Report - broccoli.uc.cn/apps/pneumonia/routes/index?uc_param_str=dsdnfrpfbivesscpgimibtbmnijblauputogpintnwktprchmt&uc_biz_str=OPT:BACK_BTN_STYLE@0|OPT:TOOLBAR_STYLE@1&fromsource=jiejingtab

Report Overview

Visitedpublic

2023-08-25 14:50:12

Tags

Submit Tags

URL

broccoli.uc.cn/apps/pneumonia/routes/index?uc_param_str=dsdnfrpfbivesscpgimibtbmnijblauputogpintnwktprchmt&uc_biz_str=OPT:BACK_BTN_STYLE@0|OPT:TOOLBAR_STYLE@1&fromsource=jiejingtab

Finishing URL

broccoli.uc.cn/apps/pneumonia/routes/index?uc_param_str=dsdnfrpfbivesscpgimibtbmnijblauputogpintnwktprchmt&uc_biz_str=OPT:BACK_BTN_STYLE@0|OPT:TOOLBAR_STYLE@1&fromsource=jiejingtab

IP / ASN

China

59.82.31.142

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Title

新冠肺炎疫情实时动态

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

0

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
track.uc.cn	69223	2003-03-17	2014-06-05 07:09:10	2023-08-25 12:13:32	5.0 kB	0 B	0.0.0.0
broccoli.uc.cn	122692	2003-03-17	2017-07-06 06:04:52	2023-08-25 13:12:45	638 B	7.9 kB	59.82.31.142
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23 20:10:04	2023-08-25 05:38:00	4.6 kB	25 kB	104.18.21.226
image.uc.cn	54371	2003-03-17	2014-06-05 07:07:08	2023-08-25 15:10:46	16 kB	1.6 MB	47.246.44.225
g.alicdn.com	6787	2008-06-25	2014-10-06 10:39:58	2023-08-25 07:59:46	431 B	16 kB	47.246.44.251
covid.myquark.cn	unknown	2016-10-12	2022-10-21 18:53:21	2023-08-17 20:22:21	3.8 kB	112 kB	59.82.31.142
px.effirst.com	31137	2019-07-05	2019-09-03 08:09:57	2023-08-25 15:10:46	2.6 kB	1.5 kB	111.63.205.135
image.uczzd.cn	77975	2015-05-22	2017-01-30 10:51:01	2023-08-11 03:11:32	1.6 kB	8.8 MB	47.246.15.237

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-08-25 14:49:49	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-08-25 14:49:49	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-08-25 14:49:49	medium	Client IP	59.82.31.142	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-08-25 14:49:49	medium	Client IP	59.82.31.142	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-08-25 14:49:49	medium	Client IP	59.82.31.142	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-08-25 14:49:50	medium	Client IP	59.82.31.142	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-08-25 14:49:50	medium	Client IP	59.82.31.142	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-08-25 14:49:50	medium	Client IP	59.82.31.142	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

HTTP Transactions (66)

	URL	IP	Response	Size