Report - 118.31.224.39:8006/login

Report Overview

Submitted URL
118.31.224.39:8006/login
IP
118.31.224.39
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2024-05-10 09:05:43
Access
public
Website Title
运力安全数字管控平台
Final URL
118.31.224.39:8006/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
118.31.224.39:8006	unknown	unknown	No data	No data	8.1 kB	3.1 MB	118.31.224.39
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-09	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed
2024-05-10	medium	118.31.224.39	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	118.31.224.39:8006/login	0 B	2023-03-07	2024-05-20
Pretty URL 118.31.224.39:8006/login IP 118.31.224.39 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 19:54:29 Times Seen37890140 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	118.31.224.39:8006/static/js/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL 118.31.224.39:8006/static/js/jquery-3.6.0.min.js IP 118.31.224.39 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:32 Last Seen2024-05-20 18:51:39 Times Seen5267 Hash 0732e3eabbf8aa7ce7f69eedbd07dfdd 4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b Loading...

	118.31.224.39:8006/login	0 B	2023-03-07	2024-05-20
Pretty URL 118.31.224.39:8006/login IP 118.31.224.39 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 19:54:29 Times Seen37890140 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	118.31.224.39:8006/static/js/login/util.js?v=20220905	1.2 kB	2023-11-14	2024-05-10
Pretty URL 118.31.224.39:8006/static/js/login/util.js?v=20220905 IP 118.31.224.39 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 12:07:31 Last Seen2024-05-10 11:05:51 Times Seen6 Hash 57ee3ed03cb3a2615039bc6392cfdf0d f5a1df8f4b8a8e7f342870dedb2e437000a32207 99743bdc667f9d8d643b15a390869cca8249972ca5c5b77094cc671c5cd13c61 Loading...

	118.31.224.39:8006/static/js/login/base64.js?v=20220905	4.4 kB	2023-11-14	2024-05-10
Pretty URL 118.31.224.39:8006/static/js/login/base64.js?v=20220905 IP 118.31.224.39 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 12:07:31 Last Seen2024-05-10 11:05:51 Times Seen6 Hash 4b1bdc2765892417ff5aad008af164b5 3308489cc8d388a9f822f7319accac4684a2d4fd 96cc8bfc5215781fe0d33fb3b8fb72410538d5da587da036e4d8dffb6934fbb3 Loading...

HTTP Transactions (22)

URL IP Response Size

118.31.224.39:8006/login

118.31.224.39

200

2.7 kB

URL User Request GET HTTP/1.1
118.31.224.39:8006/login
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.7 kB (2698 bytes)
Hash
54b3235889aa0f22b51d0076c0ac6845
6e43060851b06ffb2ad2c4f6cd17ade2d2f2af11
73c36a7afdf70535a49631b7c7b8fac75b3c6c8b7314af1893aff3396cd56b88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Type-Options: default-src 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
vary: accept-encoding
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Fri, 10 May 2024 09:05:15 GMT

118.31.224.39:8006/static/css/login/happiness/login.css?v=20220905

118.31.224.39

200

6.1 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/css/login/happiness/login.css?v=20220905
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
ASCII text, with CRLF line terminators
Size
6.1 kB (6142 bytes)
Hash
2e58dffc7f5893f118ab1eae8bb67402
19ff41d2e121dee6361635831dd57a53fc4808b8
db113073030332c72c3ed4ecb0850e9fa4b8074bd91255cf32b1cecd124964bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/login/happiness/login.css?v=20220905 HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Type-Options: default-src 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 6142
Date: Fri, 10 May 2024 09:05:15 GMT

118.31.224.39:8006/static/js/login/util.js?v=20220905

118.31.224.39

200

1.2 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/js/login/util.js?v=20220905
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.2 kB (1180 bytes)
Hash
57ee3ed03cb3a2615039bc6392cfdf0d
f5a1df8f4b8a8e7f342870dedb2e437000a32207
99743bdc667f9d8d643b15a390869cca8249972ca5c5b77094cc671c5cd13c61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/login/util.js?v=20220905 HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Type-Options: default-src 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1180
Date: Fri, 10 May 2024 09:05:15 GMT

118.31.224.39:8006/static/js/login/base64.js?v=20220905

118.31.224.39

200

4.4 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/js/login/base64.js?v=20220905
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
4.4 kB (4361 bytes)
Hash
4b1bdc2765892417ff5aad008af164b5
3308489cc8d388a9f822f7319accac4684a2d4fd
96cc8bfc5215781fe0d33fb3b8fb72410538d5da587da036e4d8dffb6934fbb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/login/base64.js?v=20220905 HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Type-Options: default-src 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 4361
Date: Fri, 10 May 2024 09:05:15 GMT

118.31.224.39:8006/static/js/jquery-3.6.0.min.js

118.31.224.39

200

90 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/js/jquery-3.6.0.min.js
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators
Size
90 kB (89503 bytes)
Hash
0732e3eabbf8aa7ce7f69eedbd07dfdd
4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/jquery-3.6.0.min.js HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 89503
Date: Fri, 10 May 2024 09:05:15 GMT

118.31.224.39:8006/static/image/theme/happiness/camera_safety_monitor.png

118.31.224.39

200

8.2 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/camera_safety_monitor.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 111 x 111, 8-bit/color RGBA, non-interlaced
Size
8.2 kB (8221 bytes)
Hash
c4dd4a4e80d7f8ee316c233b71f5d668
460079295b9b11673c66028ec594135214684959
4a691e6b3506ac65292673a0b1f47370e26d79cb5f04be046f0c2a9ef8ec13a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/camera_safety_monitor.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 8221
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/logo.png

118.31.224.39

200

3.7 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/logo.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 80 x 68, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3685 bytes)
Hash
915876b6dc256e8c3842c2e3839223d0
1b166d239d7932abe432c0199b30f62aa0f270d5
3afc3e9837f5f2ac26dd90a162b5776a5f66a69a4d3a951e1b8848f2c7441f71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/logo.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3685
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/city_key_area.png

118.31.224.39

200

13 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/city_key_area.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 131 x 131, 8-bit/color RGBA, non-interlaced
Size
13 kB (13352 bytes)
Hash
4918321ed7e3cb58f6f6c0436d0a87d7
8f4315586bc70b4a561ef3a224752fa4fa96e14d
7ede8f79fd76ab72b6ea66e5709cd09aa7f6073859258e79d8a4f37b68626c03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/city_key_area.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 13352
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/car_position_monitor.png

118.31.224.39

200

9.6 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/car_position_monitor.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 111 x 111, 8-bit/color RGBA, non-interlaced
Size
9.6 kB (9647 bytes)
Hash
9c192e0afdbe6b71cf98bd61bc718c5b
47c74076a772b03ac522772830171b256192dd8e
df3e65e8a63fd22e8fe013a8471d23aeaeb580d862dce307b467a12643514e15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/car_position_monitor.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9647
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/password.png

118.31.224.39

200

542 B

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/password.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced
Size
542 B (542 bytes)
Hash
8e88c3fc5158e395c2b717fd324051c8
f89c759e82bd452ca7174f1f36966cf4da80d82a
cb394823914c510ad87a2768fecdfdd9b450504214e331487f084843bec16aa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/password.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 542
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/username.png

118.31.224.39

200

719 B

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/username.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 21 x 24, 8-bit/color RGBA, non-interlaced
Size
719 B (719 bytes)
Hash
2614823f88240e91a7776e1762205d29
ef73baff57ec25cc9f47b6ce9718e9c2e576b71d
69898d7a80ccffb2a931c496df77545aef10d6c0a319f0fb223cc3a82b5cbfe9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/username.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 719
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/area_safety_index.png

118.31.224.39

200

17 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/area_safety_index.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 171 x 171, 8-bit/color RGBA, non-interlaced
Size
17 kB (17176 bytes)
Hash
147ee937a2a5ad2736ce74f36ff671b9
9078556c1fb488fffdf16b3c10f531a6ec12abab
516758eebc70954e24868e7861b638d59e9159473b61b345f0f514abe6ca33e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/area_safety_index.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 17176
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/city_alarm_top.png

118.31.224.39

200

14 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/city_alarm_top.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 152 x 151, 8-bit/color RGBA, non-interlaced
Size
14 kB (14291 bytes)
Hash
c227c0c0831ddc3aa643361c086b22f9
d66182a96b4e378fd7714ed82e931c64c88de987
589381af8dd2730344db482f114e9ac82cc9ea276dfc72e1daf9faa0ecdde8a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/city_alarm_top.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 14291
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/fatigue_driving.png

118.31.224.39

200

9.0 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/fatigue_driving.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 111 x 111, 8-bit/color RGBA, non-interlaced
Size
9.0 kB (9022 bytes)
Hash
5d045e4d01898ee8f9641400c926f948
1841f951ce75137077417259dd757cb76e5f6dc2
95bc18b6063c79335f50f794213f845d838a1db5b0a1456c93bd645c0e3b32b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/fatigue_driving.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9022
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/forward_distance.png

118.31.224.39

200

8.1 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/forward_distance.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 111 x 111, 8-bit/color RGBA, non-interlaced
Size
8.1 kB (8107 bytes)
Hash
af9cb57ac165c8ecf2e2a9d4f023af39
8a0ccbd9efc0eb55a9d434d9c38cb2dd7af64209
5bc4dcc32d25a31a6fc014c1d6032786d31c25639eac09f380b3a738980ede1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/forward_distance.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 8107
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/validateCode

118.31.224.39

200

830 B

URL GET HTTP/1.1
118.31.224.39:8006/validateCode
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 120 x 40, 8-bit/color RGB, non-interlaced
Size
830 B (830 bytes)
Hash
2874674d9484020efe8a1a70412b3f7e
4da97fa7d2d57525768fdc7d4c84bc9315455096
59bc1ec47c1a1079082cc05cb4bfcb96a08b6b3dfda0ff6be7f6a4800b0ee741

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /validateCode HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: tsmsweb=29482d21-9b9e-4192-90a8-9f94695591c1; Path=/; HttpOnly; SameSite=lax
Content-Type: image/jpeg
Transfer-Encoding: chunked
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/verifycode.png

118.31.224.39

200

1.5 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/verifycode.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1533 bytes)
Hash
7f216cd2afcec7167aab6f5c1e25f6d7
d429d0ac5f1445aaa7f99c9e79e3a0ee7e27ac97
24ed3616e010499d8088c65a8ffad4db81d7a4730ec4bb4d50dbcf3827f0f40d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/verifycode.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1533
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/login_input_bg.png

118.31.224.39

200

52 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/login_input_bg.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 695 x 661, 8-bit/color RGBA, non-interlaced
Size
52 kB (51750 bytes)
Hash
334e8162de0c67c433ba930f96ba41bc
bf5c9ee8e182075fa47c90436b60ce030a9b400b
9ab1737445e23a495aeaff3e10f52ff306732b1f75d2c7da92f4b2c08e4f540a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/login_input_bg.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/static/css/login/happiness/login.css?v=20220905
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Type-Options: default-src 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 51750
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/vzlogo/favicon.png

118.31.224.39

200

1.3 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/vzlogo/favicon.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1331 bytes)
Hash
d57e2e7c654cab420be046bd5c67d166
1915c1b9264ce646af7afc099af837aad93069d9
a7b8eea8b6c8e11cab2ff73e5e24f7e4659068a42aeaab0d7d3b9902b7da1433

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/vzlogo/favicon.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/login
Cookie: tsmsweb=29482d21-9b9e-4192-90a8-9f94695591c1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1331
Date: Fri, 10 May 2024 09:05:18 GMT

118.31.224.39:8006/static/image/theme/happiness/map.png

118.31.224.39

200

910 kB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/map.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 1240 x 1080, 8-bit/color RGBA, non-interlaced
Size
910 kB (910097 bytes)
Hash
ea61c3b09be110e986607f2753268ce3
83455ca44f2e2375f0e6e43d7e58878911414a0d
02d06432ca65083d2410e34ec543b8a768e8582462d43a402285219ef1d78539

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/map.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/static/css/login/happiness/login.css?v=20220905
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 910097
Date: Fri, 10 May 2024 09:05:17 GMT

118.31.224.39:8006/static/image/theme/happiness/bg.png

118.31.224.39

200

1.9 MB

URL GET HTTP/1.1
118.31.224.39:8006/static/image/theme/happiness/bg.png
IP
118.31.224.39:8006
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://118.31.224.39:8006/login

File type
PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced
Size
1.9 MB (1907515 bytes)
Hash
fbb1754f435fb064b768b5bb350f045f
bceb1e848d9133bd4dace9958b1ab2632b4b416f
adfd0db96a6292008e471a0b24d628ad9a4e8ff23c2d365edf427667b483e12d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/theme/happiness/bg.png HTTP/1.1
Host: 118.31.224.39:8006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://118.31.224.39:8006/static/css/login/happiness/login.css?v=20220905
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Mon, 19 Sep 2022 03:30:33 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1907515
Date: Fri, 10 May 2024 09:05:17 GMT

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=i0ZjvELnYB43Pv6DIeKfUS4E9QZQBVnY07PI2rt2yXsZYowTTHUc6RdAuPlcZJdLZ_VBwKYZlZWG3nzDLR-s4OdIfKaD8vjSUevn9pf55VZDNOIw5bgGyaV-OH9C-EZ0
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 10 May 2024 09:03:51 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 103
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1