| | 128.116.144.194 | | 934 B |
IP128.116.144.194:0
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashfb3bfbc5354f4c5e0982928984710b5f 6803d2c47e15016b9ba931cddc20929faa1713e4 fec2d128e40e31078ccc5a0b75d9950ecb884206d17de530ade78a9b9533fd5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 934
|
|
| 128.116.144.194/Live.html | 128.116.144.194 | 200 OK | 472 B |
URL GET HTTP/1.1128.116.144.194/Live.html IP128.116.144.194:80
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash3b4ad1830950bf90f507afa7fbf4c2e1 d2d932bc7d9e43e5547570c99ac251c9bf178161 80455829e1a0e4eed64605e3354b3caeb5da8e591e3d1a5ad1f7af220d89c4b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Live.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 472
|
|
| 128.116.144.194/cookieFun.js | 128.116.144.194 | | 12 kB |
URL GET 128.116.144.194/cookieFun.js IP128.116.144.194:80
Requested byhttp://128.116.144.194/SwitchJob.html
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashdab88f26d1e893ff955ac5dc35c87d9d e29fbb725e741ad7d3f6ab08a19900e9d67afa09 8950803839de204bbd3c918a7e37750c23ff70bdd87aa3da55a7cdb12f10845f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cookieFun.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 6226
|
|
| 128.116.144.194/menu_ready.html | 128.116.144.194 | 200 OK | 476 B |
URL GET HTTP/1.1128.116.144.194/menu_ready.html IP128.116.144.194:80
Requested byhttp://128.116.144.194/Live.html
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash70baf72c2479c55ec5653a39f5ffbd60 695bfe0d61f4e74c9f053a70c0ed971b2d2f9634 060c8b831173f6f810f41128ad8b862612b462547a9e4196dda4e8e01408a10a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /menu_ready.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/Live.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 476
|
|
| 128.116.144.194/main_live.html | 128.116.144.194 | 200 OK | 9.0 kB |
URL GET HTTP/1.1128.116.144.194/main_live.html IP128.116.144.194:80
Requested byhttp://128.116.144.194/Live.html
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash3f3c6790e4cae75b15994ef8402dd771 f3e4d3c1b43e5720d7b013215c7efe7df02313bb 3091c762cb87ebce36eba912990640377fdbc4ac9341cfbdd796fc261dc610cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main_live.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/Live.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 9034
|
|
| 128.116.144.194/B_action.js | 34.120.237.76 | | 20 kB |
URL GET 128.116.144.194/B_action.js IP34.120.237.76:80 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttp://128.116.144.194/main_live.html
Hash31e39226d3593a4f0c598f0490c4ade9 af3acb92d425bcb1b66fcf66920c66065711fb16 fd435ed5ba40921e811693db1ec96bb27d9263e2f1a4fae500dd555b32400435
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /B_action.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-length: 8043
x-amzn-requestid: 25f404a4-e92e-4b8d-900f-741beed9e972
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XcJ2_Eu8oAMEP2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-663b235f-2e499cf54739955d4367a8ae;Parent=68f76a661d17370e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 08 May 2024 07:01:51 GMT
x-amz-cf-pop: HIO50-C1, SEA900-P2
x-cache: Miss from cloudfront
x-amz-cf-id: LL_lwkBLl4rO-o2aojtbvMxCC7V5wNRkHqBcX9J0mPoIsBDLybtH1w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b542d7019a03585dbf3c5588bc1da03a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 May 2024 07:04:56 GMT
age: 49794
etag: "ec5106993eb346171474efd5676e94e00acb980c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 128.116.144.194/png/background-preview-control.png | 128.116.144.194 | | 1.3 kB |
URL GET 128.116.144.194/png/background-preview-control.png IP128.116.144.194:80
Requested byhttp://128.116.144.194/SwitchJob.html
File typePNG image data, 235 x 40, 8-bit/color RGB, non-interlaced Hash127b57b3061ab247ef80e786cad80b6f c5a4f2b88bba22699f37154ed2a9a35cbfe4ac3b fdb0b6dec922250efe8c294fbf94b8268eedc2dc0ace54bdb3314438d5ceb5d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /png/background-preview-control.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 476
|
|
| 128.116.144.194/Login.js | 128.116.144.194 | | 4.6 kB |
IP128.116.144.194:80
Requested byhttp://128.116.144.194/main_live.html
File typeUnicode text, UTF-8 text, with very long lines (4744), with no line terminators Hash6a50797809029fb25ec2fa8bc44617d0 29644e85283b94e1742130eb39059722cd01972d 2802b9144a622a038d367990ae6ad9e13979d78f233cbe68027b470395f3c4f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Login.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/SwitchJob.css | 128.116.144.194 | | 854 B |
URL GET 128.116.144.194/SwitchJob.css IP128.116.144.194:80
Requested byhttp://128.116.144.194/SwitchJob.html
File typeUnicode text, UTF-8 text, with very long lines (839), with no line terminators Hash4d97d14663bb0d5864a1eb167a01d119 1079fd16c396a6dce12f668da2216225f0a4b5b0 dfd85bf5e2858a76816ba6b25aa80ef17c4433fe6cab291b693a58ba838eb9a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /SwitchJob.css HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/png/playback-up.png | 128.116.144.194 | | 2.7 kB |
URL GET 128.116.144.194/png/playback-up.png IP128.116.144.194:80
Requested byhttp://128.116.144.194/SwitchJob.html
File typePNG image data, 103 x 25, 8-bit/color RGB, non-interlaced Hashbf66482a79e558da0c5eab44d506727a ecd7bd082599c05d884795cb1c3246379f874b46 505644dd5836975958ce9b2d8e3361b5aa0aa3faf2a8804f844fa20ed1cb34bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /png/playback-up.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/WebCamFunc.js | 128.116.144.194 | | 69 kB |
URL GET 128.116.144.194/WebCamFunc.js IP128.116.144.194:80
Requested byhttp://128.116.144.194/main_live.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /WebCamFunc.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/favicon.ico | 0.0.0.0 | | 0 B |
URL GET 128.116.144.194/favicon.ico IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/png/preview-dw.png | 128.116.144.194 | | 2.4 kB |
URL GET 128.116.144.194/png/preview-dw.png IP128.116.144.194:80
Requested byhttp://128.116.144.194/SwitchJob.html
File typePNG image data, 103 x 25, 8-bit/color RGB, non-interlaced Hashc5b7f1308937e0cd72133ad4b6e58d50 367ea791c92d3e1898777e74c2bb2517ed04f19a b46a7b171da7c3d8d7847c2a9b5e7804d3aa1859a3d60d4598f98393d7d9b576
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /png/preview-dw.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/png/Login/loginbackground-1.png | 128.116.144.194 | | 3.1 kB |
URL GET 128.116.144.194/png/Login/loginbackground-1.png IP128.116.144.194:80
Requested byhttp://128.116.144.194/main_live.html
File typePNG image data, 2 x 216, 8-bit/color RGBA, non-interlaced Hashfaafd3e2d515fedda38f3711f67e9d75 d4b26b53c179c9e9db1f1889254818b1d9db8aeb 1dc9fee7d376456b81e98312ba961c79c2f0fad6e3f6fbf1917c17cac997fb36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /png/Login/loginbackground-1.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/png/Login/buttonup.png | 128.116.144.194 | | 3.4 kB |
URL GET 128.116.144.194/png/Login/buttonup.png IP128.116.144.194:80
Requested byhttp://128.116.144.194/main_live.html
File typePNG image data, 89 x 21, 8-bit/color RGBA, non-interlaced Hash92757d50ca5b52bd07a44f56947a1366 2b68e22cddae851d196e138d92a03982e6572fbe 07f6b5a20ea677b952a17e4075bedf3898f1a2753417c73b8b37be7efc4bdbe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /png/Login/buttonup.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache
|
|
| 128.116.144.194/SwitchJob.html | 128.116.144.194 | 200 OK | 6.2 kB |
URL GET HTTP/1.1128.116.144.194/SwitchJob.html IP128.116.144.194:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6817), with no line terminators Hashd058fc29ea69cd6c52b2135090c9c685 9166a198acee14dbc1f9b9e77c001d5c5a2c162d 0733647eeaf7dc74eeabcd19788d0101e8b636f5cbbfe944c3c8543f6170387e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /SwitchJob.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 6226
|
|
| 128.116.144.194/PCViewer.css | 128.116.144.194 | | 7.8 kB |
URL GET 128.116.144.194/PCViewer.css IP128.116.144.194:80
Requested byhttp://128.116.144.194/main_live.html
File typeUnicode text, UTF-8 text, with very long lines (8117), with no line terminators Hash60ba03a187fd87cba8c65c1378bcd76b 3fe18f1bd369549ca9bd8fe449e314afbc9f995f 077f44fd9873aa0cbf0b729848a13f6d80eb929101327d9508f07d4b0e15ab9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PCViewer.css HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache
|
|