49.50.64.23/ncat2/WM2047.aspx
49.50.64.23302 Found 134 B URL User Request GET HTTP/1.1 49.50.64.23/ncat2/WM2047.aspx
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
File type HTML document, ASCII text, with CRLF line terminators
Hash 955972ee79152d12f7e93dc462410c37
2eb233568094a5ef3d0b71721b95aa22c090960e
c7f88ffee98116e435464506eab33d0e8710971acb655d6318ed8aad51191b8f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/WM2047.aspx HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /ncat2/Login.aspx
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: .ASPXAUTH=; expires=Mon, 11-Oct-1999 18:30:00 GMT; path=/; HttpOnly; SameSite=Lax
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:22 GMT
Content-Length: 134
49.50.64.23/ncat2/Login.aspx
49.50.64.23200 OK 3.1 kB URL User Request GET HTTP/1.1 49.50.64.23/ncat2/Login.aspx
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
File type HTML document, ASCII text, with very long lines (539), with CRLF line terminators
Hash e6d3a74e9423812247d6fc2d50a2f338
d4ddc695e8450496feacceb683c907ee3a4dc46b
c9dc68ea8d28edc91ce7fbd53ad97d02239b968b0791f0adc7aa90df33cbd123
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/Login.aspx HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:22 GMT
Content-Length: 3053
49.50.64.23/ncat2/App_Themes/MT/jquery-ui.min.css
49.50.64.23200 OK 5.3 kB URL GET HTTP/1.1 49.50.64.23/ncat2/App_Themes/MT/jquery-ui.min.css
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type ASCII text, with very long lines (25169)
Hash 5324b316c2340473cfbc46ba93cfeba6
f7492721774e680361a0e16e1522aa29fc8afe52
8cb9c1ee576c411b71ef833021b1c325179c1ac23f5f4ace0645f10009a5744f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/App_Themes/MT/jquery-ui.min.css HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 04:38:33 GMT
Accept-Ranges: bytes
ETag: "806a3b6cd079d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 5326
49.50.64.23/ncat2/App_Themes/MT/jquery-ui-timepicker-addon.css
49.50.64.23200 OK 361 B URL GET HTTP/1.1 49.50.64.23/ncat2/App_Themes/MT/jquery-ui-timepicker-addon.css
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type ASCII text, with CRLF line terminators
Hash b5f04fc37465229ae4bdde56f2f9ae97
126ae1b0be565a2c1af7e1f17cd717905803bd4d
9f046d6aa58517119fd6f15c419d5507c3e0e1e57106c1267b516face72426c5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/App_Themes/MT/jquery-ui-timepicker-addon.css HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 04:38:33 GMT
Accept-Ranges: bytes
ETag: "2e2aac6cd079d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 361
49.50.64.23/ncat2/App_Themes/MT/MT.css
49.50.64.23200 OK 1.5 kB URL GET HTTP/1.1 49.50.64.23/ncat2/App_Themes/MT/MT.css
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 0f4ca047c9c9fd7ea6b1092e13b501f4
0639394d536f9765575e9b991e33dfff5eef4fcf
e6134859d906b373b6c7ba571a1cfa2a6beb9afb28628b4c67e83309c1195fe6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/App_Themes/MT/MT.css HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 04:38:33 GMT
Accept-Ranges: bytes
ETag: "806a3b6cd079d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 1464
49.50.64.23/ncat2/App_Themes/MT/validationEngine.jquery.css
49.50.64.23200 OK 781 B URL GET HTTP/1.1 49.50.64.23/ncat2/App_Themes/MT/validationEngine.jquery.css
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type ASCII text, with CRLF line terminators
Hash a8935f51f8ca663bf3a18d4b1da31bf7
6f2e6f9c21ced7020e6d8c73c2e8ad71d797aa9d
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/App_Themes/MT/validationEngine.jquery.css HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 04:38:33 GMT
Accept-Ranges: bytes
ETag: "806a3b6cd079d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 781
49.50.64.23/ncat2/WebResource.axd?d=PoO7pNI1oLlBgldY065PMDi5UsQzDX25KisyvzYMp-RJS-kIVMcpTAWxDkyr0SC_304ZPAYOmOjXTNx_9MzAt9Rrsq2USjaSUSV0u_5axFg1&t=637878693744091884
49.50.64.23200 OK 6.0 kB URL GET HTTP/1.1 49.50.64.23/ncat2/WebResource.axd?d=PoO7pNI1oLlBgldY065PMDi5UsQzDX25KisyvzYMp-RJS-kIVMcpTAWxDkyr0SC_304ZPAYOmOjXTNx_9MzAt9Rrsq2USjaSUSV0u_5axFg1&t=637878693744091884
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 90ea7274f19755002360945d54c2a0d7
647b5d8bf7d119a2c97895363a07a0c6eb8cd284
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/WebResource.axd?d=PoO7pNI1oLlBgldY065PMDi5UsQzDX25KisyvzYMp-RJS-kIVMcpTAWxDkyr0SC_304ZPAYOmOjXTNx_9MzAt9Rrsq2USjaSUSV0u_5axFg1&t=637878693744091884 HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Sat, 10 May 2025 03:38:53 GMT
Last-Modified: Wed, 11 May 2022 07:06:14 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 6007
49.50.64.23/ncat2/WebResource.axd?d=cP2bRPPLIn1cQi4QNzVOuFuz0e6jDq5W1g0Cj6xmwPGktet9hIPWoowg1DoneqQZWTaDUl9mUes2b5_CGbTH0F9qKoI49FI4IHuJgHzoaZY1&t=637878693744091884
49.50.64.23200 OK 7.2 kB URL GET HTTP/1.1 49.50.64.23/ncat2/WebResource.axd?d=cP2bRPPLIn1cQi4QNzVOuFuz0e6jDq5W1g0Cj6xmwPGktet9hIPWoowg1DoneqQZWTaDUl9mUes2b5_CGbTH0F9qKoI49FI4IHuJgHzoaZY1&t=637878693744091884
IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type ASCII text, with CRLF line terminators
Hash b3d7a123be5203a1a3f0f10233ed373f
f4c61f321d8f79a805b356c6ec94090c0d96215c
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ncat2/WebResource.axd?d=cP2bRPPLIn1cQi4QNzVOuFuz0e6jDq5W1g0Cj6xmwPGktet9hIPWoowg1DoneqQZWTaDUl9mUes2b5_CGbTH0F9qKoI49FI4IHuJgHzoaZY1&t=637878693744091884 HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Sat, 10 May 2025 03:38:53 GMT
Last-Modified: Wed, 11 May 2022 07:06:14 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 7228
49.50.64.23/favicon.ico
49.50.64.23404 Not Found 1.2 kB IP 49.50.64.23:80
ASN #55470 Cyfuture India Pvt. Ltd.
Requested by http://49.50.64.23/ncat2/Login.aspx
File type HTML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 49.50.64.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://49.50.64.23/ncat2/Login.aspx
Cookie: ASP.NET_SessionId=h0ccvmdhbkbvibwks10j51yx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 10 May 2024 06:33:23 GMT
Content-Length: 1245