| | 131.221.130.157 | 200 OK | 7.6 kB |
URL User Request GET HTTP/1.1IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeHTML document, Unicode text, UTF-8 text Hashfdc98a113d9a4af662861f4763e8d79e 0c6dacb78ebc732ca7d62497d487d70d0de339de 5c02fd541af01faa1dc70af4dd74527fc672446f50c475b6230d4d4e5f313d9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server:
Content-Type: text/html; charset=gb2312
Accept-Ranges: bytes
Connection: close
Cache-Control: no-cache,no-store
Content-Length: 7562
Set-Cookie: _TESTCOOKIESUPPORT=1; PATH=/; HttpOnly
X-Frame-Options: SAMEORIGIN
|
|
| 131.221.130.157/skin/priorgreen/css/login.css | 131.221.130.157 | 200 OK | 9.9 kB |
URL GET HTTP/1.1131.221.130.157/skin/priorgreen/css/login.css IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeassembler source, ASCII text, with CRLF line terminators Hashcff0f44ae6210e2d10115862c6678af3 36b4bf829a9c9c4b68311ce1a3937cf9fd879aec 7558e06ca6e922f86e5ddb46df8a0d2c8212a75a93dd8d59d5274aa0b446883c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /skin/priorgreen/css/login.css HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://131.221.130.157/
Cookie: _TESTCOOKIESUPPORT=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server:
Content-Type: text/css
Accept-Ranges: bytes
Connection: close
Content-Length: 9858
|
|
| 131.221.130.157/js/sha256.min.js | 131.221.130.157 | 200 OK | 6.7 kB |
URL GET HTTP/1.1131.221.130.157/js/sha256.min.js IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeJavaScript source, ASCII text, with very long lines (6741), with no line terminators Hashe3c5b316cc9c75fbd34fe8d09a8cbc50 ea8710b3f039c06b85cafee16d8ad22f0d979983 8573c19f77e0201cb67ba075c1f766de392659eccc5bee96ccec8822cc59c243
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/sha256.min.js HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://131.221.130.157/
Cookie: _TESTCOOKIESUPPORT=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server:
Content-Type: application/x-javascript
Accept-Ranges: bytes
Connection: close
Content-Length: 6741
|
|
| 131.221.130.157/css/styleen.css | 131.221.130.157 | 200 OK | 1.3 kB |
URL GET HTTP/1.1131.221.130.157/css/styleen.css IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeASCII text, with CRLF line terminators Hash01ee351c68af64ca35f4b536656455b0 b076f93794605890954273c50576bee56040aa5d 8061f9d39ac1a3f716faab884f0035bcd932dc1cc0505fb1cb79cf095f1ab99b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/styleen.css HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://131.221.130.157/
Cookie: _TESTCOOKIESUPPORT=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server:
Content-Type: text/css
Accept-Ranges: bytes
Connection: close
Content-Length: 1291
|
|
| 131.221.130.157/skin/priorgreen/img/banner.gif | 131.221.130.157 | 200 OK | 7.1 kB |
URL GET HTTP/1.1131.221.130.157/skin/priorgreen/img/banner.gif IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeGIF image data, version 89a, 778 x 60 Hash03d602bb92ed46b38a852750fad224f2 2f5c714100a56157cd3382901190e620d2d7d761 a495d952c09ca67c707757f2194ea69b83568f48bed3a94ec7d29a4391b1703b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /skin/priorgreen/img/banner.gif HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://131.221.130.157/skin/priorgreen/css/login.css
Cookie: _TESTCOOKIESUPPORT=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server:
Content-Type: image/gif
Accept-Ranges: bytes
Connection: close
Content-Length: 7106
|
|
| 131.221.130.157/img/pop_up.gif | 131.221.130.157 | 404 Not Found | 391 B |
URL GET HTTP/1.1131.221.130.157/img/pop_up.gif IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeHTML document, ASCII text, with very long lines (406), with no line terminators Hash55c383d487d1ac88180445cb0d4e3007 6e0c5666b0e88e05e1f2b7d0186d453b14614d65 30cd5ae193b76a08161e2ac2ca420a04beb22845d822d3280c8483683b7ac800
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/pop_up.gif HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://131.221.130.157/
Cookie: _TESTCOOKIESUPPORT=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server:
Content-Type: text/html; charset=gb2312
Accept-Ranges: bytes
Connection: close
Cache-Control: no-cache,no-store
|
|
| 131.221.130.157/favicon.ico | 131.221.130.157 | 404 Not Found | 391 B |
URL GET HTTP/1.1131.221.130.157/favicon.ico IP131.221.130.157:80 ASN#264417 Megalink Telecom
File typeHTML document, ASCII text, with very long lines (406), with no line terminators Hash55c383d487d1ac88180445cb0d4e3007 6e0c5666b0e88e05e1f2b7d0186d453b14614d65 30cd5ae193b76a08161e2ac2ca420a04beb22845d822d3280c8483683b7ac800
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 131.221.130.157
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://131.221.130.157/
Cookie: _TESTCOOKIESUPPORT=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server:
Content-Type: text/html; charset=gb2312
Accept-Ranges: bytes
Connection: close
Cache-Control: no-cache,no-store
|
|