Report - 220.249.113.228:8080/login

Report Overview

Submitted URL
220.249.113.228:8080/login
IP
220.249.113.228
ASN
#4837 CHINA UNICOM China169 Backbone
Submitted
2024-05-09 12:00:56
Access
public
Website Title
科研项目管理系统
Final URL
220.249.113.228:8080/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
220.249.113.228:8080	unknown	unknown	No data	No data	8.5 kB	1.0 MB	220.249.113.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed
2024-05-09	medium	220.249.113.228	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	220.249.113.228:8080/js/plugins/validate/jquery.validate.min.js	22 kB	2023-06-18	2024-05-16
Pretty URL 220.249.113.228:8080/js/plugins/validate/jquery.validate.min.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-18 13:08:12 Last Seen2024-05-16 11:47:58 Times Seen27 Hash a120034d8891b22e63b069461ce1d8ff 7e7acd633772a3a1a7ac3688076afd76435b3721 b416ef24348adfe16f060bd650ef04cbe7dfbfa397f2aa3fc487fc8774f1a949 Loading...

	220.249.113.228:8080/plugins/layui/layui.all.js	297 kB	2023-11-10	2024-05-09
Pretty URL 220.249.113.228:8080/plugins/layui/layui.all.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 11:16:38 Last Seen2024-05-09 14:01:03 Times Seen6 Hash d45e5cbbb5a3c5589cf7fe692562a924 a3a660a953ed75be82e6903c557a8c18585b7272 c79526afdde5d83eac9b317a506c82c0e97ababddc0ca768f37d635b2f30e2dd Loading...

	220.249.113.228:8080/js/ajax-util.js	2.2 kB	2023-11-10	2024-05-09
Pretty URL 220.249.113.228:8080/js/ajax-util.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 11:16:38 Last Seen2024-05-09 14:01:03 Times Seen6 Hash 897d2c7a28fda96919facf1f69b899cd 70a5f40385bd80b43c58b1b6ca7cdfde8b198f9f 2f414769801f9072c65f9b09c4c26a835e1188246a01d12a3eda7c82c99c34e7 Loading...

	220.249.113.228:8080/js/common.js	15 kB	2023-12-27	2024-05-09
Pretty URL 220.249.113.228:8080/js/common.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-27 12:35:11 Last Seen2024-05-09 14:01:03 Times Seen2 Hash 8fe76293ac7e54a2bc88af69ca307181 732d64146e42a76bcca753c5f5538659653e1c3d 2c73fc2ef7064137ca06f6e32ad9609ebcbc635f76b7e8712da339fcd9215a38 Loading...

	220.249.113.228:8080/js/appjs/login.js	2.1 kB	2023-12-27	2024-05-09
Pretty URL 220.249.113.228:8080/js/appjs/login.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-27 12:35:11 Last Seen2024-05-09 14:01:03 Times Seen4 Hash c149981db2a5ff7b881e17af88077b04 158c48ea6eeb8343b548560f8e1880b19dcf4af6 5b04e384772353ef5e268e1318e3bc845c75e46e1836b813bf9a39cb02289574 Loading...

	220.249.113.228:8080/login	48 B	2023-06-01	2024-05-20
Pretty URL 220.249.113.228:8080/login IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 00:10:52 Last Seen2024-05-20 00:16:10 Times Seen156 Hash fb5a8c94e360a6a4b6d2cc8755007bba da4356bfe27a14d941383bfba020db240c3bd94f 3aeecc9fb20b249d22a7eebc7d89fbd13783ee0dcad3dd59311e5b17321671d4 Loading...

	220.249.113.228:8080/js/JQ.daohee.js	84 kB	2023-12-27	2024-05-09
Pretty URL 220.249.113.228:8080/js/JQ.daohee.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-27 12:35:11 Last Seen2024-05-09 14:01:03 Times Seen4 Hash a0c843696a380cfb110c4c3cb799b93e b4d08e6b6e2c0903dee2d056620d023fb92fb3e8 d24616775cc79c8002039757feffad09bcdc08bdbe753f52a62c06be8b0053c4 Loading...

	220.249.113.228:8080/js/plugins/validate/messages_zh.min.js	1.4 kB	2023-03-11	2024-05-16
Pretty URL 220.249.113.228:8080/js/plugins/validate/messages_zh.min.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:54 Last Seen2024-05-16 11:47:59 Times Seen59 Hash bcff7273495787e551175e6bf433cfdf c4d6b205618d2084b69762942e613ab15fa684f7 11292f602804aaeb2a0a73d6243174c5d5e29515ca1864772a9c5354c87de14c Loading...

	220.249.113.228:8080/js/base64.js	4.1 kB	2023-12-27	2024-05-09
Pretty URL 220.249.113.228:8080/js/base64.js IP 220.249.113.228 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-27 12:35:11 Last Seen2024-05-09 14:01:03 Times Seen4 Hash 2d1062d995e3af6878206d5f55cf652c cb6b891573d1c0712675033a77f17d7ee1023e2b 34b426edfae7a5d82264c6fb57d506be8982e1d937f7739a1e6bbbf5e03c69df Loading...

HTTP Transactions (23)

URL IP Response Size

220.249.113.228:8080/login

220.249.113.228

1.4 kB

URL
220.249.113.228:8080/login
IP
220.249.113.228:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.4 kB (1398 bytes)
Hash
1403bcc36552387e898fa7c37478d3fa
2199f23b75cbc422b3b853f0f792d453f544005d
5d3afe56f99301a19435246590dbc8c93518172d62b9ff386333d818908cbb08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/css/font-awesome.css

220.249.113.228

200

6.4 kB

URL GET HTTP/1.1
220.249.113.228:8080/css/font-awesome.css
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
6.4 kB (6431 bytes)
Hash
8e12157da5fc90094ae4113ba110456b
3b87c2560832748cd06f9bfd2fd6ea8edbdae8c7
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font-awesome.css HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/css/login.css

220.249.113.228

200

1.8 kB

URL GET HTTP/1.1
220.249.113.228:8080/css/login.css
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
Unicode text, UTF-8 text
Size
1.8 kB (1777 bytes)
Hash
2c7c68243c3e24f8fa3f0ddffd772514
2076696758fac0f0740c4e6dd6b3c514da25bdf4
000ee12277364d77ed1daa768af68ffce8dc0c8592ab35fdfb5552b6c692e2df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/login.css HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Wed, 22 Mar 2023 08:10:46 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/plugins/validate/jquery.validate.min.js

220.249.113.228

200

6.8 kB

URL GET HTTP/1.1
220.249.113.228:8080/js/plugins/validate/jquery.validate.min.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (21388)
Size
6.8 kB (6757 bytes)
Hash
72627ce0ff3d2c903f72befe45bf7ccf
fd63e983f38a5e1342627036981fa9a263013b0e
2f9092f3e0f9d7b09001e1d497459cd8050c97791d3825e04ef19910e12a3f1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/plugins/validate/jquery.validate.min.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/css/bootstrap.min.css

220.249.113.228

200

21 kB

URL GET HTTP/1.1
220.249.113.228:8080/css/bootstrap.min.css
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
ASCII text, with very long lines (374)
Size
21 kB (21074 bytes)
Hash
b24fc2756bfb791b75c762b758bf305a
078f4a33eafa3ef22098e92158bdf9aa98fe3ac4
e333de28abdb51cb8022e391c22628f20ae10b5752cddbb39f12a04e880905fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/css/style.css

220.249.113.228

200

28 kB

URL GET HTTP/1.1
220.249.113.228:8080/css/style.css
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
Unicode text, UTF-8 text, with very long lines (513)
Size
28 kB (27508 bytes)
Hash
4db9f21db79957795574a7c7d1642530
d47b733d91d9d299e34130607edd3ee161af6d06
881f3fc857d62e97e8e2de26f9b1add196a14e9538c30d4eef8eff83a2341caa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 10 Mar 2023 06:20:10 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/ajax-util.js

220.249.113.228

200

906 B

URL GET HTTP/1.1
220.249.113.228:8080/js/ajax-util.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, Unicode text, UTF-8 text
Size
906 B (906 bytes)
Hash
897d2c7a28fda96919facf1f69b899cd
70a5f40385bd80b43c58b1b6ca7cdfde8b198f9f
2f414769801f9072c65f9b09c4c26a835e1188246a01d12a3eda7c82c99c34e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/ajax-util.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/common.js

220.249.113.228

200

4.6 kB

URL GET HTTP/1.1
220.249.113.228:8080/js/common.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
4.6 kB (4573 bytes)
Hash
dcc2cce386b8c35b1dce3ab4b483734f
5a63e993d3cc96335b0793b89e68a479d548c9f0
54b5cd01d0b9f0b3a9fba50b1c9b883e7b22d7433cc61ace719fd373d5ba81e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/common.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 01:49:02 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/base64.js

220.249.113.228

200

1.1 kB

URL GET HTTP/1.1
220.249.113.228:8080/js/base64.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.1 kB (1060 bytes)
Hash
2d1062d995e3af6878206d5f55cf652c
cb6b891573d1c0712675033a77f17d7ee1023e2b
34b426edfae7a5d82264c6fb57d506be8982e1d937f7739a1e6bbbf5e03c69df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/base64.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/appjs/login.js

220.249.113.228

200

951 B

URL GET HTTP/1.1
220.249.113.228:8080/js/appjs/login.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, Unicode text, UTF-8 text
Size
951 B (951 bytes)
Hash
c149981db2a5ff7b881e17af88077b04
158c48ea6eeb8343b548560f8e1880b19dcf4af6
5b04e384772353ef5e268e1318e3bc845c75e46e1836b813bf9a39cb02289574

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/appjs/login.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/plugins/validate/messages_zh.min.js

220.249.113.228

200

662 B

URL GET HTTP/1.1
220.249.113.228:8080/js/plugins/validate/messages_zh.min.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, Unicode text, UTF-8 text
Size
662 B (662 bytes)
Hash
bcff7273495787e551175e6bf433cfdf
c4d6b205618d2084b69762942e613ab15fa684f7
11292f602804aaeb2a0a73d6243174c5d5e29515ca1864772a9c5354c87de14c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/plugins/validate/messages_zh.min.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/js/JQ.daohee.js

220.249.113.228

200

30 kB

URL GET HTTP/1.1
220.249.113.228:8080/js/JQ.daohee.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
30 kB (29577 bytes)
Hash
a0c843696a380cfb110c4c3cb799b93e
b4d08e6b6e2c0903dee2d056620d023fb92fb3e8
d24616775cc79c8002039757feffad09bcdc08bdbe753f52a62c06be8b0053c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/JQ.daohee.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:08 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/img/login-right.png

220.249.113.228

200

9.7 kB

URL GET HTTP/1.1
220.249.113.228:8080/img/login-right.png
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
PNG image data, 600 x 920, 8-bit/color RGBA, non-interlaced
Size
9.7 kB (9717 bytes)
Hash
1f104ca9142d275fe078f5fc0bc4a5b6
98cd9b888dee4db58a313afabbfe606a8601e48f
53b758b18898eded3450f57cb8729a51e6ca3d40328fb1171398e77c455e35ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/login-right.png HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9717
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/img/user.png

220.249.113.228

200

3.3 kB

URL GET HTTP/1.1
220.249.113.228:8080/img/user.png
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3310 bytes)
Hash
b43c3331aadb83642d5d0d6c03dc2730
a444a702de81a9b50219c18d3a06ea78f0967995
b730a067370cb60903acf84007adc06870b0a20e0987e004e39e601ba2d5574b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/user.png HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3310
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/img/password.png

220.249.113.228

200

3.2 kB

URL GET HTTP/1.1
220.249.113.228:8080/img/password.png
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
PNG image data, 26 x 30, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3191 bytes)
Hash
7e7c6db12f5a99785d3b82025167f1be
ff61e42cc2259065364ee9f33e98221ab05cd227
3240deedc60f0e06223ac33d014d345063e2b832f955d53e1ec000c1c732e2b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/password.png HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3191
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/captcha/captchaImage?type=math

220.249.113.228

200

3.0 kB

URL GET HTTP/1.1
220.249.113.228:8080/captcha/captchaImage?type=math
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x60, components 3
Size
3.0 kB (2972 bytes)
Hash
1f6426d787df4ab7e10168edbb16239b
3e4c353313a570375ac79940a36fa40d6e241fa6
85b24bdba6c000c5db4197d4d7a089dcfc4c39cbb5bcdd792a83c421814f75e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha/captchaImage?type=math HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Set-Cookie: JSESSIONID=0d30eb6f-dbc3-4b87-85f0-ee0cac9026c9; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: image/jpeg
Transfer-Encoding: chunked
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/plugins/layui/layui.all.js

220.249.113.228

200

87 kB

URL GET HTTP/1.1
220.249.113.228:8080/plugins/layui/layui.all.js
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
JavaScript source, Unicode text, UTF-8 text
Size
87 kB (86984 bytes)
Hash
d45e5cbbb5a3c5589cf7fe692562a924
a3a660a953ed75be82e6903c557a8c18585b7272
c79526afdde5d83eac9b317a506c82c0e97ababddc0ca768f37d635b2f30e2dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /plugins/layui/layui.all.js HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Thu, 09 May 2024 12:00:27 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/img/back_new.png

220.249.113.228

200

51 kB

URL GET HTTP/1.1
220.249.113.228:8080/img/back_new.png
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced
Size
51 kB (51216 bytes)
Hash
a0aaa08f61a00937d26f090fb596554a
44409ae89c6131cc4dfcec88a0ce89b4cfbfa667
a6705cd67384fc67a07b9c1ec32a987f546de966e69aa01e1d5c234c40643e11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/back_new.png HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Fri, 24 Feb 2023 08:55:12 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 51216
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1

220.249.113.228

200

2.9 kB

URL GET HTTP/1.1
220.249.113.228:8080/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
ASCII text, with very long lines (14412)
Size
2.9 kB (2875 bytes)
Hash
20a526d7f54f4485b68db3797245dc2f
99586b9d86afee1454d718e0495df92d9198b920
b11a61af2360c66c16fdfab2e4e9aa858f29c07f46434b28a37edac78129ceb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /plugins/layui/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Cookie: JSESSIONID=0d30eb6f-dbc3-4b87-85f0-ee0cac9026c9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:29 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9

220.249.113.228

200

1.7 kB

URL GET HTTP/1.1
220.249.113.228:8080/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
ASCII text, with very long lines (7480)
Size
1.7 kB (1735 bytes)
Hash
d68f71be2fdd7ac9abc5711f324d3ab6
07eb7c7532d4d1ca0f7df7bdd97ac653a8ef03b2
8d835c7d1a42f1548d0174acd9eca0309c4e1c8fee4b37ac3c70be18b393be5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9 HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Cookie: JSESSIONID=0d30eb6f-dbc3-4b87-85f0-ee0cac9026c9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:29 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/plugins/layui/css/modules/code.css

220.249.113.228

200

459 B

URL GET HTTP/1.1
220.249.113.228:8080/plugins/layui/css/modules/code.css
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
ASCII text, with very long lines (1006)
Size
459 B (459 bytes)
Hash
71f33b182789664dc99328c60eeed093
2b76ccfcb8f2724026d615666ba5544de77f3e03
05b680e64005aa33548c1c18fc0287eb347edb8a98f1dce1db321bf59ad03857

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /plugins/layui/css/modules/code.css HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Cookie: JSESSIONID=0d30eb6f-dbc3-4b87-85f0-ee0cac9026c9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 08:55:14 GMT
Accept-Ranges: bytes
Content-Type: text/css
Date: Thu, 09 May 2024 12:00:29 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/favicon.ico

220.249.113.228

200

14 kB

URL GET HTTP/1.1
220.249.113.228:8080/favicon.ico
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
MS Windows icon resource - 8 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
Size
14 kB (14326 bytes)
Hash
b545efec541956738387d196a50e54d4
b34cf002b7bc5a74bfbc2b484d379324f0614c98
daae46cace8672b5fe0c3394e007ca52068e3e3dd303c75f5eb63bbcde04bc8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/login
Cookie: JSESSIONID=0d30eb6f-dbc3-4b87-85f0-ee0cac9026c9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Fri, 24 Feb 2023 08:55:10 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 14326
Date: Thu, 09 May 2024 12:00:29 GMT
Keep-Alive: timeout=8
Connection: keep-alive

220.249.113.228:8080/img/left_new.png

220.249.113.228

200

716 kB

URL GET HTTP/1.1
220.249.113.228:8080/img/left_new.png
IP
220.249.113.228:8080
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
http://220.249.113.228:8080/login

File type
PNG image data, 845 x 528, 8-bit/color RGBA, non-interlaced
Size
716 kB (715459 bytes)
Hash
850ed19b8c1ab972f5e0f0b10cdc1f87
438d54a45883c0d48917d7abf3f7151ae43c2b46
4e43aacf706231d65362acd91efd0a9bba6b60853ab19f2d540b3869f437c3d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/left_new.png HTTP/1.1
Host: 220.249.113.228:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.249.113.228:8080/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Last-Modified: Fri, 24 Feb 2023 08:55:12 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 715459
Date: Thu, 09 May 2024 12:00:28 GMT
Keep-Alive: timeout=8
Connection: keep-alive

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML