Report - detectreassure.top/

Report Overview

URL

detectreassure.top/
IP

103.120.80.156

ASN

#139021 West263 International Limited
Submitted

2023-06-04T14:00:30Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

2
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
detectreassure.top (3)	unknown	2022-05-16 06:38:05	2023-06-04 16:00:03	1383	19348	103.120.80.158
sdk.51.la (1)	88367	2021-03-08 17:03:51	2023-06-03 05:31:19	324	13230	42.236.73.196
expdomain.diymysite.com (5)	unknown	2023-03-09 05:08:37	2023-06-03 14:44:31	1810	165884	211.149.163.201
collect-v6.51.la (1)	91421	2021-03-08 17:03:54	2023-06-03 05:31:19	386	283	120.79.9.244

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-04T14:00:11Z	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-06-04T14:00:15Z	medium	Client IP	103.120.80.158	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

HTTP Transactions (10)

URL IP Response Size

detectreassure.top/

103.120.80.158

200 OK

9179

URL User Request GET HTTP/1.1

detectreassure.top/
IP

103.120.80.158:80
ASN

#139021 West263 International Limited

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (396), with CRLF line terminators

Size

9179
Hash

0ca7c0fe182c2d274c3e544a47801aaf

73707062ba5ef0594186e43bd1f921be6625a79a

537c2c4ec82edb6c53574955394733c0046e5d33c17957f5575d5be6258c256f

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

                                        GET / HTTP/1.1
Host: detectreassure.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: wts/1.7.0
Date: Sun, 04 Jun 2023 14:00:37 GMT
Content-Type: text/html
Last-Modified: Wed, 17 May 2023 02:23:37 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"64643aa9-9d9d"
Expires: Sun, 04 Jun 2023 15:00:37 GMT
Cache-Control: max-age=3600
TTT: ALL
Content-Encoding: gzip

sdk.51.la/js-sdk-pro.min.js

42.236.73.196

200 OK

12853

URL GET HTTP/1.1

sdk.51.la/js-sdk-pro.min.js
IP

42.236.73.196:80
ASN

#4837 CHINA UNICOM China169 Backbone

Requested by

http://detectreassure.top/

Magic

Unicode text, UTF-8 text, with very long lines (34110)

Size

12853
Hash

24bb520e9517f2ed3ed987b46aeaf723

846723563d7dd2bff3954f93633b11af0103adc8

d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

HTTP Headers

                                        GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Jun 2023 13:59:56 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:20:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a504-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

detectreassure.top/

103.120.80.159

200 OK

9179

URL User Request GET HTTP/1.1

detectreassure.top/
IP

103.120.80.159:80
ASN

#139021 West263 International Limited

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (396), with CRLF line terminators

Size

9179
Hash

0ca7c0fe182c2d274c3e544a47801aaf

73707062ba5ef0594186e43bd1f921be6625a79a

537c2c4ec82edb6c53574955394733c0046e5d33c17957f5575d5be6258c256f

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

                                        GET / HTTP/1.1
Host: detectreassure.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: wts/1.7.0
Date: Sun, 04 Jun 2023 14:00:40 GMT
Content-Type: text/html
Last-Modified: Wed, 17 May 2023 02:23:37 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"64643aa9-9d9d"
Expires: Sun, 04 Jun 2023 15:00:40 GMT
Cache-Control: max-age=3600
TTT: ALL
Content-Encoding: gzip

expdomain.diymysite.com/Expired/jquery-1.11.3.min.js

China CHINANET SiChuan Telecom Internet Data Center

211.149.163.201

200 OK

33751

URL GET HTTP/1.1

expdomain.diymysite.com/Expired/jquery-1.11.3.min.js
IP

211.149.163.201:80
ASN

#38283 CHINANET SiChuan Telecom Internet Data Center

Requested by

http://detectreassure.top/

Magic

ASCII text, with very long lines (32097)

Size

33751
Hash

95deb70e6d44b9aff82a9aa853df478e

81f02cae78a2bae2f8d322b48c7031487561b8b2

0cbd13e09ab4714b4410dcf57848ccbc7b88bf38beafa311bc1186e2a9e510fb

HTTP Headers

                                        GET /Expired/jquery-1.11.3.min.js HTTP/1.1
Host: expdomain.diymysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 03:19:15 GMT
Accept-Ranges: bytes
ETag: "807b2ced3552d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 04 Jun 2023 14:00:21 GMT
Content-Length: 33751

expdomain.diymysite.com/Expired/tips-icon.png

211.149.163.201

200 OK

11242

URL GET HTTP/1.1

expdomain.diymysite.com/Expired/tips-icon.png
IP

211.149.163.201:80
ASN

#38283 CHINANET SiChuan Telecom Internet Data Center

Requested by

http://detectreassure.top/

Magic

PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data

Size

11242
Hash

8dc131426cac6941a0098e5a62d62f7d

eca4bc8c374a95f7c0b1d91e5e393488d380ba60

17ca419dba7dbb4578ae3b91cf47f44f587004ccf070521a4b9add925fa08fb3

HTTP Headers

                                        GET /Expired/tips-icon.png HTTP/1.1
Host: expdomain.diymysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 09 Mar 2023 03:11:18 GMT
Accept-Ranges: bytes
ETag: "0fdcd03452d91:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 04 Jun 2023 14:00:21 GMT
Content-Length: 11242

expdomain.diymysite.com/Expired/cloudhost.jpg

211.149.163.201

200 OK

28932

URL GET HTTP/1.1

expdomain.diymysite.com/Expired/cloudhost.jpg
IP

211.149.163.201:80
ASN

#38283 CHINANET SiChuan Telecom Internet Data Center

Requested by

http://detectreassure.top/

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 346x200, components 3\012- data

Size

28932
Hash

b94779d2f2181caf2f224c8cd919db08

438a226296b6e6810754232a2179ed3de3ade539

8a7b59a742a8674189101d6042dbd38d09aee4d96503f6dfc86252b6e0e01f7e

HTTP Headers

                                        GET /Expired/cloudhost.jpg HTTP/1.1
Host: expdomain.diymysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 12 Oct 2022 04:56:58 GMT
Accept-Ranges: bytes
ETag: "049a8ef7ddd81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 04 Jun 2023 14:00:21 GMT
Content-Length: 28932

expdomain.diymysite.com/Expired/sites346x200.jpg

211.149.163.201

200 OK

34295

URL GET HTTP/1.1

expdomain.diymysite.com/Expired/sites346x200.jpg
IP

211.149.163.201:80
ASN

#38283 CHINANET SiChuan Telecom Internet Data Center

Requested by

http://detectreassure.top/

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 346x200, components 3\012- data

Size

34295
Hash

6d5e84aac711bae7059e35427f9a80a8

3770ce8c9dcac7c2f7d76bc601b166fee2359671

0500052aa0c305afbee1062744e88fc23072146d0b0b0da6aeb4a6a8c811d64c

HTTP Headers

                                        GET /Expired/sites346x200.jpg HTTP/1.1
Host: expdomain.diymysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Thu, 29 Dec 2022 07:38:59 GMT
Accept-Ranges: bytes
ETag: "80abb9d581bd91:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 04 Jun 2023 14:00:21 GMT
Content-Length: 34295

collect-v6.51.la/v6/collect?dt=4

China Hangzhou Alibaba Advertising Co.,Ltd.

120.79.9.244

200

URL POST HTTP/1.1

collect-v6.51.la/v6/collect?dt=4
IP

120.79.9.244:80
ASN

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by

http://detectreassure.top/

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 400
Origin: http://detectreassure.top
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 
Server: nginx
Date: Sun, 04 Jun 2023 14:00:22 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://detectreassure.top
Access-Control-Allow-Credentials: true

expdomain.diymysite.com/Expired/icu-346x200.jpg

211.149.163.201

200 OK

56366

URL GET HTTP/1.1

expdomain.diymysite.com/Expired/icu-346x200.jpg
IP

211.149.163.201:80
ASN

#38283 CHINANET SiChuan Telecom Internet Data Center

Requested by

http://detectreassure.top/

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 346x200, components 3\012- data

Size

56366
Hash

f7d32bc491e279cccae737f89bad3865

8ad18763e952f8b44f9c686aa6704579fb8657b3

bf1675010003a932d5f3c579cc240099e36db584dd54381e876c5680b6b20668

HTTP Headers

                                        GET /Expired/icu-346x200.jpg HTTP/1.1
Host: expdomain.diymysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 17 May 2023 02:13:29 GMT
Accept-Ranges: bytes
ETag: "806aad2b6588d91:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 04 Jun 2023 14:00:21 GMT
Content-Length: 56366

detectreassure.top/favicon.ico

103.120.80.156

200 OK

URL GET HTTP/1.1

detectreassure.top/favicon.ico
IP

103.120.80.156:80
ASN

#139021 West263 International Limited

Requested by

http://detectreassure.top/

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: detectreassure.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://detectreassure.top/
Cookie: __vtins__K0V5Y2YAHiVadQcC=%7B%22sid%22%3A%20%227becce39-584e-59d2-a611-4507e3dde676%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201685889021453%2C%20%22ct%22%3A%201685887221453%7D; __51uvsct__K0V5Y2YAHiVadQcC=1; __51vcke__K0V5Y2YAHiVadQcC=460629fd-4d60-5824-881c-30435c50b1a1; __51vuft__K0V5Y2YAHiVadQcC=1685887221471
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: wts/1.7.0
Date: Sun, 04 Jun 2023 14:00:44 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Thu, 09 Mar 2023 03:25:26 GMT
Connection: close
ETag: "640951a6-0"
Expires: Sun, 04 Jun 2023 15:00:44 GMT
Cache-Control: max-age=3600
TTT: ALL
Accept-Ranges: bytes

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

#1 JS:Script (size: 54)

#2 JS:Script (size: 29)

#3 JS:Script (size: 289)

#4 JS:Script (size: 96778)

#5 JS:Script (size: 0)

#6 JS:Script (size: 34329)

#1 JS:Write (size: 18)

HTTP Transactions (10)

URL User Request GET HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Magic

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Magic

Size

Hash

HTTP Headers