IP65.52.131.198:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document, ASCII text, with CRLF line terminators Hash242c23ea412530c7d94b77a7a978c176 6e8749068fd6b842992e554b4fea32f9089318ad 557b5e9015b4963a130c7039e077b3ec0306d401b6ee13d631721d5d969d2917
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 65.52.131.198
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 15:07:14 GMT
Accept-Ranges: bytes
ETag: "598794b5ad4d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 29 Mar 2024 12:05:57 GMT
Content-Length: 609
|
| 65.52.131.198/zetalents/hrms/login/index.php | 65.52.131.198 | | 887 B |
URL User Request GET 65.52.131.198/zetalents/hrms/login/index.php IP65.52.131.198:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash0912aff815eadda895baa00c704c40cd 1b59e8b32dbb1888e2b8453e2bc891f53109dade 1e6816811fb0e7804b5b8ed886be2830f3dc9a9ca32fa5d33253499952fdf974
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /zetalents/hrms/login/index.php HTTP/1.1
Host: 65.52.131.198
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=windows-1256\r
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: ../login/index.php
Server: Microsoft-IIS/10.0
Set-Cookie: PHPSESSID=2ekrehcdnv56leok4obeajl7d3; path=/
PHPSESSID_ALT=loggedOut; expires=Thu, 04-Sep-2025 04:16:51 GMT; Max-Age=45245454; path=/; httponly
company_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
branch_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
login_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
login_type=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
loged_in=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
byme_emp=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
employee_code=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
employee_code_portal=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
__cfduid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
admin=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
byme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
login=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
login_type_w=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
memberUsername=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
login_type_hr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
login_type_w_hr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
portalMemberUsername=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
temp_key=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
zetalent_login_type=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
X-Powered-By: PHP/5.6.40, ASP.NET
Date: Fri, 29 Mar 2024 12:05:57 GMT
Content-Length: 887
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash4f9d064ed130f33c665f77eec7ecf535 166630ee21d6f9ea9be41eabefb4026796860d36 5d4ad4b241d28f5ae8f0ef5b2d1feb6337b27d51c09c9e87dcdc334ffcfc556f
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 09:08:35 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=L1rjIc1v2_zbIHG9mJPsrFIMZXVpgO2yHuYR5cqOX1AJbS9Mx10c6V5-Fn352mXeR8v04xNry3b4cuvRQQyjvHvxyilW636Deeimgq_WvzmMm3NqnU05r4-t2G6ovx6B
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|