| 202.124.178.117/ | 202.124.178.117 | | 162 B |
IP202.124.178.117:0 ASN#18001 Dialog Axiata PLC.
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 26 Apr 2024 21:58:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://202.124.178.117/
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
|
|
| 202.124.178.117/ | 202.124.178.117 | | 78 B |
IP202.124.178.117:0 ASN#18001 Dialog Axiata PLC.
File typeHTML document, ASCII text Hashb605f5290a2538d7ce8a641010726671 6a047f71895f2ea15d7367a1f9a8a2fb4b7ba544 63ab1de582fe1050b9db3bfa2481e23bb30a191d5d55ae7f45c3788abcce2248
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: text/html
content-length: 78
last-modified: Wed, 31 Jan 2024 09:35:38 GMT
etag: "65ba146a-4e"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/styles/new_style.css?s=1695735628 | 202.124.178.117 | 200 OK | 772 B |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/styles/new_style.css?s=1695735628 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
Hash626037a8583dbac672bb46afe49b9a23 234e16c54afdb1d6a6bbd1c1025c29058412d05e 5d3c86fe1a7abea13515fd414c656c902677c70cf016d3a0b3dcafd451cd3b1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/styles/new_style.css?s=1695735628 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: text/css
content-length: 772
last-modified: Tue, 26 Sep 2023 13:40:28 GMT
etag: "6512df4c-304"
expires: Sat, 27 Apr 2024 21:58:23 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/images/bg.jpg | 202.124.178.117 | 200 OK | 217 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/images/bg.jpg IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3 Size217 kB (217417 bytes) Hash1b2417485643eaf2e0e539fbdec2fd17 14851254dd11333a4b0b6a852f17dbae87dc19d0 32547d57884287bfc25a47b7f22bb7cdece295da8234d5b9c9c2716d6ba1e017
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/images/bg.jpg HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://202.124.178.117/
DNT: 1
Connection: keep-alive
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:24 GMT
content-type: image/jpeg
content-length: 217417
last-modified: Tue, 26 Sep 2023 13:40:29 GMT
etag: "6512df4d-35149"
expires: Sat, 27 Apr 2024 21:58:24 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/deps/bootstrap.min.css?s=1695735629 | 202.124.178.117 | 200 OK | 74 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/deps/bootstrap.min.css?s=1695735629 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typegzip compressed data, from Unix Hashe5af1600076eb36ae60f965e63c6384e 479cd334da8314d3a5803097ad58b9d8ac3c77e5 0b13873b1ca19ea25461bff2f0e25d247dc6d58cf657c7fc4f5d64a9ee2accab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/deps/bootstrap.min.css?s=1695735629 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 13:40:29 GMT
vary: Accept-Encoding
etag: W/"6512df4d-2725b"
expires: Sat, 27 Apr 2024 21:58:23 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/fonts/fa-solid-900.woff2 | 202.124.178.117 | 200 OK | 75 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/fonts/fa-solid-900.woff2 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75440, version 329.-1049 Hashb5cf8ae26748570d8fb95a47f46b69e1 07bed153d47f9129a944ee54dd72952deed074c8 cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/fonts/fa-solid-900.woff2 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://202.124.178.117/
DNT: 1
Connection: keep-alive
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:24 GMT
content-type: application/octet-stream
content-length: 75440
last-modified: Tue, 26 Sep 2023 13:40:28 GMT
etag: "6512df4c-126b0"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/fonts/roboto-v29-regular.woff2 | 202.124.178.117 | 200 OK | 50 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/fonts/roboto-v29-regular.woff2 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 50240, version 1.0 Hash184a2a669cf798f8d80bcfba041c3ecf b8dbbf83b27b5e4f5588f997685b2ccfecf97ff6 659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/fonts/roboto-v29-regular.woff2 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://202.124.178.117/
DNT: 1
Connection: keep-alive
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:24 GMT
content-type: application/octet-stream
content-length: 50240
last-modified: Tue, 26 Sep 2023 13:40:27 GMT
etag: "6512df4b-c440"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/images/favicon.ico?s=1695735628 | 202.124.178.117 | 200 OK | 98 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/images/favicon.ico?s=1695735628 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typegzip compressed data, from Unix Hashd0e49cf68ed40ec54d838c19f4b6adf3 ad5e08d45e4727f1624daa5c21bcd38473a12022 1bf59202c689b135bffbe64d7562a049a49cb1db590337306e54d3a4a5952d39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/images/favicon.ico?s=1695735628 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:24 GMT
content-type: image/x-icon
last-modified: Tue, 26 Sep 2023 13:40:28 GMT
vary: Accept-Encoding
etag: W/"6512df4c-5a596"
expires: Sat, 27 Apr 2024 21:58:24 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| | 202.124.178.117 | 200 OK | 6.2 kB |
URL User Request GET HTTP/2IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typegzip compressed data, from Unix Hash301b0477a831a337f074bbb38fa974ff 2fae66d6fd83132c6b0336c865f562af88514b99 6a6ec6929416acd73e1c90e38709ac7958e97ac4f743191da2aea273442b5fe9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/ HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n; path=/; secure; HttpOnly
expires: Fri, 26 Apr 2024 21:58:23 GMT
last-modified: Fri, 26 Apr 2024 21:58:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-frame-options: sameorigin
content-language: en
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/styles/styles.min.css?s=1695735628 | 202.124.178.117 | 200 OK | 120 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/styles/styles.min.css?s=1695735628 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size120 kB (120302 bytes) Hash9fb7568fed3bee7b1976ff43e4ae1ccc fec75502a25d4485c8fc236afc9c4222922ebf8d 96d078ec9395c96d6758949e5aba41015f9b1c0c8f1dd0881b7d746dd92c7540
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/styles/styles.min.css?s=1695735628 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 13:40:28 GMT
vary: Accept-Encoding
etag: W/"6512df4c-1d5ee"
expires: Sat, 27 Apr 2024 21:58:23 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/plugins/jqueryui/themes/elastic/jquery-ui.min.css?s=1699174738 | 202.124.178.117 | 200 OK | 29 kB |
URL GET HTTP/2202.124.178.117/mail/plugins/jqueryui/themes/elastic/jquery-ui.min.css?s=1699174738 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeASCII text, with very long lines (26371) Hash7e848d774e13122792027c11b994c19c 276df81de919d3614fbb970a6dbdbb7a0570e40c aad541bcbd68b5ea0300c91b804637a2706e983a46d93546b109e6f322869107
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/plugins/jqueryui/themes/elastic/jquery-ui.min.css?s=1699174738 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: text/css
last-modified: Sun, 05 Nov 2023 08:58:58 GMT
vary: Accept-Encoding
etag: W/"65475952-727d"
expires: Sat, 27 Apr 2024 21:58:23 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/program/js/jquery.min.js?s=1699174741 | 202.124.178.117 | 200 OK | 91 kB |
URL GET HTTP/2202.124.178.117/mail/program/js/jquery.min.js?s=1699174741 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeJavaScript source, ASCII text, with very long lines (64001) Hash82229fca667f868f77759d78edaaecaf 12f2612174d39a99b21379af57b5374ab4efdb55 5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/program/js/jquery.min.js?s=1699174741 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 08:59:01 GMT
vary: Accept-Encoding
etag: W/"65475955-1632e"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/program/js/jstz.min.js?s=1699174742 | 202.124.178.117 | 200 OK | 14 kB |
URL GET HTTP/2202.124.178.117/mail/program/js/jstz.min.js?s=1699174742 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeJavaScript source, ASCII text, with very long lines (12309) Hashb5ee3ce2023c717fff34cfe5d3b82599 36f532887c2bf6bc7bdd06e68e96eafe2051a5f7 716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/program/js/jstz.min.js?s=1699174742 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 08:59:02 GMT
vary: Accept-Encoding
etag: W/"65475956-360b"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/images/logo.svg?s=1695735629 | 202.124.178.117 | 200 OK | 178 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/images/logo.svg?s=1695735629 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeSVG Scalable Vector Graphics image Size178 kB (177577 bytes) Hash35e199daa184d78ee32e41ac70957ae5 8bf437622660b7188f90d272e757cfd622e46d34 4f44b042a99443c02751014eeec80625d8c9d783082c8917eb8b6f31dbbaa814
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/images/logo.svg?s=1695735629 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Sep 2023 13:40:29 GMT
vary: Accept-Encoding
etag: W/"6512df4d-2b5a9"
expires: Sat, 27 Apr 2024 21:58:23 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/program/js/app.min.js?s=1699174738 | 202.124.178.117 | 200 OK | 172 kB |
URL GET HTTP/2202.124.178.117/mail/program/js/app.min.js?s=1699174738 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
Size172 kB (171722 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/program/js/app.min.js?s=1699174738 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 08:58:58 GMT
vary: Accept-Encoding
etag: W/"65475952-29eca"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/plugins/jqueryui/js/jquery-ui.min.js?s=1699174738 | 202.124.178.117 | 200 OK | 262 kB |
URL GET HTTP/2202.124.178.117/mail/plugins/jqueryui/js/jquery-ui.min.js?s=1699174738 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
Size262 kB (262502 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/plugins/jqueryui/js/jquery-ui.min.js?s=1699174738 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 08:58:58 GMT
vary: Accept-Encoding
etag: W/"65475952-40166"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/ui.js?s=1706939767 | 202.124.178.117 | 200 OK | 159 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/ui.js?s=1706939767 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeJavaScript source, ASCII text Size159 kB (159293 bytes) Hash3cb517d24c07e9f2a34732f13efc7018 f61683004d73324330041ada8611c7609fc314f8 11a0a4db10a2cea164c094f8a6b158737f45fe1164e59c91ba2d12f6741ad97a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/ui.js?s=1706939767 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Sat, 03 Feb 2024 05:56:07 GMT
vary: Accept-Encoding
etag: W/"65bdd577-26e3d"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/program/js/common.min.js?s=1699174738 | 202.124.178.117 | 200 OK | 13 kB |
URL GET HTTP/2202.124.178.117/mail/program/js/common.min.js?s=1699174738 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeJavaScript source, ASCII text, with very long lines (11657) Hashe8ea30189d593a3fe245b980f9c45a0a 0d8b1084d9404508e472c9168910dcad12ba552a a8e9036221176bf3ea5fefaaaae97a3fadecf1b25c5b8ace450a63b1af4a6047
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/program/js/common.min.js?s=1699174738 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 08:58:58 GMT
vary: Accept-Encoding
etag: W/"65475952-31f9"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 202.124.178.117/mail/skins/army_mail/deps/bootstrap.bundle.min.js?s=1695735629 | 202.124.178.117 | 200 OK | 84 kB |
URL GET HTTP/2202.124.178.117/mail/skins/army_mail/deps/bootstrap.bundle.min.js?s=1695735629 IP202.124.178.117:443 ASN#18001 Dialog Axiata PLC.
Requested byhttps://202.124.178.117/mail/ CertificateIssuerGlobalSign nv-sa Subject*.army.lk Fingerprint5C:F7:71:1E:73:9C:34:01:35:5C:CD:98:31:B9:A9:0E:16:F6:E0:52 ValidityFri, 01 Mar 2024 04:17:08 GMT - Wed, 02 Apr 2025 04:17:07 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash3fb9784331ba8d606ca6e0877b9466a3 2c8dde7ea3cee76f061c06bb64f9f00497f893f3 19b51730c10082760e6d9b82c1342e60855f98d2666c64e4eb758d26b1a0c840
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /mail/skins/army_mail/deps/bootstrap.bundle.min.js?s=1695735629 HTTP/1.1
Host: 202.124.178.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://202.124.178.117/mail/
Cookie: roundcube_sessid=tu7r9ka28vbrjqgmtb66cbrg3n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 21:58:23 GMT
content-type: application/javascript
last-modified: Tue, 26 Sep 2023 13:40:29 GMT
vary: Accept-Encoding
etag: W/"6512df4d-14888"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|