Report - k015.31cs.com/

Report Overview

Submitted URL
k015.31cs.com/
IP
140.210.22.122
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.
Submitted
2024-05-04 11:13:07
Access
public
Website Title
传世群英传之１２１弑神大极品
Final URL
k015.31cs.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
k015.31cs.com	unknown	unknown	No data	No data	7.4 kB	1.7 MB	140.210.22.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed
2024-05-04	medium	31cs.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	k015.31cs.com/	0 B	2023-03-07	2024-05-23
Pretty URL k015.31cs.com/ IP 140.210.22.122 ASN #137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-23 01:54:39 Times Seen37990324 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - ab3bb8f74b86a492b5e8043cd438537a	144 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 13:13:15 Last Seen2024-05-04 13:13:15 Times Seen1 Hash ab3bb8f74b86a492b5e8043cd438537a 85e4bb49efb32e881183012f7644c83fa16c40c7 07198dc7e1cea7b12aeaeff4492144937549c5f5abab1f3bfb88bbcc86fcfe05 Loading...

HTTP Transactions (22)

URL IP Response Size

k015.31cs.com/

140.210.22.122

200 OK

2.6 kB

URL User Request GET HTTP/1.1
k015.31cs.com/
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
2.6 kB (2621 bytes)
Hash
dd7db5d21279b62e19532475145a6af0
4da0be9b94956d5f012ba4999a9ca6b02922d31b
5f2d74dce3fb8b292339001d07c1ae0445eca45c3b3dc0caaf6f07f283138dc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 25 Jan 2024 12:39:52 GMT
Accept-Ranges: bytes
ETag: "0dc66978b4fda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 2621

k015.31cs.com/index.css

140.210.22.122

200 OK

645 B

URL GET HTTP/1.1
k015.31cs.com/index.css
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
ISO-8859 text, with CRLF line terminators
Size
645 B (645 bytes)
Hash
c7b48d829421a797cb6154f889380aa4
d8acadce3163ae9ddd1fd68c0bd533ad029d318b
3574b1f25b8b4abb1ea06391e006f8746c26681e09da80528175f6f0fd0fc0b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.css HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 13 Apr 2016 08:47:45 GMT
Accept-Ranges: bytes
ETag: "3e829266195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 645

k015.31cs.com/yxjs.jpg

140.210.22.122

200 OK

15 kB

URL GET HTTP/1.1
k015.31cs.com/yxjs.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2013:10:24 14:24:27], baseline, precision 8, 660x60, components 3
Size
15 kB (14702 bytes)
Hash
dfc0c91997e7e2deb9a47f7f6f418006
92e889c76809eb32e8c8c1d3876fed8567222f81
8030f842b10f36f7a8694a2699b9984537693ce2c93a49a274b268d29f1198c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /yxjs.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:43 GMT
Accept-Ranges: bytes
ETag: "a6dee1246195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 14702

k015.31cs.com/bg_05.jpg

140.210.22.122

200 OK

42 kB

URL GET HTTP/1.1
k015.31cs.com/bg_05.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2013:10:23 15:34:00], baseline, precision 8, 240x86, components 3
Size
42 kB (42244 bytes)
Hash
a3b4d06c2e5e16f899323e9bb7897052
bea9046895d104ae035e388ae54d70dc54e3e40e
42239a19659a57ac0f7522c632056aad47e36048d337432632f174c543980d6d

HTTP Headers

GET /bg_05.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:44 GMT
Accept-Ranges: bytes
ETag: "8886ac256195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 42244

k015.31cs.com/bg_06.jpg

140.210.22.122

200 OK

45 kB

URL GET HTTP/1.1
k015.31cs.com/bg_06.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=86, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=222], baseline, precision 8, 222x86, components 3
Size
45 kB (44889 bytes)
Hash
890de70ed90e286c505621d49e06333c
9b0537020cec3e93fb9e0734e02c5c3a7a7f4153
81d813114232f56aac6c35e954b91623e24481351fbfd1287d68b7d7207eaf9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_06.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:41 GMT
Accept-Ranges: bytes
ETag: "46d7d6236195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 44889

k015.31cs.com/bg_07.jpg

140.210.22.122

200 OK

45 kB

URL GET HTTP/1.1
k015.31cs.com/bg_07.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=86, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=239], baseline, precision 8, 239x86, components 3
Size
45 kB (44964 bytes)
Hash
578b6eb00ab64cd6c41811d9dca5769b
5cbe80ccf43c81ea94bcf880e1d5062dfe17b73d
32ba9ede313ecd10ef411a2d8d2fb69db15551b9f09fc90174527e1e0a1e15da

HTTP Headers

GET /bg_07.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:44 GMT
Accept-Ranges: bytes
ETag: "8efe83256195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:52 GMT
Content-Length: 44964

k015.31cs.com/bg_09.jpg

140.210.22.122

200 OK

49 kB

URL GET HTTP/1.1
k015.31cs.com/bg_09.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=156, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=215], baseline, precision 8, 215x156, components 3
Size
49 kB (49271 bytes)
Hash
96763f74a47043f8fc9bee63c00bac72
5204dd7ad96a188e1ca87985105189df7da0af7a
7ab3758b1b39ac849a4fecea952f5bf887e778f68838be679125f5d2096a0230

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_09.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:43 GMT
Accept-Ranges: bytes
ETag: "5cda3e256195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:52 GMT
Content-Length: 49271

k015.31cs.com/bg_08.jpg

140.210.22.122

200 OK

50 kB

URL GET HTTP/1.1
k015.31cs.com/bg_08.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2013:10:23 15:34:43], baseline, precision 8, 258x156, components 3
Size
50 kB (50492 bytes)
Hash
f82f8ac55732656ecf570a587337b655
42f4312c56565e3cfd31596e3e387b2972273aea
130d751a706d1466c69d2d85d1879cf7a34fab31b56c65a171c20ca2085662d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_08.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:44 GMT
Accept-Ranges: bytes
ETag: "a29d62256195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:52 GMT
Content-Length: 50492

k015.31cs.com/bg_011.jpg

140.210.22.122

200 OK

9.2 kB

URL GET HTTP/1.1
k015.31cs.com/bg_011.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2013:10:23 15:35:23], baseline, precision 8, 701x16, components 3
Size
9.2 kB (9203 bytes)
Hash
1328c85fb8de4db66fdacbb7ff331553
4382572f7f29759c5988066f1b635c145bc5ac1d
ce8050a00be8821ed89c09a33776ce4fe1d016b58ffc0ba411d0ad33fa1ce9fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_011.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:43 GMT
Accept-Ranges: bytes
ETag: "1c8ff2246195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 9203

k015.31cs.com/bg_010.jpg

140.210.22.122

200 OK

47 kB

URL GET HTTP/1.1
k015.31cs.com/bg_010.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=156, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=228], baseline, precision 8, 228x156, components 3
Size
47 kB (47438 bytes)
Hash
51f2014e6e1c2f24f59e10f8c588c642
6af311d2ecc5bff88625779f4fca08677a7ab749
ec6e4bcdd55b44493667c270bd117d12bffc7799ae51040b3167ff0121902c50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_010.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:43 GMT
Accept-Ranges: bytes
ETag: "542bf256195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:52 GMT
Content-Length: 47438

k015.31cs.com/bg_01.jpg

140.210.22.122

200 OK

188 kB

URL GET HTTP/1.1
k015.31cs.com/bg_01.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=www.meitu.com, datetime=2016:03:21 17:16:22], baseline, precision 8, 920x383, components 3
Size
188 kB (188329 bytes)
Hash
895c08ac79ec90988b9760f51d477e23
08ee2f0f15cf3d585f12623364583ac5c359d345
c3eb752f830d793367084fbc061048a8446e5da26dba497b7e10ffd08fb9d04f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_01.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2016 07:18:20 GMT
Accept-Ranges: bytes
ETag: "cfeb6950309dd11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 188329

k015.31cs.com/gif-0543.gif

140.210.22.122

200 OK

2.0 kB

URL GET HTTP/1.1
k015.31cs.com/gif-0543.gif
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
GIF image data, version 89a, 15 x 15
Size
2.0 kB (1990 bytes)
Hash
75bfaacf27bd9daed219d8c68c01ee49
81e7c5dcfdb6c14ae7deda5b10430fc935c415ea
1606c956013fb051e0f8ff8c4ffd8a8659975af9356a317c18255900fac23d14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gif-0543.gif HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 13 Apr 2016 08:47:43 GMT
Accept-Ranges: bytes
ETag: "227ca246195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 1990

k015.31cs.com/yxzb.jpg

140.210.22.122

200 OK

15 kB

URL GET HTTP/1.1
k015.31cs.com/yxzb.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2013:10:24 14:24:55], baseline, precision 8, 660x60, components 3
Size
15 kB (14710 bytes)
Hash
72452aae7a2bfeb67badcf9f626ad2d3
dd2d11f2847a47a091da99753cfd125842ce51bb
529d097a62723190b8c63d4c9533e60374c20468108fb57a51fe2374d1af65fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /yxzb.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:43 GMT
Accept-Ranges: bytes
ETag: "14e0c2246195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 14710

k015.31cs.com/bg.jpg

140.210.22.122

200 OK

322 kB

URL GET HTTP/1.1
k015.31cs.com/bg.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1499, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1499, components 3
Size
322 kB (321590 bytes)
Hash
963d4b0281be93232adea4dd2ebbb431
8df9647768d3e164fb2ea7ca816f191b58c1fcb8
cf43617c4b58ea7d69c10dfca5c96b18ae93997e6be41335ff322cb4fd94d16f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/index.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:45 GMT
Accept-Ranges: bytes
ETag: "32925a266195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 321590

k015.31cs.com/bg_012.jpg

140.210.22.122

200 OK

48 kB

URL GET HTTP/1.1
k015.31cs.com/bg_012.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2013:10:23 15:35:39], baseline, precision 8, 701x140, components 3
Size
48 kB (47784 bytes)
Hash
181e8a6c67bb3a2a77fe84e489dfe4bb
b53ec1ea1b13e10dec77ce598b79bca2e6e265cb
e0f252baa618129592dab330c901faf2548d62c97777af3113cdabe35ab18d49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg_012.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:41 GMT
Accept-Ranges: bytes
ETag: "4e866246195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 47784

k015.31cs.com/img.gif

140.210.22.122

200 OK

49 B

URL GET HTTP/1.1
k015.31cs.com/img.gif
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
GIF image data, version 89a, 1 x 1
Size
49 B (49 bytes)
Hash
ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img.gif HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 13 Apr 2016 08:47:41 GMT
Accept-Ranges: bytes
ETag: "2a89c8236195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 49

k015.31cs.com/agd.png

140.210.22.122

200 OK

179 kB

URL GET HTTP/1.1
k015.31cs.com/agd.png
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 473x574, components 3
Size
179 kB (179248 bytes)
Hash
aed7aaf6d25a1be37eb3c06ca372aa85
808d8fc95ce56b86456f682c3f1d67170dda1897
9db866e02b746a955aa73350f9ae11f1496d852a63fa6da0464c13e7af040cf0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /agd.png HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 13 Apr 2016 14:57:42 GMT
Accept-Ranges: bytes
ETag: "a2676d49495d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 179248

k015.31cs.com/03.jpg

140.210.22.122

200 OK

125 kB

URL GET HTTP/1.1
k015.31cs.com/03.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 705x516, components 3
Size
125 kB (124757 bytes)
Hash
fca1606206486f1eb9e0ca55f60c8ee0
04c258bbab609ba957d23d192b9e04f5bbca0f08
2446407c5b9f863f9d93dc3538a06927910303a4270ac8cb7e32adbc664cf426

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /03.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 08:47:42 GMT
Accept-Ranges: bytes
ETag: "a27031246195d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 124757

k015.31cs.com/01.jpg

140.210.22.122

200 OK

294 kB

URL GET HTTP/1.1
k015.31cs.com/01.jpg
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 668x580, components 3
Size
294 kB (293749 bytes)
Hash
a1e0d0dbeb11c57940b351b87d5ca5e8
09afdd75acf1ae2771e3c20b0641fd0d0c5776a6
6809ddc8879eccc11a56fccec1a6bf1f33d9f858add52ba50a8c002d3ea7baa7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /01.jpg HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 13 Apr 2016 14:58:47 GMT
Accept-Ranges: bytes
ETag: "b68a2fb9495d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 293749

k015.31cs.com/9cs1.png

140.210.22.122

200 OK

195 kB

URL GET HTTP/1.1
k015.31cs.com/9cs1.png
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
PNG image data, 296 x 430, 8-bit/color RGBA, non-interlaced
Size
195 kB (195262 bytes)
Hash
f481dbdb9d284987e0962e0bd5c69629
0dd51b68f1c1288b6d8a1bd014cf2090f28db76e
960211f49f008ab692519ad334d3088afff799ee3ad6dd4b0702d0d6a133fddd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9cs1.png HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 09 Nov 2022 08:08:01 GMT
Accept-Ranges: bytes
ETag: "b6562b6312f4d81:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:53 GMT
Content-Length: 195262

k015.31cs.com/img/favicon.ico

140.210.22.122

404 Not Found

1.2 kB

URL GET HTTP/1.1
k015.31cs.com/img/favicon.ico
IP
140.210.22.122:80
ASN
#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.

Requested by
http://k015.31cs.com/

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
1.2 kB (1163 bytes)
Hash
8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:55 GMT
Content-Length: 1163

k015.31cs.com/bg.mp3

0.0.0.0

0 B

URL GET
k015.31cs.com/bg.mp3
IP
0.0.0.0:0
ASN
#0

Requested by
http://k015.31cs.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg.mp3 HTTP/1.1
Host: k015.31cs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://k015.31cs.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: audio/mpeg
Last-Modified: Sat, 23 Apr 2016 07:25:27 GMT
Accept-Ranges: bytes
ETag: "3b8f14e319dd11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 04 May 2024 11:12:51 GMT
Content-Length: 4525662

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (22)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1