Report - 112.74.185.5/

Report Overview

Submitted URL
112.74.185.5/
IP
112.74.185.5
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2024-05-07 05:52:45
Access
public
Website Title
HFS /
Final URL
112.74.185.5/
Tags
opendir
urlquery detections
Audit - Open directory

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
112.74.185.5	unknown	unknown	No data	No data	2.1 kB	5.0 kB	112.74.185.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	112.74.185.5	Sinkholed
2024-05-07	medium	112.74.185.5	Sinkholed
2024-05-07	medium	112.74.185.5	Sinkholed
2024-05-07	medium	112.74.185.5	Sinkholed
2024-05-07	medium	112.74.185.5	Sinkholed
2024-05-07	medium	112.74.185.5	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

URL IP Response Size

112.74.185.5/

112.74.185.5

200 È·¶¨

1.1 kB

URL User Request GET HTTP/1.1
112.74.185.5/
IP
112.74.185.5:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document, ISO-8859 text, with CRLF, LF line terminators
Size
1.1 kB (1112 bytes)
Hash
540881fe35fe0382276468398ae051ea
f7456ac5bb46c18a3caf5b0d1bf4c5596658199a
f6183b884139a2e6a20a3f67495be4bd5c55b073d66f3bfc5fc0de91640942c3

Detections

Analyzer	Verdict	Alert
urlquery	none	Audit - Open directory
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 112.74.185.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 ȷ��
Content-Type: text/html
Content-Range: bytes 0-1111/1112
Content-Length: 1112
Server: HFS 2.0
Accept-Ranges: bytes
Content-Encoding: gzip

112.74.185.5/

112.74.185.5

200 È·¶¨

1.1 kB

URL User Request GET HTTP/1.1
112.74.185.5/
IP
112.74.185.5:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document, ISO-8859 text, with CRLF, LF line terminators
Size
1.1 kB (1112 bytes)
Hash
7d7e405fb14eedc3974ad7f867ff6dfc
62ab8a425b9d9dfd5f42df31050a12a08cce89cb
e2817e39217ad855ef4c303ffb30b8bd6ba0c8836e8e7a3be114945a579519cb

Detections

Analyzer	Verdict	Alert
urlquery	none	Audit - Open directory
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 112.74.185.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 ȷ��
Content-Type: text/html
Content-Range: bytes 0-1111/1112
Content-Length: 1112
Server: HFS 2.0
Accept-Ranges: bytes
Content-Encoding: gzip

112.74.185.5/~img27

112.74.185.5

200 È·¶¨

583 B

URL GET HTTP/1.1
112.74.185.5/~img27
IP
112.74.185.5:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.185.5/

File type
GIF image data, version 89a, 16 x 16
Size
583 B (583 bytes)
Hash
c751bdbb470eb596811124ac593c490b
4fe0a3e28830b4718794beab8d82e83d95cba4a8
ae02784597d42134274322f3045478c4e6742cd85566c765357312a413a94f81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~img27 HTTP/1.1
Host: 112.74.185.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.185.5/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 ȷ��
Content-Type: image/gif
Content-Range: bytes 0-582/583
Content-Length: 583
Server: HFS 2.0
Accept-Ranges: bytes

112.74.185.5/~img36

112.74.185.5

200 È·¶¨

536 B

URL GET HTTP/1.1
112.74.185.5/~img36
IP
112.74.185.5:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.185.5/

File type
GIF image data, version 87a, 16 x 16
Size
536 B (536 bytes)
Hash
3339196b55bcd55eb9ede17f6121fc5d
f393dc5a5cf0bcac2ad5ebead3bdc1323eda0e5e
883c9cd46938400f4fb020a4037832d37fde79b3222b6531c2dec47ca0f25207

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~img36 HTTP/1.1
Host: 112.74.185.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.185.5/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 ȷ��
Content-Type: image/gif
Content-Range: bytes 0-535/536
Content-Length: 536
Server: HFS 2.0
Accept-Ranges: bytes

112.74.185.5/~img37

112.74.185.5

200 È·¶¨

222 B

URL GET HTTP/1.1
112.74.185.5/~img37
IP
112.74.185.5:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.185.5/

File type
GIF image data, version 87a, 16 x 16
Size
222 B (222 bytes)
Hash
c0d98254b0bbec71e0a85ef38eda5f65
2222e02a8256701840d55973bc4b10234cfbb913
0532159b1bec7f21a84b6d228ad29cf83f1025f6a6ddcc6c2011cca73ea37e81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~img37 HTTP/1.1
Host: 112.74.185.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.185.5/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 ȷ��
Content-Type: image/gif
Content-Range: bytes 0-221/222
Content-Length: 222
Server: HFS 2.0
Accept-Ranges: bytes

112.74.185.5/favicon.ico

112.74.185.5

200 È·¶¨

576 B

URL GET HTTP/1.1
112.74.185.5/favicon.ico
IP
112.74.185.5:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.185.5/

File type
GIF image data, version 89a, 16 x 16
Size
576 B (576 bytes)
Hash
759792edd4ef8e6bc2d1877d27153cb1
f15874992d084f6fddc40a93eba12bef1e995447
10dc6e7a6b5a0b86167994767dd0bc652eb04aba06c18d1410d0761da470b00a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 112.74.185.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.185.5/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 ȷ��
Content-Type: image/gif
Content-Range: bytes 0-575/576
Content-Length: 576
Server: HFS 2.0
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (6)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers