| 38.18.231.74/workstation/adm.php | 38.18.231.74 | | 904 B |
URL User Request GET 38.18.231.74/workstation/adm.php IP38.18.231.74:0
File typeHTML document, ASCII text Hashaec30911b0754db9e03baf47df005684 8dcaa8b7bd8a622c81dd86125fdd454a35052a8f 7fa06d86a1eb81c1a1dac53afd9e5346811c62162d536b8da0b67c35f75aab7d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/adm.php HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 904
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 38.18.231.74/workstation/bower_components/font-awesome/css/font-awesome.min.css | 38.18.231.74 | 404 Not Found | 274 B |
URL GET HTTP/1.138.18.231.74/workstation/bower_components/font-awesome/css/font-awesome.min.css IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeHTML document, ASCII text Hash47a320e548dddfdf3040e04a198e079e d71d3d56725291eec68431a80442075d15f4216b 5a4b781d6b0b70205334ae73a5f7fa01ba9565da88ad69e64aeaa17526c985f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 274
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 38.18.231.74/workstation/bower_components/animate.css/animate.min.css | 38.18.231.74 | 200 OK | 4.3 kB |
URL GET HTTP/1.138.18.231.74/workstation/bower_components/animate.css/animate.min.css IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeASCII text, with very long lines (57919) Hashbc1a6a99c43f5ccc97d2d350bde13f74 29a6f54569c193ffd6116f03be3eb42359c60eb7 3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/bower_components/animate.css/animate.min.css HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:23 GMT
ETag: "e311-5f5e7851bdec0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4259
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 38.18.231.74/workstation/js/main.js | 38.18.231.74 | 200 OK | 998 B |
URL GET HTTP/1.138.18.231.74/workstation/js/main.js IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeJavaScript source, ASCII text Hash4c88796bd8879febb4924513a18d804e 9efb5f2ed6a8cc40a58896609f6992d709f7f60f 9e4ba8ff7e82c30802a576bbd57f4e3df31708dfaea857c3f61bb3cf462722f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/js/main.js HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:50 GMT
ETag: "9da-5f5e786b7db80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 998
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 38.18.231.74/workstation/node_modules/bootstrap-notify/bootstrap-notify.min.js | 38.18.231.74 | 404 Not Found | 274 B |
URL GET HTTP/1.138.18.231.74/workstation/node_modules/bootstrap-notify/bootstrap-notify.min.js IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeHTML document, ASCII text Hash47a320e548dddfdf3040e04a198e079e d71d3d56725291eec68431a80442075d15f4216b 5a4b781d6b0b70205334ae73a5f7fa01ba9565da88ad69e64aeaa17526c985f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/node_modules/bootstrap-notify/bootstrap-notify.min.js HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 38.18.231.74/workstation/bower_components/remarkable-bootstrap-notify/dist/bootstrap-notify.min.js | 38.18.231.74 | 200 OK | 2.7 kB |
URL GET HTTP/1.138.18.231.74/workstation/bower_components/remarkable-bootstrap-notify/dist/bootstrap-notify.min.js IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeJavaScript source, ASCII text, with very long lines (7883) Hash35eb2c2185524eecb2b772b667552014 a9edf0014d98a9cb514c61b34d2a4babb4a1d4c9 2db9de4f5fc27837d4295df39d94c34ccc336c31d02322f7f7cad69ae8e338da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/bower_components/remarkable-bootstrap-notify/dist/bootstrap-notify.min.js HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:50 GMT
ETag: "1fba-5f5e786b7db80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2651
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 38.18.231.74/workstation/js/login.js | 38.18.231.74 | 200 OK | 257 B |
URL GET HTTP/1.138.18.231.74/workstation/js/login.js IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
Hashe29f9c478aa4211af376fc86861cb284 a081f58f840705f13d47b27bb5401617b6e81975 b513569cd5254fa5786b931d0080e05a67e05e8c5945b318fc2d56079371ba47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/js/login.js HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:50 GMT
ETag: "1f3-5f5e786b7db80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 257
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 38.18.231.74/workstation/css/main.css | 38.18.231.74 | 200 OK | 175 B |
URL GET HTTP/1.138.18.231.74/workstation/css/main.css IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
Hash045f2d94c28b3c073a55d64d42ad3cc0 486067d51e3a604b712f2348b09d9ac3b21ac026 4d7f17c85fc247337a7d70f3993fa104a10f019a5af5131d0a30a55287a0320f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/css/main.css HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:50 GMT
ETag: "c9-5f5e786b7db80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 175
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 38.18.231.74/workstation/bower_components/bootstrap/dist/css/bootstrap.min.css | 38.18.231.74 | 200 OK | 21 kB |
URL GET HTTP/1.138.18.231.74/workstation/bower_components/bootstrap/dist/css/bootstrap.min.css IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeASCII text, with very long lines (65325) Hash450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/bower_components/bootstrap/dist/css/bootstrap.min.css HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:29 GMT
ETag: "235ed-5f5e785776c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20560
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 38.18.231.74/workstation/bower_components/jquery/dist/jquery.min.js | 38.18.231.74 | 200 OK | 31 kB |
URL GET HTTP/1.138.18.231.74/workstation/bower_components/jquery/dist/jquery.min.js IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:38 GMT
ETag: "15851-5f5e78600c080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30677
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 38.18.231.74/workstation/node_modules/bootstrap-notify/bootstrap-notify.min.js | 38.18.231.74 | 404 Not Found | 274 B |
URL GET HTTP/1.138.18.231.74/workstation/node_modules/bootstrap-notify/bootstrap-notify.min.js IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typeHTML document, ASCII text Hash47a320e548dddfdf3040e04a198e079e d71d3d56725291eec68431a80442075d15f4216b 5a4b781d6b0b70205334ae73a5f7fa01ba9565da88ad69e64aeaa17526c985f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/node_modules/bootstrap-notify/bootstrap-notify.min.js HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 274
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 38.18.231.74/workstation/favicon.png | 38.18.231.74 | 200 OK | 159 kB |
URL GET HTTP/1.138.18.231.74/workstation/favicon.png IP38.18.231.74:80
Requested byhttp://38.18.231.74/workstation/adm.php
File typePNG image data, 2400 x 2400, 8-bit/color RGBA, non-interlaced Size159 kB (158609 bytes) Hashbc9ec1ce2b3b187e1c784bdf453c5f74 14e373989429a64e604d8a8f0109410b27a8278c b8dd4e5e40971531462e67f59f5b5a38217da56859711bd99311a21b8e940324
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /workstation/favicon.png HTTP/1.1
Host: 38.18.231.74
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://38.18.231.74/workstation/adm.php
Cookie: PHPSESSID=n4g6s9c6npaem0jquie4tkqo81
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 08:35:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 02 Mar 2023 09:33:22 GMT
ETag: "26b91-5f5e7850c9c80"
Accept-Ranges: bytes
Content-Length: 158609
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|