Report - 111.253.200.21/

Report Overview

Visited public
2025-03-01 06:57:35
Tags
URL
111.253.200.21/
Finishing URL
111.253.200.21/
IP / ASN
111.253.200.21
#3462 Data Communication Business Group
Title
Remote Surveillance, Any time & Any where

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
111.253.200.21	unknown	unknown	No data	No data	755 B	60 kB	111.253.200.21

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-01	medium	111.253.200.21	Sinkholed
2025-03-01	medium	111.253.200.21	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	111.253.200.21/	ScriptElement	9.9 kB	2023-03-09	2025-03-01
Pretty URL 111.253.200.21/ IP 111.253.200.21 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 22:15 Last Seen2025-03-01 06:57 Times Seen6 Hash 4ca62349fec63ccbffa9235a7c178289 fa08bedbaf0ea32c1ed777c307399e10e8d0868b c65c8c0a420aeafab803b220ff129cfdc028f8e5eab94db55be07f9bbea4fc4c Loading...

	unknown	EventHandler	6 B	2023-03-07	2025-06-24
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-03-07 13:46 Last Seen2025-06-24 04:13 Times Seen1425 Hash e67906ab4373125a18eb2b5a75f59bd2 58ed4e16ee46029764b9e9faef0e08a6c2c3be5e c38ba39cea630681f6bdc6acc7eade251530622bc6f10dda7f1fd77af189a1df Loading...

HTTP Transactions (2)

URL IP Response Size

GET 111.253.200.21/

111.253.200.21

200 OK

54 kB

URL User Request GET HTTP/1.1
111.253.200.21/
IP
111.253.200.21:80
ASN
#3462 Data Communication Business Group

File type
HTML document, ASCII text, with very long lines (30924), with CRLF line terminators
Size
54 kB (54171 bytes)
Hash
d815efd4172414bbad34fcb4e152c08b
c9d3c3fb6fbefde9e46bbb4100d2f93fab302f24
875fc02706f1fb99ca3de5574a72a7afb74296e34806cdb921e9e599ef641828

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 111.253.200.21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 01 Mar 2025 14:57:04 GMT
Server: Linux/2.x UPnP/1.0 Avtech/1.0
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 10:51:29 GMT
Content-Type: text/html
ETag: 231-54171-1643280689
Content-Length: 54171

GET 111.253.200.21/nobody/favicon.ico

111.253.200.21

200 OK

5.7 kB

URL GET HTTP/1.1
111.253.200.21/nobody/favicon.ico
IP
111.253.200.21:80
ASN
#3462 Data Communication Business Group

Requested by
http://111.253.200.21/

File type
MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 32x32, 32 bits/pixel
Size
5.7 kB (5686 bytes)
Hash
6a7e13b3f9197a383c96618fe32e345a
fc0947c54b7847395aac983a429f2f442d2f418e
de447ef0e4f6487b353146927b0a0723a0b814c9b1bdbc261fdf9ba519f94053

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nobody/favicon.ico HTTP/1.1
Host: 111.253.200.21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://111.253.200.21/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 01 Mar 2025 14:57:05 GMT
Server: Linux/2.x UPnP/1.0 Avtech/1.0
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 10:51:29 GMT
Content-Type: text/plain
ETag: 236-5686-1643280689
Content-Length: 5686

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers