81.213.31.50/style/web.css
81.213.31.50200 OK 8.2 kB URL GET HTTP/1.0 81.213.31.50/style/web.css
IP 81.213.31.50:80
Requested by http://81.213.31.50/login.asp
File type ASCII text, with CRLF line terminators
Hash 310c0a1920ce8173b212649a24cfc669
e97261a138468c6024379d2b051b702d9c2a35f4
71fbe2241086993813a7f0e9acb99fcdb965df2e224b653b25a9ae13976745e4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /style/web.css HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://81.213.31.50/login.asp
Cookie: mLangage=en
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat Jan 1 00:18:10 2000
Server: GoAhead-Webs
Last-modified: Sun Jan 30 06:56:12 2011
Content-length: 8152
Content-type: text/css
81.213.31.50/js/lang.js
81.213.31.50200 OK 4.5 kB IP 81.213.31.50:80
Requested by http://81.213.31.50/login.asp
File type ASCII text, with CRLF line terminators
Hash 8639c06d7f9a675ddcedcd20292c53eb
55963377128830be880bbe6b9d496f327bc3b8ef
0fff8d67f60307a262da0861a00da8802ec7b19e1c81b723816e108bfdd8eec6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/lang.js HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://81.213.31.50/login.asp
Cookie: mLangage=en
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat Jan 1 00:18:10 2000
Server: GoAhead-Webs
Last-modified: Sun Jan 30 06:56:12 2011
Content-length: 4484
Content-type: application/x-javascript
81.213.31.50/img/webserver_logo.gif
81.213.31.50200 OK 1.7 kB URL GET HTTP/1.0 81.213.31.50/img/webserver_logo.gif
IP 81.213.31.50:80
Requested by http://81.213.31.50/login.asp
File type GIF image data, version 89a, 242 x 47
Hash d9c3e3fa4c46cbc46e925a3d82af49d5
525625fc8b2041eecb30e4eaccf9fa9ebb7fd388
1409eb5ba971ce94f30283daf01d02fa98fdd95a8bd9037e8c831a4965db3dec
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/webserver_logo.gif HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://81.213.31.50/login.asp
Cookie: mLangage=en
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat Jan 1 00:18:10 2000
Server: GoAhead-Webs
Last-modified: Sun Jan 30 06:56:12 2011
Content-length: 1661
Content-type: image/gif
81.213.31.50/mlang/en/main.xml
81.213.31.50200 OK 8.9 kB URL GET HTTP/1.0 81.213.31.50/mlang/en/main.xml
IP 81.213.31.50:80
Requested by http://81.213.31.50/login.asp
File type exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash aa5b07b95c63730d2e9dd934718aea2a
9196f40feb473f1d6f0b8a42a1bf6f709ced97b4
037d0a3cf7f5e724601ccae0ad9ff153439b7efbca9640b39d27005831d89da0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /mlang/en/main.xml HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://81.213.31.50/login.asp
Cookie: mLangage=en
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat Jan 1 00:18:11 2000
Server: GoAhead-Webs
Last-modified: Mon Jan 31 03:06:39 2011
Content-length: 8857
Content-type: text/xml
0.0.0.0 0 B IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login.asp HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://81.213.31.50/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: mLangage=en
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
81.213.31.50200 OK 5.6 kB URL User Request GET HTTP/1.0 IP 81.213.31.50:80
File type HTML document, Unicode text, UTF-8 text, with very long lines (6340), with no line terminators
Hash 614b01733a53b9fafcb383971d07cec7
e07b4b1e1e384f0068f87e922911035a4dea4737
a619164e8f6e8eb96a932ed789d21228632b7373db39c374925329b0f646f54a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login.asp HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://81.213.31.50/
DNT: 1
Connection: keep-alive
Cookie: mLangage=en
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat Jan 1 00:18:09 2000
Server: GoAhead-Webs
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html
81.213.31.50/favicon.ico
81.213.31.50200 OK 271 B IP 81.213.31.50:80
Requested by http://81.213.31.50/login.asp
File type HTML document, ASCII text, with no line terminators
Hash e785c13cc410ec6998ec680e08f5594f
f747d40388189484125f745bc11e871645cfa80f
09eab2769d1713e10a594297dd7b7f8ddca1ceab69254e75628e4ec37ffbb031
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 81.213.31.50
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://81.213.31.50/login.asp
Cookie: mLangage=en
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Server: GoAhead-Webs
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html
Set-Cookie: mLangage=en; path=/;