64.139.244.252/
64.139.244.252 425 B IP 64.139.244.252:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash a7a0a097e12b5db988d8f9ab6def9c2b
a29dacc32513f353bfe311017b89959093bfece1
383142a148fcd1c07a9fc669aa0f5c132acdec7bf976f730cd52271c26cbf70c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:46 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 425
Last-Modified: Fri, 25 Mar 2016 14:22:05 GMT
Content-Type: text/html
64.139.244.252/index.html?_1715119773534
64.139.244.252 21 kB URL 64.139.244.252/index.html?_1715119773534
IP 64.139.244.252:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash a7e82f52e1b51241fc61868c1fa10513
fe65cc4b08cff8a4da2014b94f91175d90450203
dbf9d41e4d566b70cb731f28bfac74d160a68745f46b0523229ea4b5d0b837a5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /index.html?_1715119773534 HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://64.139.244.252/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 20893
Last-Modified: Fri, 25 Mar 2016 14:22:22 GMT
Content-Type: text/html
64.139.244.252/js/jcookie.js
64.139.244.252 1.7 kB URL 64.139.244.252/js/jcookie.js
IP 64.139.244.252:0
File type JavaScript source, ASCII text, with CRLF line terminators
Hash f2310f3108ac77f804b8d85a50d20915
bac1b13a6d66c8714865f8c86b0649186fd11ea7
d41818c43a35ca5cd31f95fae6d34daee46ca8e58a5b00c08950218d3d82efeb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/jcookie.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 1677
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/js/json.js
64.139.244.252 5.0 kB URL 64.139.244.252/js/json.js
IP 64.139.244.252:0
Hash 34f7231a0a213167e801318716261d1e
f9383563b79b1df26542b6ede395bb8d1213f904
5b7242ed8e6fe3e6afec7c014b7c66fc1bd68a7b2e0d2706ffaab7876ab8f94a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/json.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 4955
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/js/common.js
64.139.244.252 36 kB URL 64.139.244.252/js/common.js
IP 64.139.244.252:0
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (308), with CRLF line terminators
Hash 66fdcca8b521312428e7a5db5b92c8ae
79e4d8e2f28d258bdca6eb7c829eef11685ab22b
23eba91fa4b1f04e06d61994dfcc14e83089e50c864b6825e50eeaeec6dfc2c7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/common.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 36402
Last-Modified: Wed, 23 Mar 2016 03:09:08 GMT
Content-Type: application/javascript
64.139.244.252/js/qrcode.js
64.139.244.252 28 kB URL 64.139.244.252/js/qrcode.js
IP 64.139.244.252:0
File type ASCII text, with CRLF line terminators
Hash 2cfb76dea8f3f4710f8ea1748b194ceb
e52905594f898d470f5febeab1e847106da121aa
8aa7a76905121bb11504ede33557f03f375cfcd5d9777eb68579426086840d0a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/qrcode.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 28476
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/js/CProgress.js
64.139.244.252 2.4 kB URL 64.139.244.252/js/CProgress.js
IP 64.139.244.252:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash bc9e0142e6cb186e59bf3fdf275d1aff
237347d2b2a22767dcf513ead052af80c569afa6
208246414a3fc2e2a52885ea002913749ba455038ee019be51f83865045a78da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/CProgress.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 2400
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/js/class.js
64.139.244.252 63 kB URL 64.139.244.252/js/class.js
IP 64.139.244.252:0
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 377b14f762f93c71cadf9bc4674250f5
99493e6e123b5adb21bcccad4bde0ab29059857a
df1d6133fdcfb1f50d671aac159602dac961c160c7e67ae9b109aa9be12fe94f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/class.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 63090
Last-Modified: Fri, 25 Mar 2016 06:15:42 GMT
Content-Type: application/javascript
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
64.139.244.252 106 B URL 64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
IP 64.139.244.252:0
File type Unicode text, UTF-8 (with BOM) text
Hash 08915761b35e17f7112b8ffc32a826a0
c4acbe5778eabc1a0c93fc44463661dd3d99e9a8
0b0b364228a46d51cd953a08b51bd8040f4cfdafc06297c12fe61d6f6dd43518
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ligerUI/skins/Aqua/css/ligerui-all.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 106
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css
64.139.244.252/js/main.js
64.139.244.252 84 kB URL 64.139.244.252/js/main.js
IP 64.139.244.252:0
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 63719f06f34606bc7d4c0aaca04142ea
f7f6a46c37369f6cf7cacdbafb3d791799de2411
04953f508e1cb4bd2789d3358695fa22aa80d1dacd204bed5b75d4d3f2097ee1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/main.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 83618
Last-Modified: Fri, 25 Mar 2016 13:05:26 GMT
Content-Type: application/javascript
64.139.244.252/css/main.css
64.139.244.252 16 kB URL 64.139.244.252/css/main.css
IP 64.139.244.252:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c76075ec93a111b11ceed0285c115aab
19a37ad7463c962cf3852f61cca204d903bdd6bb
bdf4d382d11fc3105fe4e77d2f5222d9f32b4e64d95b563c3a89c151e078539f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/main.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 16313
Last-Modified: Tue, 20 Oct 2015 08:51:48 GMT
Content-Type: text/css
64.139.244.252/js/jquery.qrcode.min.js
64.139.244.252 14 kB URL 64.139.244.252/js/jquery.qrcode.min.js
IP 64.139.244.252:0
File type JavaScript source, ASCII text, with very long lines (544)
Hash 05f0b1d7d4b9b0b4975870606d650e3c
f424bd339870510d1160d1c5da5d698aedbb452e
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/jquery.qrcode.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 13995
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-common.css
64.139.244.252 5.4 kB URL 64.139.244.252/ligerUI/skins/Aqua/css/ligerui-common.css
IP 64.139.244.252:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (581), with CRLF line terminators
Hash 171c0be8907e5d3e2332fa2c8f8546b4
ef74619e5ca1d0e2233a501df354342fdf44ab1d
7dbcdcf21fac47de56f206c8f4af2ed67b47a8d34aa94796711f3f3ebf4dafb7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ligerUI/skins/Aqua/css/ligerui-common.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 5379
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-dialog.css
64.139.244.252 12 kB URL 64.139.244.252/ligerUI/skins/Aqua/css/ligerui-dialog.css
IP 64.139.244.252:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (305), with CRLF line terminators
Hash 684721a56d2ed66875c1bf509c9879c6
9b90f903ae0e44ff5a0d4217486be2928eed889b
38eaae1c9346bd246a9a4821b12b7d4261c7cc4db644839df5ecf793015404a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ligerUI/skins/Aqua/css/ligerui-dialog.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 12263
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css
64.139.244.252/js/language.js
64.139.244.252 130 kB URL 64.139.244.252/js/language.js
IP 64.139.244.252:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 130 kB (129484 bytes)
Hash aebf7d463cd197918aa52fbabc186a3d
4f810630bfa15819aeb3500fe77fd5618d812f09
50dcbd3b40a8169087d7c80de386b703e1d086ceda5992fcd7ce1f8f8852118f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/language.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 129484
Last-Modified: Tue, 15 Mar 2016 09:22:34 GMT
Content-Type: application/javascript
64.139.244.252/js/jquery-1.11.1.min.js
64.139.244.252200 OK 96 kB URL GET HTTP/1.1 64.139.244.252/js/jquery-1.11.1.min.js
IP 64.139.244.252:80
Requested by http://64.139.244.252/html/webplugin.html
File type JavaScript source, ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 95786
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/ligerUI/js/ligerui.min.js
64.139.244.252 136 kB URL 64.139.244.252/ligerUI/js/ligerui.min.js
IP 64.139.244.252:0
File type JavaScript source, ISO-8859 text, with very long lines (4671), with CRLF line terminators
Size 136 kB (135881 bytes)
Hash 6ff162554a4af4bdfc987ef94e118c5d
3e42873f2466a3359f1daf3adbcb50b2a84bf527
8e10fc96a223aed4ba0e6e51c50bb8a780208423f2fd7a2a3754662e0afeeb1d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ligerUI/js/ligerui.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 135881
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: application/javascript
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-grid.css
64.139.244.252 16 kB URL 64.139.244.252/ligerUI/skins/Aqua/css/ligerui-grid.css
IP 64.139.244.252:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 61c53696a660c837f2ff338e133cb438
be733f7d61cd4140a2701bc7ecc0ec8b342ef9fa
2f206b4e1bcb6ce75ba3fb539dc7cd113b0f90da37182f3395cfe61b17d36f3c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ligerUI/skins/Aqua/css/ligerui-grid.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=995
Content-Length: 15546
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css
64.139.244.252/images/head_bg.png
64.139.244.252 523 B URL 64.139.244.252/images/head_bg.png
IP 64.139.244.252:0
File type PNG image data, 19 x 40, 8-bit colormap, non-interlaced
Hash 4df95c97e94adc7b895cf103d46c18fd
1ceb0526082c423904da5817cc638db52dcd4248
d3a93ccad452bb6efe124d89b98e48c1b9909b2b05603ccdb187a8a0d7decbf3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/head_bg.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 523
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png
64.139.244.252/images/sound.png
64.139.244.252 1.3 kB URL 64.139.244.252/images/sound.png
IP 64.139.244.252:0
File type PNG image data, 64 x 32, 8-bit colormap, non-interlaced
Hash 7f7cdabf02238d95f9e32e06e1a64ed3
8eacb3f4e82d66e394e44eb2b31f2803f4a0590f
9f1dbf1cad9bac168ad6c38005490233e10df30ad155198811ddcdbd15f4b60f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/sound.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 1317
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png
64.139.244.252/images/zoom.png
64.139.244.252 2.2 kB URL 64.139.244.252/images/zoom.png
IP 64.139.244.252:0
File type PNG image data, 64 x 32, 8-bit/color RGBA, non-interlaced
Hash 66a23b9d809cb5c0ae2780bdf0c9c585
940e4ada6fdc801d95a22c6eb442b79cae9d6416
a2406b56a20de1f9978f7153e0646c68f417103427fd2dd2b02b814d5e52c6f1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/zoom.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 2174
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png
64.139.244.252/images/live_icons.png
64.139.244.252 7.4 kB URL 64.139.244.252/images/live_icons.png
IP 64.139.244.252:0
File type PNG image data, 128 x 256, 8-bit colormap, non-interlaced
Hash f6a1307a72c59fbb17a48a25e0b68be5
2403751f34eb07d5f0f425430824b4392606609e
a251b381f285c475d9ece2b6982fd480304d8a10412577d0b0c13e3b04bc513e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/live_icons.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 7443
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png
64.139.244.252/images/style.png
64.139.244.252 14 kB URL 64.139.244.252/images/style.png
IP 64.139.244.252:0
File type PNG image data, 100 x 375, 8-bit/color RGB, interlaced
Hash 0e23981b78b905f6856a51f879ce4fc5
9c8ad37a5acfa3ffa147d8da33019304be0bb397
f8fcd4edcd4c72d582c9876db6a30db2163ed7aea56e916d5b438edbc50c6b10
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/style.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 13572
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png
64.139.244.252/html/webplugin.html
64.139.244.252200 OK 2.4 kB URL User Request GET HTTP/1.1 64.139.244.252/html/webplugin.html
IP 64.139.244.252:80
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 71cba94de7050a3623e425abc3b976d6
c5111b4a571b4ed5ae6b0600c0d05137c5499ec4
1245f2b701d80fad35d82fd18ad7ea53f9195888935b46d98c8cebe5c5a44bfb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /html/webplugin.html HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://64.139.244.252/index.html?_1715119773534
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:49 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 2417
Last-Modified: Fri, 27 Nov 2015 06:41:06 GMT
Content-Type: text/html
64.139.244.252/js/jquery-1.11.1.min.js
64.139.244.252200 OK 96 kB URL GET HTTP/1.1 64.139.244.252/js/jquery-1.11.1.min.js
IP 64.139.244.252:80
Requested by http://64.139.244.252/html/webplugin.html
File type JavaScript source, ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/html/webplugin.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:49 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 95786
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript
64.139.244.252/favicon.ico
64.139.244.252404 Not Found 5.6 kB URL GET HTTP/1.1 64.139.244.252/favicon.ico
IP 64.139.244.252:80
Requested by http://64.139.244.252/html/webplugin.html
Hash 32be8125797d25e53e053cf53733f080
bd760cefe786eb88520c1cd24ec998b49e660dbc
0cf232001cea88ff609358394cbbcbc1c1ca57143ecd6f0b06a0086e1b42fc1a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/html/webplugin.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 16:28:49 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=ISO-8859-1