138.122.152.234/login.html
138.122.152.234200 OK 532 B URL User Request GET HTTP/1.0 138.122.152.234/login.html
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 41760531428cf2d189a774efd3cbddce
835a81cf8618e6665a9c473a0b8a8877c4b3edeb
d19dfa17c1ad0c218caf2e0190acba85c54db9f0910e6ce551ccdc1f800729ae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login.html HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:07 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:29 2016
Content-length: 532
Content-type: text/html
138.122.152.234302 Redirect 4.5 kB URL User Request GET HTTP/1.0 IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Hash e12b01c29dbe872c6148bc3f141a101f
75e849317dda8b28a023d3a287e8f6c682e2f855
423438399efe9d5e16cd7aee738e7c60a313cd073089e23ca2fd07f32fcef673
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Redirect
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Date: Sun May 5 07:23:06 2024
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Location: http://138.122.152.234/login.html
138.122.152.234/js/utils.js
138.122.152.234200 OK 14 kB URL GET HTTP/1.0 138.122.152.234/js/utils.js
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/left.asp
File type ISO-8859 text, with CRLF, LF line terminators
Hash 169e9c144933c86d329bce6d0ad38b8e
fcdfe6c8dea1e670fdd44b804c85bbc2a01b94c9
2f22bbd0036579815fef3410b434d4bda0c35fd45bc49559a1d6b0d911e50e25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/utils.js HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/left.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:08 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:23 2016
Content-length: 13988
Content-type: application/x-javascript
138.122.152.234/js/utils.js
138.122.152.234200 OK 14 kB URL GET HTTP/1.0 138.122.152.234/js/utils.js
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/left.asp
File type ISO-8859 text, with CRLF, LF line terminators
Hash 169e9c144933c86d329bce6d0ad38b8e
fcdfe6c8dea1e670fdd44b804c85bbc2a01b94c9
2f22bbd0036579815fef3410b434d4bda0c35fd45bc49559a1d6b0d911e50e25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/utils.js HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:09 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:23 2016
Content-length: 13988
Content-type: application/x-javascript
138.122.152.234/lang/b28n.js
138.122.152.234200 OK 7.0 kB URL GET HTTP/1.0 138.122.152.234/lang/b28n.js
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login_inter.asp
File type HTML document, ASCII text
Hash 9000aa8c216316aa86e86d9cf0e1c460
310b52233f485f20e2c569bd94f64d363ef4d7db
a66d9b4b1cde722a1aa05888f55330fbce4235d97b1919d99a9d711d29e6ce28
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /lang/b28n.js HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:09 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:29 2016
Content-length: 6953
Content-type: application/x-javascript
138.122.152.234/js/checkValue.js
138.122.152.234200 OK 5.9 kB URL GET HTTP/1.0 138.122.152.234/js/checkValue.js
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login_inter.asp
File type ISO-8859 text, with CRLF, LF line terminators
Hash 3c6f76443c19373a1131958ff2e40930
8b48082ea6c0ebaa09876756dcb931db22224888
45ed600f78779ac95a1d9df1966c21e2329230040a5ad00079d050e99eedd56e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/checkValue.js HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:09 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:23 2016
Content-length: 5850
Content-type: application/x-javascript
138.122.152.234/style/style.css
138.122.152.234200 OK 5.7 kB URL GET HTTP/1.0 138.122.152.234/style/style.css
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login_inter.asp
File type assembler source, ISO-8859 text, with CRLF, LF line terminators
Hash fc7ffc59b1dfd8095678fdab5fe8aad2
32b363e4e14590f2b68dff1bbaf32f4c2b216163
c1f728e7bf4c0ff08938d4a84e12be6b13117667711de34a1bc007b0c0186831
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /style/style.css HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:09 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:22 2016
Content-length: 5650
Content-type: text/css
138.122.152.234/lang/en/menu.xml
138.122.152.234200 OK 6.0 kB URL GET HTTP/1.0 138.122.152.234/lang/en/menu.xml
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login_inter.asp
File type XML 1.0 document, ASCII text
Hash 21c286044ff37dd048ed1462f21584c1
cef2415796e1c73af6b73d9482a7952a89653539
faf47d5fbf2f0214bbd54562bf3bfbc441288ba8b00d8d8258f8df6a4e8e6ccd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /lang/en/menu.xml HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:10 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:29 2016
Content-length: 6019
Content-type: text/xml
138.122.152.234/images/background.png
138.122.152.234200 OK 1.2 kB URL GET HTTP/1.0 138.122.152.234/images/background.png
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login_inter.asp
File type PNG image data, 1 x 900, 8-bit gray+alpha, non-interlaced
Hash e052743a212ecd45b3eba8d6046b0081
f1bd7bb5b36e7dd8c8ea0c699171dc0d960ca5d8
45a80ff945377d46f34100b22be6ea87e66e4ebf5a36b7c3aa1f541e1c037650
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/background.png HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:10 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:22 2016
Content-length: 1196
Content-type: image/png
138.122.152.234/images/login.png
138.122.152.234200 OK 226 kB URL GET HTTP/1.0 138.122.152.234/images/login.png
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login_inter.asp
File type PNG image data, 936 x 417, 8-bit/color RGBA, non-interlaced
Size 226 kB (225928 bytes)
Hash bf71684e94ad77d1aeae88256af7e800
3bc9255f8adc057cfc555ff66744171dc6bb89ad
633230e092cdefe6bc747c88445bbf4620664fcafca037963f657ec7d208200b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/login.png HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:11 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Wed Mar 2 01:22:22 2016
Content-length: 225928
Content-type: image/png
138.122.152.234/favicon.ico
138.122.152.234404 Site or Page Not Found 171 B URL GET HTTP/1.1 138.122.152.234/favicon.ico
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login.html
File type HTML document, ASCII text, with no line terminators
Hash db004c7fd0ca23a710a9e8e129cc60c7
16e78ae0f646379c6ac567596a0499e1ca9ef112
4d8586241c38e601032d773412e4960f6d4d172a6425a480d27379500897b570
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Site or Page Not Found
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Date: Sun May 5 07:23:08 2024
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
138.122.152.234/login_inter.asp
138.122.152.234200 OK 10 kB URL GET HTTP/1.0 138.122.152.234/login_inter.asp
IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login.html
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7e30e9f38668b69848cc5075cbf406da
bb574d54109c91af088df2e6e0174a0a0461195c
ca97d06f1caf96628ac94c90c57a6430990eb28e95bda3ee92bd7a5bd4112921
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login_inter.asp HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:08 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html
138.122.152.234/left.asp
138.122.152.234200 OK 647 B IP 138.122.152.234:80
ASN #264321 New Oeste Telecom do Brasil - LTDA ME
Requested by http://138.122.152.234/login.html
File type HTML document, ASCII text, with very long lines (712), with no line terminators
Hash 358c740c22b8cf2534ba59858074be72
0a1d67c6f66738fc139e2763f8ab2af61a3e9016
0a0ff95c6c1c4c15d3fe09c75d9ef83558718e6ae39d93d10c0c0b5c785daeb4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /left.asp HTTP/1.1
Host: 138.122.152.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.122.152.234/login.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sun May 5 07:23:07 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html