Report - 47.105.149.172/

Report Overview

Submitted URL
47.105.149.172/
IP
47.105.149.172
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2024-04-18 07:29:39
Access
public
Website Title
NetShop系统
Final URL
47.105.149.172/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
47.105.149.172	unknown	unknown	No data	No data	4.2 kB	233 kB	47.105.149.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed
2024-04-18	medium	47.105.149.172	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	47.105.149.172/js/jquery-1.8.0.min.js	93 kB	2023-03-07	2024-04-21
Pretty URL 47.105.149.172/js/jquery-1.8.0.min.js IP 47.105.149.172 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:25 Last Seen2024-04-21 09:49:48 Times Seen436 Hash cd8b0bffc85bb5614385ee4ce3596d07 359c6c1ed98081b9a69eb3513b9deced59c957f9 d73e2e1bff9c55b85284ff287cb20dc29ad9165ec09091a0597b61199f330805 Loading...

	47.105.149.172/js/common/common.js	7.6 kB	2024-04-18	2024-04-18
Pretty URL 47.105.149.172/js/common/common.js IP 47.105.149.172 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 09:29:45 Last Seen2024-04-18 09:29:45 Times Seen2 Hash 83288216d0a183a261e72f280a1c958c da591149322b9c1d2b40152fd2ce97805274dd50 be0bfde49cf93acdfb49bb83bae6552bbadf95ff8cc04e66cb11680a88871dda Loading...

	47.105.149.172/	0 B	2023-03-07	2024-05-01
Pretty URL 47.105.149.172/ IP 47.105.149.172 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 02:46:16 Times Seen37235023 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (11)

URL IP Response Size

47.105.149.172/

47.105.149.172

7.5 kB

URL User Request GET
47.105.149.172/
IP
47.105.149.172:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.5 kB (7497 bytes)
Hash
ae584dd5872ebb151135ba136862a0e3
a53c8c20a205d7b9b88fd20c4f7e678ca5245590
0f7fbd571f94fd14bc6b95eb97ebce89490b802f734bb6714720e00a618d5e28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=7269C5CA146BD3149F9731B6094337B8; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Content-Length: 7497
Date: Thu, 18 Apr 2024 07:29:17 GMT

47.105.149.172/

47.105.149.172

7.5 kB

URL User Request GET
47.105.149.172/
IP
47.105.149.172:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.5 kB (7497 bytes)
Hash
ae584dd5872ebb151135ba136862a0e3
a53c8c20a205d7b9b88fd20c4f7e678ca5245590
0f7fbd571f94fd14bc6b95eb97ebce89490b802f734bb6714720e00a618d5e28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Content-Length: 7497
Date: Thu, 18 Apr 2024 07:29:18 GMT

47.105.149.172/css/css.css

47.105.149.172

200 OK

14 kB

URL GET HTTP/1.1
47.105.149.172/css/css.css
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
14 kB (13666 bytes)
Hash
06097c202f626d40c3742d189e840a83
c6f1415d3a8d12474daaef7a2042a55ef871ce45
0606f2279a3e4acb24b40f6bd47074bbf67f23fe3bdc0fb279b5adc9846f8e05

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/css.css HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"13666-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 13666
Date: Thu, 18 Apr 2024 07:29:18 GMT

47.105.149.172/js/common/common.js

47.105.149.172

200 OK

7.6 kB

URL GET HTTP/1.1
47.105.149.172/js/common/common.js
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.6 kB (7556 bytes)
Hash
83288216d0a183a261e72f280a1c958c
da591149322b9c1d2b40152fd2ce97805274dd50
be0bfde49cf93acdfb49bb83bae6552bbadf95ff8cc04e66cb11680a88871dda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/common/common.js HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"7556-1609987774000"
Last-Modified: Thu, 07 Jan 2021 02:49:34 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 7556
Date: Thu, 18 Apr 2024 07:29:18 GMT

47.105.149.172/js/jquery-1.8.0.min.js

47.105.149.172

200 OK

93 kB

URL GET HTTP/1.1
47.105.149.172/js/jquery-1.8.0.min.js
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65480), with CRLF line terminators
Size
93 kB (92556 bytes)
Hash
cd8b0bffc85bb5614385ee4ce3596d07
359c6c1ed98081b9a69eb3513b9deced59c957f9
d73e2e1bff9c55b85284ff287cb20dc29ad9165ec09091a0597b61199f330805

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-1.8.0.min.js HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"92556-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 92556
Date: Thu, 18 Apr 2024 07:29:18 GMT

47.105.149.172/images/login_tip.jpg

47.105.149.172

200 OK

1.7 kB

URL GET HTTP/1.1
47.105.149.172/images/login_tip.jpg
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 108x29, components 3
Size
1.7 kB (1680 bytes)
Hash
3ec81905f9b0fc8020ae6080af3bbd25
53cdb470640d6a1afca02901df8220c76e4fa455
77a6fd3e02005863511b4259e4cca2edcfd5f39e219dc71f7e65540728d24ddd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_tip.jpg HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1680-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 1680
Date: Thu, 18 Apr 2024 07:29:19 GMT

47.105.149.172/images/bg_login.jpg

47.105.149.172

200 OK

29 kB

URL GET HTTP/1.1
47.105.149.172/images/bg_login.jpg
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1003x600, components 3
Size
29 kB (28695 bytes)
Hash
d60e35407c3e1e8c246fa1ed01c1b98e
996c10bcf82b1b6d88f71b348f296166b9ed5ce6
975d5f54e17cd9e62aebc4496dd3e4a7787587faf4ccbcb3aa1ded303cc4eb31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg_login.jpg HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/css/css.css
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"28695-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 28695
Date: Thu, 18 Apr 2024 07:29:19 GMT

47.105.149.172/images/btn_login.jpg

47.105.149.172

200 OK

1.2 kB

URL GET HTTP/1.1
47.105.149.172/images/btn_login.jpg
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 81x30, components 3
Size
1.2 kB (1152 bytes)
Hash
c8402b9500889e7c53e6813c2b7b11bf
9df52bb6c2cc8a52812f76b0918d5c47b03d7871
802d1b19c8ba6dbea1de69f946131ed14281154ab44725f5bc17d84639e90be3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/btn_login.jpg HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/css/css.css
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1152-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 1152
Date: Thu, 18 Apr 2024 07:29:19 GMT

47.105.149.172/images/bg_logininout.jpg

47.105.149.172

200 OK

822 B

URL GET HTTP/1.1
47.105.149.172/images/bg_logininout.jpg
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 140x23, components 3
Size
822 B (822 bytes)
Hash
10e287f6827da6ceb5d42250428294d3
4efc8e6a23dae4d6fb974bf3a8fd1128d2ec7ee1
caa3ca6ed8fdb893f2a70f65c39591bf2f3e982c6134e351a13a10086d36eefd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg_logininout.jpg HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/css/css.css
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"822-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 822
Date: Thu, 18 Apr 2024 07:29:19 GMT

47.105.149.172/images/bg_loginmain.jpg

47.105.149.172

200 OK

18 kB

URL GET HTTP/1.1
47.105.149.172/images/bg_loginmain.jpg
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2009:10:23 16:08:04], baseline, precision 8, 459x263, components 3
Size
18 kB (17600 bytes)
Hash
4f2962e2918be32c51596933f2f6f289
4e580efce1bb48b1277c15da57398b804fe2b74d
e21901ef2c988e061b12eb13036b7571a75f5b191850cddb02dcaaec2f1f1062

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg_loginmain.jpg HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/css/css.css
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"17600-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 17600
Date: Thu, 18 Apr 2024 07:29:19 GMT

47.105.149.172/images/favicon.ico

47.105.149.172

200 OK

51 kB

URL GET HTTP/1.1
47.105.149.172/images/favicon.ico
IP
47.105.149.172:80
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://47.105.149.172/

File type
MS Windows icon resource - 1 icon, -128x-128
Size
51 kB (51262 bytes)
Hash
c68b15c45cf80115a943772f7d0028a6
a111ca77854e4aa6d6036cdaa80256578eaf0cac
e9ddf1143d3c9064189a8f8eb41cdd976acfb642977ca8da86fede46bb250c4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: 47.105.149.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.105.149.172/
Cookie: JSESSIONID=8262209AF7055F44F0C68FE1DF65B365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"51262-1540442692000"
Last-Modified: Thu, 25 Oct 2018 04:44:52 GMT
Content-Type: image/x-icon;charset=UTF-8
Content-Length: 51262
Date: Thu, 18 Apr 2024 07:29:20 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash