Report - 42.200.245.36/

Report Overview

Submitted URL
42.200.245.36/
IP
42.200.245.36
ASN
#4760 HKT Limited
Submitted
2024-05-10 22:47:13
Access
public
Website Title
CramSchool
Final URL
42.200.245.36/user/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
42.200.245.36	unknown	unknown	No data	No data	3.1 kB	1.3 MB	42.200.245.36
at.alicdn.com	11137	2008-06-25	2013-11-28	2024-05-09	349 B	4.2 kB	47.246.2.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed
2024-05-10	medium	42.200.245.36	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	42.200.245.36/runtime.14e5f5daa3423b15eefd.js	2.6 kB	2023-08-05	2024-05-11
Pretty URL 42.200.245.36/runtime.14e5f5daa3423b15eefd.js IP 42.200.245.36 ASN #4760 HKT Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 23:16:54 Last Seen2024-05-11 00:47:19 Times Seen6 Hash 8c909f88c8f63a6aedd34d79796a6046 633af14e9d6bfff72d5962b303279f37bb7214b6 41b5f89037daa7455502ceb15bc966e651dce8e8ad8c9c564ec0e13f0bf47853 Loading...

	42.200.245.36/polyfills.e3b20328d8f0d64ee980.js	42 kB	2023-08-05	2024-05-11
Pretty URL 42.200.245.36/polyfills.e3b20328d8f0d64ee980.js IP 42.200.245.36 ASN #4760 HKT Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 23:16:54 Last Seen2024-05-11 00:47:19 Times Seen6 Hash 52c237b0ecb280c99460ee83c2af1e30 a6a950f3f5066a86abec2056246e177e11f82309 bbd64b7cb5a463a404f130539a9690463c2b4740bea3eb36910bed8e155884b3 Loading...

	42.200.245.36/main.7ae23a2845ad8503b2da.js	908 kB	2023-08-05	2024-05-11
Pretty URL 42.200.245.36/main.7ae23a2845ad8503b2da.js IP 42.200.245.36 ASN #4760 HKT Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 23:16:54 Last Seen2024-05-11 00:47:19 Times Seen6 Hash 97240650d1d1b3e3ad3af02334d988ec 8496c1f8b06c81fac621f39da58094be21fe543b a4d6e2f940c11efb68afb145d6c5bda213ae0750ded94161f38e3c793fdd4256 Loading...

	42.200.245.36/16.36caf7da0d594e431c97.js	10 kB	2023-08-05	2024-05-11
Pretty URL 42.200.245.36/16.36caf7da0d594e431c97.js IP 42.200.245.36 ASN #4760 HKT Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 23:16:54 Last Seen2024-05-11 00:47:19 Times Seen6 Hash 5d68731a3b1c742a3b79b7c594402e55 af35fb9f4629abec1198ecfce33025f786777edc d481eb1c1c26e6d89502613878b48ec9ca2ec81ab136d549977177448683ccbc Loading...

HTTP Transactions (10)

URL IP Response Size

42.200.245.36/

42.200.245.36

768 B

URL User Request GET
42.200.245.36/
IP
42.200.245.36:0
ASN
#4760 HKT Limited

File type
HTML document, ASCII text, with very long lines (336)
Size
768 B (768 bytes)
Hash
9a02f10667c10d59fbaf95e07f206c58
596f8a82e675c584c3d8d575a1ec439d0d1b7b93
0a19fe55c89fae2dc4486e41a9cfb26c2f0ef9ea316fb6b0ad53e3c80ac6501f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:50 GMT
Content-Type: text/html
Content-Length: 768
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-300"
Accept-Ranges: bytes

42.200.245.36/

42.200.245.36

768 B

URL User Request GET
42.200.245.36/
IP
42.200.245.36:0
ASN
#4760 HKT Limited

File type
HTML document, ASCII text, with very long lines (336)
Size
768 B (768 bytes)
Hash
9a02f10667c10d59fbaf95e07f206c58
596f8a82e675c584c3d8d575a1ec439d0d1b7b93
0a19fe55c89fae2dc4486e41a9cfb26c2f0ef9ea316fb6b0ad53e3c80ac6501f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:51 GMT
Content-Type: text/html
Content-Length: 768
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-300"
Accept-Ranges: bytes

42.200.245.36/runtime.14e5f5daa3423b15eefd.js

42.200.245.36

200 OK

2.6 kB

URL GET HTTP/1.1
42.200.245.36/runtime.14e5f5daa3423b15eefd.js
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
JavaScript source, ASCII text, with very long lines (2608), with no line terminators
Size
2.6 kB (2608 bytes)
Hash
8c909f88c8f63a6aedd34d79796a6046
633af14e9d6bfff72d5962b303279f37bb7214b6
41b5f89037daa7455502ceb15bc966e651dce8e8ad8c9c564ec0e13f0bf47853

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /runtime.14e5f5daa3423b15eefd.js HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:51 GMT
Content-Type: application/javascript
Content-Length: 2608
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-a30"
Accept-Ranges: bytes

at.alicdn.com/t/font_1142972_eq4y9fqxzyv.css

47.246.2.254

200 OK

3.3 kB

URL GET HTTP/1.1
at.alicdn.com/t/font_1142972_eq4y9fqxzyv.css
IP
47.246.2.254:80
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://42.200.245.36/

File type
ASCII text, with very long lines (3545)
Size
3.3 kB (3264 bytes)
Hash
735d294c7dd1dbcfd065e60763ff7456
01463934d61fc319a3cc584d7abdf081e353bff7
45913e87dc8ec7663a8e8e344728673b4ecb860c45dac4c8b9ae396867e9cd9c

HTTP Headers

GET /t/font_1142972_eq4y9fqxzyv.css HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 10 May 2024 22:46:51 GMT
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
x-oss-request-id: 663EA3DB562427363263ECD1
ETag: W/"735D294C7DD1DBCFD065E60763FF7456"
Last-Modified: Thu, 23 Dec 2021 10:20:36 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6184946483210509933
x-oss-storage-class: Standard
Cache-Control: max-age=63072000
Content-MD5: c10pTH3R28/QZeYHY/90Vg==
x-oss-server-time: 5
Ali-Swift-Global-Savetime: 1715381211
Via: cache14.l2de2[395,395,200-0,M], cache23.l2de2[397,0], cache9.ru3[438,437,200-0,M], cache2.ru3[440,0]
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 10 May 2024 22:46:51 GMT
X-Swift-CacheTime: 63072000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff6029617153812115548920e
Content-Encoding: gzip

42.200.245.36/polyfills.e3b20328d8f0d64ee980.js

42.200.245.36

200 OK

42 kB

URL GET HTTP/1.1
42.200.245.36/polyfills.e3b20328d8f0d64ee980.js
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
JavaScript source, ASCII text, with very long lines (41994), with no line terminators
Size
42 kB (41994 bytes)
Hash
52c237b0ecb280c99460ee83c2af1e30
a6a950f3f5066a86abec2056246e177e11f82309
bbd64b7cb5a463a404f130539a9690463c2b4740bea3eb36910bed8e155884b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.e3b20328d8f0d64ee980.js HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:51 GMT
Content-Type: application/javascript
Content-Length: 41994
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-a40a"
Accept-Ranges: bytes

42.200.245.36/styles.afdc5821acf430b3b708.css

42.200.245.36

200 OK

301 kB

URL GET HTTP/1.1
42.200.245.36/styles.afdc5821acf430b3b708.css
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
301 kB (300954 bytes)
Hash
2099dd95f63649afc1bfa00b45058483
c48d2b48aa8ae7341090362bca0da8a1da074d6c
8f5e0c81b1050080955142647f5a6d4e3067f4bfc07539b05c804b79495fb3e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles.afdc5821acf430b3b708.css HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:51 GMT
Content-Type: text/css
Content-Length: 300954
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-4979a"
Accept-Ranges: bytes

42.200.245.36/main.7ae23a2845ad8503b2da.js

42.200.245.36

200 OK

908 kB

URL GET HTTP/1.1
42.200.245.36/main.7ae23a2845ad8503b2da.js
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
908 kB (907950 bytes)
Hash
97240650d1d1b3e3ad3af02334d988ec
8496c1f8b06c81fac621f39da58094be21fe543b
a4d6e2f940c11efb68afb145d6c5bda213ae0750ded94161f38e3c793fdd4256

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.7ae23a2845ad8503b2da.js HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:51 GMT
Content-Type: application/javascript
Content-Length: 907950
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-ddaae"
Accept-Ranges: bytes

42.200.245.36/16.36caf7da0d594e431c97.js

42.200.245.36

200 OK

10 kB

URL GET HTTP/1.1
42.200.245.36/16.36caf7da0d594e431c97.js
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
JavaScript source, ASCII text, with very long lines (10236), with no line terminators
Size
10 kB (10236 bytes)
Hash
5d68731a3b1c742a3b79b7c594402e55
af35fb9f4629abec1198ecfce33025f786777edc
d481eb1c1c26e6d89502613878b48ec9ca2ec81ab136d549977177448683ccbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /16.36caf7da0d594e431c97.js HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:53 GMT
Content-Type: application/javascript
Content-Length: 10236
Last-Modified: Fri, 04 Sep 2020 16:02:10 GMT
Connection: keep-alive
ETag: "5f526502-27fc"
Accept-Ranges: bytes

42.200.245.36/favicon.ico

42.200.245.36

200 OK

5.4 kB

URL GET HTTP/1.1
42.200.245.36/favicon.ico
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
b9aa7c338693424aae99599bec875b5f
84161b857f5c547e3699ddfbffc6d8d737542e01
b9ccbb7100e13ae95ac18a3a9ed00857f321b63b498f1fb7abab506fc1c40e99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:53 GMT
Content-Type: image/x-icon
Content-Length: 5430
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-1536"
Accept-Ranges: bytes

42.200.245.36/element-icons.2fad952a20fbbcfd1bf2.woff?t=1510834658947

42.200.245.36

200 OK

6.2 kB

URL GET HTTP/1.1
42.200.245.36/element-icons.2fad952a20fbbcfd1bf2.woff?t=1510834658947
IP
42.200.245.36:80
ASN
#4760 HKT Limited

Requested by
http://42.200.245.36/

File type
Web Open Font Format, TrueType, length 6164, version 1.0
Size
6.2 kB (6164 bytes)
Hash
2fad952a20fbbcfd1bf2ebb210dccf7a
211e5608fc0b777732a4d33efa3d3c3452f6c316
d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /element-icons.2fad952a20fbbcfd1bf2.woff?t=1510834658947 HTTP/1.1
Host: 42.200.245.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://42.200.245.36/styles.afdc5821acf430b3b708.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Fri, 10 May 2024 22:46:54 GMT
Content-Type: application/font-woff
Content-Length: 6164
Last-Modified: Fri, 04 Sep 2020 16:02:11 GMT
Connection: keep-alive
ETag: "5f526503-1814"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers