe98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/background2.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/css/arc-landing-page.css
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 10781
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_status_phone.png | 124.190.34.248 | 200 OK | 495 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_status_phone.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash9190633cda6d748b47d06dcaf414e48c 6a94d7a1a99c0f2cb729f725c215847a4444d89e 75d2dc7599d12fa13468bd86a864f76c4bf21d9c39786d92fb9f1244e1eab76a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_status_phone.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 495
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/sign_in_button_desktop.png | 124.190.34.248 | 200 OK | 2.1 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/sign_in_button_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 81 x 26, 8-bit/color RGBA, non-interlaced Hash375be4ca29a80045af145e03bb81f7fb 176506a8cd84fa2bd8915178bba08246620aba4c 9050d41d29c8897bc672a586918c50f28593116efe333fcdf0145be0565fa40c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/sign_in_button_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 2129
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/wifi_button_off.png | 124.190.34.248 | 200 OK | 973 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/wifi_button_off.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 35 x 37, 8-bit/color RGBA, non-interlaced Hash95df19bf9cd5bc20ebbae74495487512 850333e7d34d7842144953a3de16dd9e2ac38a69 0aff4caacf25dafb82233c4cb1315cd63dc1492f64c27c1bfc58414bfa57018a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/wifi_button_off.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 973
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_phone_desktop.png | 124.190.34.248 | 200 OK | 1.9 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_phone_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash5c1c80f4d3c3bd74b4fc01f00c53de96 85c23e2050164cd1e741d4c110444ef9130f9798 a8d89607d990f768e1cdb38eb14dfd12f4c452a1abca30338a6c2c08e07835d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_phone_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 1946
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_wifi_desktop.png | 124.190.34.248 | 200 OK | 2.1 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_wifi_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash917b670d2206627bc799437505b924fb de844b5cca495cba4a05f34afdaa8567cc934407 437a5a06544054ade4b42e85572f10f52a8584a7170f352e734d951517723429
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_wifi_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 2087
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/telstra_title.png | 124.190.34.248 | 200 OK | 20 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/telstra_title.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 1920 x 153, 8-bit/color RGBA, interlaced Hash51ef620b5d98b096166975a0edcfd6ed 818e19a2be4543581cd5d5a2f119d10fe7fd8486 7c87266c9155abb0837110fc43df9b15be1bcb579c17076a51d2a842d5e775f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/telstra_title.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 20425
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_optimiser_desktop.png | 124.190.34.248 | 200 OK | 2.0 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_optimiser_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 50 x 50, 8-bit colormap, non-interlaced Hashdde641ba769d4dd8ca4e2cb00ec718ba 57aff0d6f49d63efc13122dc4167c65f60e65968 baf1af8ca9ecd94a144be85f46824d2210dc43dab80f7682d8545e05992acf92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_optimiser_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 1956
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/Icon_DeviceSecurity.png | 124.190.34.248 | 200 OK | 1.1 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/Icon_DeviceSecurity.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 58 x 58, 8-bit/color RGBA, non-interlaced Hashbb79461ff11a2ee5f757190bf9e11f2f d474ed60da049341e7d64c5b847f12f5c1f18d89 5ea13353d4ecad2f311e183f75b97339ca655cda59330d9dda1114d99ff07c73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/Icon_DeviceSecurity.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 1138
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/more_info.png | 124.190.34.248 | 200 OK | 3.1 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/more_info.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 169 x 45, 8-bit/color RGBA, non-interlaced Hashd5a94c41e5d686efa1d2910759ff4a16 308dbaf2ae4137d674564e16f595626864a93673 9c0125f7a65667484aee45d9399f8f6dc37a5060533231ddee75bd592c8293ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/more_info.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 3105
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_telstra_air_desktop.png | 124.190.34.248 | 200 OK | 2.2 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_telstra_air_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash187ccf1e8ff3c244be8bedc485b738bf 6971b8e606a6419386b80a0bde52212f910b93fe 66845a1d70060027717a79f7e3e9d0cf54c5c2c7f61d6aa7a6d122020cc7e70c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_telstra_air_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 2203
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/less_info.png | 124.190.34.248 | 200 OK | 3.5 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/less_info.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 165 x 45, 8-bit/color RGBA, non-interlaced Hashb3b0f83817554644de0e37ca20957e22 c96f0f91539b356e455c9b0436983b28a2ca5119 dabff903276c8017de768c4f9626fb4b923a8e85b8ddbc41da18d39d28e58132
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/less_info.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 3467
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/telstra_logo.png | 124.190.34.248 | 200 OK | 1.5 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/telstra_logo.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 57 x 65, 8-bit/color RGBA, non-interlaced Hashc54b8efef2e2dd9b61fcfd66b3c5a750 3204f3e337ed41699efbf1dd3149fee869a256ad 3ef9905566933193aa027382a83aa60bdf330b8dfa1662e8eeb3c306f3095694
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/telstra_logo.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 1518
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/footer_desktop.png | 124.190.34.248 | 200 OK | 470 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/footer_desktop.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 1920 x 13, 8-bit/color RGBA, non-interlaced Hash00a6aeb6844e722762f206322bd3ef39 eaf164f9b4c454461474b2289d884c299d057a0a 9fa07009466be5425771a9815288f2853ff6586b97b51cc775c8c848621dc6fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/footer_desktop.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 470
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/device_info.png | 124.190.34.248 | 200 OK | 5.0 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/device_info.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 274 x 167, 8-bit/color RGBA, non-interlaced Hash535abad78c0e6c2e16f8b5eeedf759ce 844f8652983193a95389f37b33f7ba9e8120f620 3e05430cf1317dc90c425db1f7205afac0bbacbfd3851bbb10be6d55e5b4be05
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/device_info.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 5026
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/sign_in_button_mobile.png | 124.190.34.248 | 200 OK | 6.7 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/sign_in_button_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 555 x 103, 8-bit/color RGBA, non-interlaced Hashb43c937e9cc1b94804c957915b1bf2f8 f0070f5178611e65f5a375fc1ad2ec5fe48cca71 eff03f083ad3ed4e26bf02a7bef41eae5aa854ef03ca519e0536e3907289a3fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/sign_in_button_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 6742
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_wifi_mobile.png | 124.190.34.248 | 200 OK | 2.5 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_wifi_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hashe6d0399bd2628e39cb7325a2d9a58032 e2697a4fa5e90f6d519c10f92b0501932780edfa 59665c8e0c26de85f2afb05d2aff8911a04f1c03e96c5eabce4c67451bb5b979
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_wifi_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 2503
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_phone_mobile.png | 124.190.34.248 | 200 OK | 2.6 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_phone_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash4755950dc57b4b898edc9c8ce99e281c 1c27ab8b91e4f6d34ced23b44cff95402521ace6 dd07e13f8197326f8396de57168d896e230dd8ca73cf79bda531b2647952d5f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_phone_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 2572
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_boradband_mobile.png | 124.190.34.248 | 200 OK | 3.3 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_boradband_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash91e9dcdc7cf5973c87647af9b0fd0f44 ddff425f49e6f4e6d92ae7ca678c4506cb25012b 3f6b2406e5d64ec2cf2587b5e3605118f4600a941b89cf231227654ab3adce95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_boradband_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 3291
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/back_to_top.png | 124.190.34.248 | 200 OK | 3.1 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/back_to_top.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 85 x 168, 8-bit/color RGBA, non-interlaced Hashcd60bfbbf212c5a8b865ae3203a55617 0f0e705296db48a6a6c89d8a03763596e43195f8 23d6fc328ce9640543648089b13d47db2e4972a9c85ddacefb0fcc09ef147267
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/back_to_top.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 3140
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/Icon_DeviceSecurity-mobile.png | 124.190.34.248 | 200 OK | 3.4 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/Icon_DeviceSecurity-mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash1e74452d7081cdb91dc9993836e70c51 93700b7be89b368149254d62e23e0492f0eb5e38 a2e76a88849a1203cf7fa59375f5ddc3b4999a0435d85849c3889dd809506300
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/Icon_DeviceSecurity-mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 3392
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_optimiser_mobile.png | 124.190.34.248 | 200 OK | 2.4 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_optimiser_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 60 x 60, 8-bit colormap, non-interlaced Hash68b25dd59444b27d90a969fca0459730 95c35e2f03b2f738abcf032d287f3898af362d65 dbd4670e0a2aeba7095b9fe63aa1c5bed14dc5bd86baad35c08385b6067558cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_optimiser_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 2350
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/product_photo.png | 124.190.34.248 | 200 OK | 139 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/product_photo.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 750 x 720, 8-bit/color RGBA, non-interlaced Size139 kB (139162 bytes) Hash2dfb34eb8d613eaef742c12111a3794d c845f3f517e35a90a52eceda50f4406347fa0c45 0296a9f8fc1612b08b6c497adf8d79537f1bafdfb66679a74ed5e2a6084fcf56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/product_photo.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:58 GMT
Content-Type: image/png
Content-Length: 139162
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/icon_telstra_air_mobile.png | 124.190.34.248 | 200 OK | 2.9 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/icon_telstra_air_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash41885de1fc18b758078369dcb6909bef 33fcd1cce63afa54370792a91e2123262fe64bf5 ccaef252fd0ee5b2b0303335a782c0c02c4792b065167e9daa5e8269f3d82098
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/icon_telstra_air_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 2860
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/footer_mobile.png | 124.190.34.248 | 200 OK | 307 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/footer_mobile.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 750 x 7, 8-bit/color RGBA, non-interlaced Hash837a2ff7bbae0b3a91dce455f2d9e11c e797d75af3e4a200f8376bfb250b4028e4ef9e33 65270d470f5b8db7fdd9cdbe56ba42fbb11e93e87dbfa2b5f136d7ade5268629
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/footer_mobile.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 307
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/background.png | 124.190.34.248 | 200 OK | 71 kB |
URL GET HTTP/1.1124.190.34.248/img/landing-page/background.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 1440 x 456, 8-bit/color RGBA, non-interlaced Hash33a1fac35f6699d6c0ba4e5cff7d88f6 1685f11da1bf1d2e39d5fd6733753c3c2cce2210 7f72f5f21c09400fa86f106cebbaa7fd46b762fa9a665474199e2a3468e8904e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/background.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:57 GMT
Content-Type: image/png
Content-Length: 70889
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/Telstra.png | 124.190.34.248 | 200 OK | 1.2 kB |
URL GET HTTP/1.1124.190.34.248/img/Telstra.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash4a14841cfb050ec0f5ea4faf30376250 4d0bc0e97e2730a6ba73fd95d31ef3d28693962c 6f245507a9629f03341a384a25d11e526152c8942834c62d34d6ffc9ab6952a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/Telstra.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: image/png
Content-Length: 1150
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/fake_refresh.js?_tn=296042592&_t=1713445079707&_=1713445079707 | 124.190.34.248 | 200 OK | 0 B |
URL GET HTTP/1.1124.190.34.248/js/fake_refresh.js?_tn=296042592&_t=1713445079707&_=1713445079707 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/fake_refresh.js?_tn=296042592&_t=1713445079707&_=1713445079707 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: application/x-javascript
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445079713&_=1713445079713 | 124.190.34.248 | 200 OK | 475 B |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445079713&_=1713445079713 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash425e06721d4f0b7f1153de76e7944778 9cf51a7787b4631410f6c3f2493721ed4986d4da 6a33d7142b69e7f4c26adf5a8c86891412df0813ffb946edb0fc01ef8de71c4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445079713&_=1713445079713 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:57:59 GMT
Content-Type: application/x-javascript
Content-Length: 475
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_init.js?_tn=296042592&_t=1713445079709&_=1713445079710 | 124.190.34.248 | 200 OK | 2.2 kB |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_init.js?_tn=296042592&_t=1713445079709&_=1713445079710 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash789f4a69bf19703c412576605d8d1a87 639ffaaa7f0142d6496533b4ed72c7652fba9560 a3ba57a1b12fa26877fa61db69b07263643c3d6204d74849b362031f2d60825b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_init.js?_tn=296042592&_t=1713445079709&_=1713445079710 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:00 GMT
Content-Type: application/x-javascript
Content-Length: 2162
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445079711&_=1713445079712 | 124.190.34.248 | 200 OK | 6.5 kB |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445079711&_=1713445079712 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash130571d15445c472b26c1235c63256eb 7e489427fed24147d25e82f9508e7835c1b1758d 8240afd44f6bc7f2a0589195a60d1d0d605fa77ae197599b079c0dda28583fed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_login.js?_tn=296042592&_t=1713445079711&_=1713445079712 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:01 GMT
Content-Type: application/x-javascript
Content-Length: 6503
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445081850 | 124.190.34.248 | 200 OK | 475 B |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445081850 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash425e06721d4f0b7f1153de76e7944778 9cf51a7787b4631410f6c3f2493721ed4986d4da 6a33d7142b69e7f4c26adf5a8c86891412df0813ffb946edb0fc01ef8de71c4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445081850 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:02 GMT
Content-Type: application/x-javascript
Content-Length: 475
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445081854 | 124.190.34.248 | 200 OK | 6.5 kB |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445081854 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash130571d15445c472b26c1235c63256eb 7e489427fed24147d25e82f9508e7835c1b1758d 8240afd44f6bc7f2a0589195a60d1d0d605fa77ae197599b079c0dda28583fed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_login.js?_tn=296042592&_t=1713445081854 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:03 GMT
Content-Type: application/x-javascript
Content-Length: 6503
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445081859&_=1713445081860 | 124.190.34.248 | 200 OK | 6.5 kB |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445081859&_=1713445081860 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash130571d15445c472b26c1235c63256eb 7e489427fed24147d25e82f9508e7835c1b1758d 8240afd44f6bc7f2a0589195a60d1d0d605fa77ae197599b079c0dda28583fed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_login.js?_tn=296042592&_t=1713445081859&_=1713445081860 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:03 GMT
Content-Type: application/x-javascript
Content-Length: 6503
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/wifi_button.png | 124.190.34.248 | 200 OK | 985 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/wifi_button.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 35 x 37, 8-bit/color RGBA, non-interlaced Hash68404fd2f2be8685fc10ad74bfd7adb0 b25344f40a0af2166a4b8d0d3c986578eeba60bf c95d63ff2d348b99bf9e299a769321299d0abc74250845b31da7a5e32eb4e422
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/wifi_button.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:04 GMT
Content-Type: image/png
Content-Length: 985
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/led_green.png | 124.190.34.248 | 200 OK | 338 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/led_green.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 18 x 19, 8-bit/color RGBA, non-interlaced Hash73770302820173fed8954f1616ae9e38 cdc74cde1c04245014df3580d82f057e07ee2ffc ca0c1725d8ae096c098eb85378f9483eef6b55b12c647783d7091293a6bbe89d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/led_green.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/css/arc-landing-page.css
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:04 GMT
Content-Type: image/png
Content-Length: 338
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/img/landing-page/led_red.png | 124.190.34.248 | 200 OK | 257 B |
URL GET HTTP/1.1124.190.34.248/img/landing-page/led_red.png IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
File typePNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced Hashbfb4d32d28dc4a8605414dac0a7a96d5 6a63e7dc9c12799776d86d32195db92661fdc1c5 3fb2c79905b9011960456c48e05fa6a04e1ca6923f0e4bde00bd3f1d7effdd27
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/landing-page/led_red.png HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/css/arc-landing-page.css
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:04 GMT
Content-Type: image/png
Content-Length: 257
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/fake_refresh.js?_tn=296042592&_t=1713445085034&_=1713445085036 | 124.190.34.248 | 200 OK | 0 B |
URL GET HTTP/1.1124.190.34.248/js/fake_refresh.js?_tn=296042592&_t=1713445085034&_=1713445085036 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/fake_refresh.js?_tn=296042592&_t=1713445085034&_=1713445085036 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:05 GMT
Content-Type: application/x-javascript
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445087253 | 124.190.34.248 | 200 OK | 475 B |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445087253 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash425e06721d4f0b7f1153de76e7944778 9cf51a7787b4631410f6c3f2493721ed4986d4da 6a33d7142b69e7f4c26adf5a8c86891412df0813ffb946edb0fc01ef8de71c4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_get_led_rear.js?_tn=296042592&_t=1713445087253 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:07 GMT
Content-Type: application/x-javascript
Content-Length: 475
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash52a1e40d3746c76b0167007994950370 6c5838f16f22c0778bc428242b26ca65bf64683c 5ca94e7f36b9452fe67eeaf4a9898c2003278f9f9151c572b2cc6178afff781a
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:58:08 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=Mi2vJrBzVRgbr94CiYWXxPWcnRv3-3nDdP6kXykpiijliDFw4wWywfUzMBbF0X320k6F_it4FJYmYpBQvEQcWMMsI0MMGhh3hX2WARpwJjhcMFuk6YFO5TxQ4GuaMhbZ
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445087256 | 124.190.34.248 | 200 OK | 6.5 kB |
URL GET HTTP/1.1124.190.34.248/cgi/cgi_login.js?_tn=296042592&_t=1713445087256 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hash130571d15445c472b26c1235c63256eb 7e489427fed24147d25e82f9508e7835c1b1758d 8240afd44f6bc7f2a0589195a60d1d0d605fa77ae197599b079c0dda28583fed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi/cgi_login.js?_tn=296042592&_t=1713445087256 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:09 GMT
Content-Type: application/x-javascript
Content-Length: 6503
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|
| 124.190.34.248/js/fake_refresh.js?_tn=296042592&_t=1713445090359&_=1713445090360 | 124.190.34.248 | 200 OK | 0 B |
URL GET HTTP/1.1124.190.34.248/js/fake_refresh.js?_tn=296042592&_t=1713445090359&_=1713445090360 IP124.190.34.248:80 ASN#1221 Telstra Corporation Ltd
Requested byhttp://124.190.34.248/login.htm
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/fake_refresh.js?_tn=296042592&_t=1713445090359&_=1713445090360 HTTP/1.1
Host: 124.190.34.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://124.190.34.248/login.htm
Cookie: disableLogout=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Thu, 18 Apr 2024 12:58:10 GMT
Content-Type: application/x-javascript
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://124.190.34.248
|
|