45.65.196.142302 Redirect 732 B URL User Request GET HTTP/1.0 IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 760a4e2dc8f36ac74c477170b1c6b682
890f7815925c7d4daf2ea06d534fb17cb8fff2d1
04ea5e05a7664d73a2a95c1441efb6f638ca8305bd2043532ff2f79c6dd130fe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Redirect
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Date: Sat May 4 19:04:53 2024
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Location: http://45.65.196.142/login.html
45.65.196.142/js/utils.js
45.65.196.142200 OK 18 kB URL GET HTTP/1.0 45.65.196.142/js/utils.js
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type ISO-8859 text, with CRLF, LF line terminators
Hash 92137727558ff75e746a0be80c421442
accda954dd67322a0c6b78c5c697376799499d47
8ef966fdcf6fbd3e5432e47ce626d27cfa78fe46ac28fe80cfb63e498e7b73d9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/utils.js HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/left.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:55 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:37 2017
Content-length: 18263
Content-type: application/x-javascript
45.65.196.142/left.asp
45.65.196.142200 OK 6.4 kB IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login.html
File type HTML document, ISO-8859 text, with CRLF, LF line terminators
Hash ea85958d6ce804b25b826c80b5c9089c
70cc87bb99a247138140398d0b0f0d59f5b6f77b
c208b68ebf8d03aea4d519a7b2ddf10666c15704dd89485997a852e5f17453ba
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /left.asp HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:55 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html
45.65.196.142/js/checkValue.js
45.65.196.142200 OK 10 kB URL GET HTTP/1.0 45.65.196.142/js/checkValue.js
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type ISO-8859 text, with CRLF, LF line terminators
Hash 93275bd806ecb97ceb9deb7bcf189dbc
545b5bd6904aaf2621fb3c524b9972b4848b7a35
8843bc66cc1c3910d2ee2f1a6d80d9733a3d2d87fb77aefe178c35e1cfb8573e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/checkValue.js HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:56 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:37 2017
Content-length: 10238
Content-type: application/x-javascript
45.65.196.142/lang/b28n.js
45.65.196.142200 OK 7.0 kB URL GET HTTP/1.0 45.65.196.142/lang/b28n.js
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type HTML document, ASCII text
Hash 9000aa8c216316aa86e86d9cf0e1c460
310b52233f485f20e2c569bd94f64d363ef4d7db
a66d9b4b1cde722a1aa05888f55330fbce4235d97b1919d99a9d711d29e6ce28
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /lang/b28n.js HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:56 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:54 2017
Content-length: 6953
Content-type: application/x-javascript
45.65.196.142/js/utils.js
45.65.196.142200 OK 18 kB URL GET HTTP/1.0 45.65.196.142/js/utils.js
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type ISO-8859 text, with CRLF, LF line terminators
Hash 92137727558ff75e746a0be80c421442
accda954dd67322a0c6b78c5c697376799499d47
8ef966fdcf6fbd3e5432e47ce626d27cfa78fe46ac28fe80cfb63e498e7b73d9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/utils.js HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:56 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:37 2017
Content-length: 18263
Content-type: application/x-javascript
45.65.196.142/lang/en/menu.xml
45.65.196.142200 OK 7.4 kB URL GET HTTP/1.0 45.65.196.142/lang/en/menu.xml
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type XML 1.0 document, ASCII text
Hash 69e010dd42160d03a96ca2ffc4ebcbf0
7d32148a8472db4e046f1d8630ce689fd6e6c3f4
c02e51abb24c07e2fb34a5991b96843f7d95417e854b9e43537bb35c2dcf03dd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /lang/en/menu.xml HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:57 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:54 2017
Content-length: 7360
Content-type: text/xml
45.65.196.142/images/background.png
45.65.196.142200 OK 1.2 kB URL GET HTTP/1.0 45.65.196.142/images/background.png
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type PNG image data, 1 x 900, 8-bit gray+alpha, non-interlaced
Hash e052743a212ecd45b3eba8d6046b0081
f1bd7bb5b36e7dd8c8ea0c699171dc0d960ca5d8
45a80ff945377d46f34100b22be6ea87e66e4ebf5a36b7c3aa1f541e1c037650
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/background.png HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:58 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:31 2017
Content-length: 1196
Content-type: image/png
45.65.196.142/images/login.png
45.65.196.142200 OK 226 kB URL GET HTTP/1.0 45.65.196.142/images/login.png
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type PNG image data, 936 x 417, 8-bit/color RGBA, non-interlaced
Size 226 kB (225928 bytes)
Hash bf71684e94ad77d1aeae88256af7e800
3bc9255f8adc057cfc555ff66744171dc6bb89ad
633230e092cdefe6bc747c88445bbf4620664fcafca037963f657ec7d208200b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/login.png HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:58 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:31 2017
Content-length: 225928
Content-type: image/png
45.65.196.142/login_inter.asp
45.65.196.142200 OK 10 kB URL GET HTTP/1.0 45.65.196.142/login_inter.asp
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login.html
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 948f46377696c122a0fb76bc03d085eb
7abab4f1e1f7e64939537c9a1c405ba1044a4eb9
ddc1c070a4775a9a48063f924e9f70183b0a194c8e73cc38cd4a35795aee8e4c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login_inter.asp HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:56 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html
0.0.0.0 0 B IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login.html HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
45.65.196.142200 OK 532 B URL User Request GET HTTP/1.0 IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
File type HTML document, Unicode text, UTF-8 text, with very long lines (586), with no line terminators
Hash c382fa376349462d26456d28fde9e012
17273e5527e11f3ba3cd27baa98216f3a19b1a7f
9f76c4d735b34167a5ed70d123b833287cb6bdfc546e31a9a7e3733a5bd19d0d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /login.html HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:54 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:54 2017
Content-length: 532
Content-type: text/html
45.65.196.142/favicon.ico
45.65.196.142404 Site or Page Not Found 171 B URL GET HTTP/1.1 45.65.196.142/favicon.ico
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login.html
File type HTML document, ASCII text, with no line terminators
Hash db004c7fd0ca23a710a9e8e129cc60c7
16e78ae0f646379c6ac567596a0499e1ca9ef112
4d8586241c38e601032d773412e4960f6d4d172a6425a480d27379500897b570
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Site or Page Not Found
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Date: Sat May 4 19:04:55 2024
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
45.65.196.142/style/style.css
45.65.196.142200 OK 5.8 kB URL GET HTTP/1.0 45.65.196.142/style/style.css
IP 45.65.196.142:80
ASN #266537 BRICK TELECOMUNICACOES LTDA
Requested by http://45.65.196.142/login_inter.asp
File type Unicode text, UTF-8 text, with very long lines (6667), with no line terminators
Hash ed00767dc771a62a4f75d7c59c57db6e
4e8d16dd4a49364d1f5dc376bd8f997f3541e26f
cd0deccbdc21adf7418c63bc1f457fb5a1a158a9b5459b66811cf30bbf9be603
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /style/style.css HTTP/1.1
Host: 45.65.196.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.65.196.142/login_inter.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat May 4 19:04:56 2024
Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
Last-modified: Fri Jan 6 03:26:35 2017
Content-length: 5759
Content-type: text/css