Report - 1.117.7.214/

Report Overview

Submitted URL
1.117.7.214/
IP
1.117.7.214
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited
Submitted
2023-11-20 21:18:33
Access
public
Website Title
盛博网络办公系统
Final URL
1.117.7.214/home/login/index.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
1.117.7.214	unknown	unknown	2022-12-03	2023-10-18	4.6 kB	219 kB	1.117.7.214

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed
2023-11-20	medium	1.117.7.214	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	1.117.7.214/static/assets/layui/layui.js?v=1.0.22	291 kB	2023-03-07	2024-07-19
Pretty URL 1.117.7.214/static/assets/layui/layui.js?v=1.0.22 IP 1.117.7.214 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:52 Last Seen2024-07-19 12:08:57 Times Seen111 Hash 210a8b1c979a8ff8d8036c3bab6e3b46 40ed39b8c127b1f1307c142e94cc8f9e0c36e31b fef3fe945718e6caef2f72dc7c89080374cfd74e59576746e477de017c1ef0ad Loading...

	1.117.7.214/home/login/index.html	0 B	2023-03-07	2024-07-27
Pretty URL 1.117.7.214/home/login/index.html IP 1.117.7.214 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:57:41 Times Seen41184517 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (11)

URL IP Response Size

1.117.7.214/

1.117.7.214

302 Found

0 B

URL User Request GET HTTP/1.1
1.117.7.214/
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 20 Nov 2023 21:18:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache,must-revalidate
Location: /home/login/index.html

1.117.7.214/home/login/index.html

1.117.7.214

2.0 kB

URL User Request GET
1.117.7.214/home/login/index.html
IP
1.117.7.214:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (2046 bytes)
Hash
e0c87b86ab393e9de199299c7969a080
47453dab41bcb50e9011011629f299e42ccc24ed
b26d8792f1c7863fb925abb5f29dcde4e09fcebdbd3c03520cf1767397c90109

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /home/login/index.html HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2; path=/
Content-Encoding: gzip

1.117.7.214/static/assets/layui/css/layui.css?v=1.0.22

1.117.7.214

200 OK

18 kB

URL GET HTTP/1.1
1.117.7.214/static/assets/layui/css/layui.css?v=1.0.22
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
ASCII text, with very long lines (65536), with no line terminators
Size
18 kB (17920 bytes)
Hash
3f301374d385c19214a4b3e17c815422
4b82ec3e4fc883d6331063fa19ccc94e2a0b970c
7e90b7ced175894e5737acf791e4f77d2d3223e85d15c81b2485f1c525730987

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/layui/css/layui.css?v=1.0.22 HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:20 GMT
Content-Type: text/css
Last-Modified: Fri, 10 Feb 2023 04:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63e5c7c6-14153"
Expires: Tue, 21 Nov 2023 09:18:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

1.117.7.214/static/assets/layui/layui.js?v=1.0.22

1.117.7.214

200 OK

107 kB

URL GET HTTP/1.1
1.117.7.214/static/assets/layui/layui.js?v=1.0.22
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
ASCII text, with very long lines (65536), with no line terminators
Size
107 kB (107243 bytes)
Hash
210a8b1c979a8ff8d8036c3bab6e3b46
40ed39b8c127b1f1307c142e94cc8f9e0c36e31b
fef3fe945718e6caef2f72dc7c89080374cfd74e59576746e477de017c1ef0ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/layui/layui.js?v=1.0.22 HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:20 GMT
Content-Type: application/javascript
Last-Modified: Fri, 10 Feb 2023 04:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63e5c7c6-4714a"
Expires: Tue, 21 Nov 2023 09:18:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

1.117.7.214/static/home/images/login_logo.png

1.117.7.214

200 OK

7.6 kB

URL GET HTTP/1.1
1.117.7.214/static/home/images/login_logo.png
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
PNG image data, 300 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7595 bytes)
Hash
680b108356136658e4c2a1674e778448
a6b744b45a15485d4abbc7b19f854b214c0c5eb3
0bb25fdadff1e661f0938bb0ce21ee1ea521e8f9a0f50ecdc5040013300f14fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/home/images/login_logo.png HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:21 GMT
Content-Type: image/png
Content-Length: 7595
Last-Modified: Mon, 13 Feb 2023 05:54:20 GMT
Connection: keep-alive
ETag: "63e9d08c-1dab"
Expires: Wed, 20 Dec 2023 21:18:21 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

1.117.7.214/static/home/images/bg.png

1.117.7.214

200 OK

72 kB

URL GET HTTP/1.1
1.117.7.214/static/home/images/bg.png
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
PNG image data, 3840 x 2160, 8-bit colormap, non-interlaced\012- data
Size
72 kB (72186 bytes)
Hash
70df09670d54517fee7f864cc9082e35
f86d034b80a4d58bb34cd71017f03dcb86fbbcf0
b921934e78e4afd926c7892c6956440ddcc7e9f2197a85b7f2bc092c45ca19df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/home/images/bg.png HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:20 GMT
Content-Type: image/png
Content-Length: 72186
Last-Modified: Fri, 10 Feb 2023 04:27:50 GMT
Connection: keep-alive
ETag: "63e5c7c6-119fa"
Expires: Wed, 20 Dec 2023 21:18:20 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

1.117.7.214/captcha.html

1.117.7.214

200 OK

1.8 kB

URL GET HTTP/1.1
1.117.7.214/captcha.html
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
PNG image data, 250 x 62, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1844 bytes)
Hash
57492ca9b88c3761194f79b97c8f002c
97f671f50c2de44505582126c5467cca03c25f63
6aafda9c2ceab9bb41a25f82ea4bd5994fc5a3931affa92f0125c298c498c15c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha.html HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:21 GMT
Content-Type: image/png; charset=utf-8
Content-Length: 1844
Connection: keep-alive
Set-Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2; path=/

1.117.7.214/static/assets/layui/css/modules/layer/default/layer.css?v=3.5.1

1.117.7.214

200 OK

3.2 kB

URL GET HTTP/1.1
1.117.7.214/static/assets/layui/css/modules/layer/default/layer.css?v=3.5.1
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
ASCII text, with very long lines (14323), with no line terminators
Size
3.2 kB (3191 bytes)
Hash
9bc0bb378b16f6d3d94b945b8a12de7f
b3a3a2788fa3cfab78191f3c2f9ac3dfac1192a4
452d67901461bc418452e139ce517ca82971744bb128aedf6aeae16091574681

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:21 GMT
Content-Type: text/css
Last-Modified: Fri, 10 Feb 2023 04:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63e5c7c6-37f3"
Expires: Tue, 21 Nov 2023 09:18:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

1.117.7.214/static/assets/layui/css/modules/laydate/default/laydate.css?v=5.3.1

1.117.7.214

200 OK

2.0 kB

URL GET HTTP/1.1
1.117.7.214/static/assets/layui/css/modules/laydate/default/laydate.css?v=5.3.1
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
ASCII text, with very long lines (7787), with no line terminators
Size
2.0 kB (2007 bytes)
Hash
965ecf4e5b007d28c7813d295310c9f8
85850be545bf1b7e5856988633b40184cd776449
68e2983e63097dc51336bd69da10365ce29d723d7dfdab3796a29bcfe5aaa335

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:21 GMT
Content-Type: text/css
Last-Modified: Fri, 10 Feb 2023 04:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63e5c7c6-1e6b"
Expires: Tue, 21 Nov 2023 09:18:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

1.117.7.214/static/assets/layui/css/modules/code.css?v=3

1.117.7.214

200 OK

580 B

URL GET HTTP/1.1
1.117.7.214/static/assets/layui/css/modules/code.css?v=3
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
ASCII text, with very long lines (1738), with no line terminators
Size
580 B (580 bytes)
Hash
9e6c47f424536b7039ede0093cc8a153
0e994c799db4c0f0de38cef2ea4bda958813cf87
e5fa94378e76c854bbf3572f9e090f1fa5d8260c3e93d8a864a74941b540034e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/layui/css/modules/code.css?v=3 HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 21:18:21 GMT
Content-Type: text/css
Last-Modified: Fri, 10 Feb 2023 04:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63e5c7c6-6ca"
Expires: Tue, 21 Nov 2023 09:18:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

1.117.7.214/favicon.ico

1.117.7.214

404 Not Found

874 B

URL GET HTTP/1.1
1.117.7.214/favicon.ico
IP
1.117.7.214:80
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
http://1.117.7.214/home/login/index.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
874 B (874 bytes)
Hash
d99b5db9572e4ed5bc67edbac9372096
f3dbae89f15cd77f0b4d8081d2aacd50da8ebc0e
1ab2b1318bad123ed960590e5036913d6e81acf036d69e47c532691304fa89a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 1.117.7.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.117.7.214/home/login/index.html
Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 20 Nov 2023 21:18:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ce28c8de8b218d1002b4a8a15b6bc4a2; path=/
Content-Encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by