117.197.252.49302 Moved Temporarily 664 B URL User Request GET HTTP/1.0 IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Hash 5ec49dbe4d946b50f23b00d64f58b5e3
845cc8f4722f43d1482d37e3a901f00723c0542a
a2cca3648ff8430f9472499cf1d191dcd15fb7f996cd051b39be3a7cfd9c5c0d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Moved Temporarily
Date: Sat, 04 May 2024 10:24:10 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Location: /cgi-bin/index2.asp
117.197.252.49/JS/encryption.js
117.197.252.49200 OK 8.2 kB URL GET HTTP/1.0 117.197.252.49/JS/encryption.js
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Requested by http://117.197.252.49/cgi-bin/index2.asp
File type ASCII text, with CRLF line terminators
Hash abec0390f5530476ba63f00edca366a6
fe782b79ed6f295c107ceed27fcda0d7e9842255
bd51c6eb37f3720f7a561f76b237b186c274098829116ce300b0d8c40355c874
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /JS/encryption.js HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://117.197.252.49/cgi-bin/index2.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat, 04 May 2024 10:24:12 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 8239
Last-Modified: Mon, 11 Mar 2019 03:31:00 GMT
Content-Type: application/x-javascript
117.197.252.49/JS/util.js
117.197.252.49200 OK 56 kB URL GET HTTP/1.0 117.197.252.49/JS/util.js
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Requested by http://117.197.252.49/cgi-bin/index2.asp
File type ISO-8859 text, with very long lines (2319)
Hash cfafcd99e530a13e8426ae27775c43c4
eeb6a69ad6bf7c22afa001574e4f07a47dce1396
236e76e7efdf2fe152e0bdabd0745191d8fb8c13ef6c9f27d83c75a0c8632476
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /JS/util.js HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://117.197.252.49/cgi-bin/index2.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat, 04 May 2024 10:24:12 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 55918
Last-Modified: Mon, 11 Mar 2019 03:31:00 GMT
Content-Type: application/x-javascript
117.197.252.49/JS/jquery-1.8.3.min.js
117.197.252.49200 OK 94 kB URL GET HTTP/1.0 117.197.252.49/JS/jquery-1.8.3.min.js
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Requested by http://117.197.252.49/cgi-bin/index2.asp
File type JavaScript source, ASCII text, with very long lines (65483)
Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /JS/jquery-1.8.3.min.js HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://117.197.252.49/cgi-bin/index2.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat, 04 May 2024 10:24:12 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 93636
Last-Modified: Mon, 11 Mar 2019 03:31:00 GMT
Content-Type: application/x-javascript
117.197.252.49/JS/util.js
117.197.252.49200 OK 56 kB URL GET HTTP/1.0 117.197.252.49/JS/util.js
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Requested by http://117.197.252.49/cgi-bin/index2.asp
File type ISO-8859 text, with very long lines (2319)
Hash cfafcd99e530a13e8426ae27775c43c4
eeb6a69ad6bf7c22afa001574e4f07a47dce1396
236e76e7efdf2fe152e0bdabd0745191d8fb8c13ef6c9f27d83c75a0c8632476
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /JS/util.js HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://117.197.252.49/cgi-bin/index2.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat, 04 May 2024 10:24:14 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=10, max=99
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 55918
Last-Modified: Mon, 11 Mar 2019 03:31:00 GMT
Content-Type: application/x-javascript
117.197.252.49/img/xpon_logo.png
117.197.252.49200 OK 291 B URL GET HTTP/1.0 117.197.252.49/img/xpon_logo.png
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Requested by http://117.197.252.49/cgi-bin/index2.asp
File type PNG image data, 330 x 126, 8-bit/color RGBA, non-interlaced
Hash 4b0c4207a0641318538f5a813e2a24a8
15d7b766245574176f04097b991b7220c253442b
7a1ab74ca9278d1237102e68db4fb2c90891e5f6eb25c73de7ad41b5c3b9bf68
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/xpon_logo.png HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://117.197.252.49/cgi-bin/index2.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Date: Sat, 04 May 2024 10:24:14 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=10, max=98
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 291
Last-Modified: Mon, 11 Mar 2019 03:31:00 GMT
Content-Type: text/plain
117.197.252.49/favicon.ico
117.197.252.49404 Not Found 7.5 kB URL GET HTTP/1.0 117.197.252.49/favicon.ico
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Requested by http://117.197.252.49/cgi-bin/index2.asp
Hash 51fe692a5332d3aeca748f98155b8f94
51f045fac2e60131d90efc30a7777be664547799
8308b97ff0d9b3503fe77785528720b0535abdcaa237542cbd6d4e0cfd3969f6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://117.197.252.49/cgi-bin/index2.asp
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 404 Not Found
Date: Sat, 04 May 2024 10:24:14 GMT
Server: Boa/0.94.13
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: text/html; charset=ISO-8859-1
117.197.252.49/cgi-bin/index2.asp
0.0.0.0 0 B URL User Request GET 117.197.252.49/cgi-bin/index2.asp
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cgi-bin/index2.asp HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
117.197.252.49/cgi-bin/index2.asp
117.197.252.49200 OK 12 kB URL User Request GET HTTP/1.0 117.197.252.49/cgi-bin/index2.asp
IP 117.197.252.49:80
ASN #9829 National Internet Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cgi-bin/index2.asp HTTP/1.1
Host: 117.197.252.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
X-Frame-Options: SAMEORIGIN
Content-type: text/html;charset=GB2312