Report - 124.70.206.122:808/login

Report Overview

Submitted URL
124.70.206.122:808/login
IP
124.70.206.122
ASN
#55990 Huawei Cloud Service data center
Submitted
2024-04-25 09:18:41
Access
public
Website Title
登录国磊系统
Final URL
124.70.206.122:808/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
124.70.206.122:808	unknown	unknown	No data	No data	7.8 kB	2.7 MB	124.70.206.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed
2024-04-25	medium	124.70.206.122	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	124.70.206.122:808/softding/login.js	2.8 kB	2023-06-23	2024-05-04
Pretty URL 124.70.206.122:808/softding/login.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-23 13:37:01 Last Seen2024-05-04 11:56:18 Times Seen6 Hash 40ae31932fdb27c529e28ad3e05426a1 dcfd167f92b88be31ae1c991fab740f9fad50e1e a4336f9edf849c3cc86e721aaba9b1e0588c7d92e402acb8dc71d5dce204bf2e Loading...

	124.70.206.122:808/login	0 B	2023-03-07	2024-05-05
Pretty URL 124.70.206.122:808/login IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 07:56:46 Times Seen37355459 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	124.70.206.122:808/js/bootstrap.min.js	39 kB	2023-03-08	2024-05-04
Pretty URL 124.70.206.122:808/js/bootstrap.min.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:42:27 Last Seen2024-05-04 11:56:18 Times Seen143 Hash 93a1f823d90b3c0b0c92c7eaa9669754 c5656ed696219cc6b7dceed19a34bb4d9f6faab1 761b0a0362022aec0c1d121ea530ea547e2773e01aabe56cf3180236973e0af8 Loading...

	124.70.206.122:808/ajax/libs/layer/layer.min.js	22 kB	2023-04-07	2024-05-04
Pretty URL 124.70.206.122:808/ajax/libs/layer/layer.min.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 19:23:28 Last Seen2024-05-04 11:56:17 Times Seen188 Hash 47db0e57d73194c6a41bab5b4d55e860 9db378fa8d56979e86519f483993486dc476902b 69025fc1818313fb94c9ca4975c6a45e8385a6fd0ab9d0c60c0ac93cd997566e Loading...

	124.70.206.122:808/ajax/libs/blockUI/jquery.blockUI.js	21 kB	2023-03-07	2024-05-04
Pretty URL 124.70.206.122:808/ajax/libs/blockUI/jquery.blockUI.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:33:48 Last Seen2024-05-04 11:56:17 Times Seen184 Hash d2527dc37bd691ee37c0769a85d4e678 7f6ae26a61a7d5dfa1fed93de574d736e80e3476 5fccc001b2b5cadcb733169e116de392bb571b456e2bef0d5cbeaa51c85f7ea5 Loading...

	124.70.206.122:808/login	48 B	2023-06-01	2024-05-04
Pretty URL 124.70.206.122:808/login IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 00:10:52 Last Seen2024-05-04 11:56:17 Times Seen141 Hash fb5a8c94e360a6a4b6d2cc8755007bba da4356bfe27a14d941383bfba020db240c3bd94f 3aeecc9fb20b249d22a7eebc7d89fbd13783ee0dcad3dd59311e5b17321671d4 Loading...

	124.70.206.122:808/js/jquery.min.js	132 kB	2023-06-04	2024-05-04
Pretty URL 124.70.206.122:808/js/jquery.min.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 12:19:36 Last Seen2024-05-04 11:56:18 Times Seen64 Hash 3c852a75e6d52b8d2d4de5f6d1762e13 d04ed77fac1b126224af54d94bdb4d064026cb9f d56e7a458495aa3c0a3bb3a377c46f031afcc875e67adecf7202acde1aec2754 Loading...

	124.70.206.122:808/ajax/libs/validate/jquery.validate.min.js	22 kB	2023-05-08	2024-05-04
Pretty URL 124.70.206.122:808/ajax/libs/validate/jquery.validate.min.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 08:52:31 Last Seen2024-05-04 14:23:43 Times Seen131 Hash 7798b82361d00430029282940e40c353 f09358ac4f6f4c3863e94c044c8dda7c5f926adf e51f6692c221e90f372a17cf0a2436d023018f5c9341f72bd2c2858022d44577 Loading...

	124.70.206.122:808/ajax/libs/validate/messages_zh.min.js	1.4 kB	2023-03-09	2024-05-04
Pretty URL 124.70.206.122:808/ajax/libs/validate/messages_zh.min.js IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:33:45 Last Seen2024-05-04 11:56:18 Times Seen264 Hash 2e53acbf6518a85fcad23b41db2c7425 2d5e7474ba6509a478d6600acab1103db5f07c4b 569a2be4832b1ebf6244b6e2b219daf8705782a2c94d23dd932ceef4d69148c3 Loading...

	124.70.206.122:808/softding/js/softding-ui.js?v=4.5.0	88 kB	2024-04-25	2024-04-25
Pretty URL 124.70.206.122:808/softding/js/softding-ui.js?v=4.5.0 IP 124.70.206.122 ASN #55990 Huawei Cloud Service data center Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:18:48 Last Seen2024-04-25 11:18:48 Times Seen1 Hash 609d0e082c5959a3ec6d6976effc6be3 22820ec196f117c843144d07ad13ab6b8865c6f1 cd6c340193dfcd85c507288b5e001b189bd064677931fedaccd7b27927d899e5 Loading...

HTTP Transactions (19)

URL IP Response Size

124.70.206.122:808/login

124.70.206.122

200

4.0 kB

URL User Request GET HTTP/1.1
124.70.206.122:808/login
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
4.0 kB (3996 bytes)
Hash
07345c8ca2580d5a1a32eaad004abcb1
77733d4f0e6444a73b44069daa8ae3f12f9b7bee
8c982f9287d39d80328fdded4aaf2f95bbc697b418c7910e7de77a786c380eda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Set-Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2; Path=/; HttpOnly; SameSite=lax
Content-Type: text/html;charset=UTF-8
Content-Language: zh-CN
Transfer-Encoding: chunked
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/css/login.min.css

124.70.206.122

200

2.8 kB

URL GET HTTP/1.1
124.70.206.122:808/css/login.min.css
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
ASCII text, with very long lines (2814), with CRLF line terminators
Size
2.8 kB (2816 bytes)
Hash
65ce8ae73ecd7ac76029c6105d2efc0f
91108d4cdb3fed558d521ce38091a6ba4ba21cc7
9c7439e062eaf84a6df488404be9fe807deeb7623f48ce481c983a291f0fca06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/login.min.css HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2816
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/css/font-awesome.min.css

124.70.206.122

200

31 kB

URL GET HTTP/1.1
124.70.206.122:808/css/font-awesome.min.css
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
31 kB (31004 bytes)
Hash
a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 31004
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/softding/css/softding-ui.css?v=4.5.0

124.70.206.122

200

24 kB

URL GET HTTP/1.1
124.70.206.122:808/softding/css/softding-ui.css?v=4.5.0
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
24 kB (24191 bytes)
Hash
90820598731ae91e7a51a664a4cbafb2
4f25325febd0a84640bcdd540bbf41ae317e61ec
e3c72106970847d780930c0eee8838bdf56e34c26d2ba60286c3e65de0c17a23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /softding/css/softding-ui.css?v=4.5.0 HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 24191
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/css/bootstrap.min.css

124.70.206.122

200

121 kB

URL GET HTTP/1.1
124.70.206.122:808/css/bootstrap.min.css
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
121 kB (121205 bytes)
Hash
5057f321f0dc85cd8da94a0c5f67a8f4
224c9f9ad11b495358aa61dbd53e838e9b61015b
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 121205
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/js/bootstrap.min.js

124.70.206.122

200

39 kB

URL GET HTTP/1.1
124.70.206.122:808/js/bootstrap.min.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, ASCII text, with very long lines (38738), with CRLF line terminators
Size
39 kB (38868 bytes)
Hash
93a1f823d90b3c0b0c92c7eaa9669754
c5656ed696219cc6b7dceed19a34bb4d9f6faab1
761b0a0362022aec0c1d121ea530ea547e2773e01aabe56cf3180236973e0af8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 38868
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/ajax/libs/validate/jquery.validate.min.js

124.70.206.122

200

22 kB

URL GET HTTP/1.1
124.70.206.122:808/ajax/libs/validate/jquery.validate.min.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (21388), with CRLF line terminators
Size
22 kB (21530 bytes)
Hash
0909b4a0efdadf7a2a679e1f43d7d7cf
be2ec5f330a7b537b6752283c3d99ea5651116bb
f01f5ea5ff71b32da6759fb193943622b2d04e19a8d4017e8528e0bb1f248fde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/validate/jquery.validate.min.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 21530
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/ajax/libs/validate/messages_zh.min.js

124.70.206.122

200

1.4 kB

URL GET HTTP/1.1
124.70.206.122:808/ajax/libs/validate/messages_zh.min.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.4 kB (1435 bytes)
Hash
2e53acbf6518a85fcad23b41db2c7425
2d5e7474ba6509a478d6600acab1103db5f07c4b
569a2be4832b1ebf6244b6e2b219daf8705782a2c94d23dd932ceef4d69148c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/validate/messages_zh.min.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1435
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/css/style.css

124.70.206.122

200

139 kB

URL GET HTTP/1.1
124.70.206.122:808/css/style.css
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
Unicode text, UTF-8 text, with very long lines (483), with CRLF line terminators
Size
139 kB (139432 bytes)
Hash
9240d8df025ce566bb44bb62d1fb22c3
e03d7781b5b008e8fdae10a46d32d1e40249e570
16bb55383d3bb7f411a18d4c14339d7a8aa3832865ded9d1c169b6a5e0a5c9db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 139432
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/ajax/libs/layer/layer.min.js

124.70.206.122

200

22 kB

URL GET HTTP/1.1
124.70.206.122:808/ajax/libs/layer/layer.min.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (22032), with CRLF line terminators
Size
22 kB (22117 bytes)
Hash
b4b722614d6d4b6b5f345361b8e5355f
f91dfc32558f2fe1347babbe11f644bd486d7c3e
3cb403b2abfeaf137ebf64eabb0107a01136d1831923b489d6835af431985544

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/layer/layer.min.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 22117
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/ajax/libs/blockUI/jquery.blockUI.js

124.70.206.122

200

21 kB

URL GET HTTP/1.1
124.70.206.122:808/ajax/libs/blockUI/jquery.blockUI.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
21 kB (20641 bytes)
Hash
d1b570f6154466b04656d6bf82f83334
ff13abea09fce7cac97c9a8799edcdef7b33b998
fe71ac0177ef82f38e030cca3ad8074377479ec82701d38ac6db1e476ea83c8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/blockUI/jquery.blockUI.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 20641
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/softding/login.js

124.70.206.122

200

2.8 kB

URL GET HTTP/1.1
124.70.206.122:808/softding/login.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.8 kB (2765 bytes)
Hash
40ae31932fdb27c529e28ad3e05426a1
dcfd167f92b88be31ae1c991fab740f9fad50e1e
a4336f9edf849c3cc86e721aaba9b1e0588c7d92e402acb8dc71d5dce204bf2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /softding/login.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2765
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/js/jquery.min.js

124.70.206.122

200

132 kB

URL GET HTTP/1.1
124.70.206.122:808/js/jquery.min.js
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, ASCII text, with very long lines (50027), with CRLF line terminators
Size
132 kB (131465 bytes)
Hash
3c852a75e6d52b8d2d4de5f6d1762e13
d04ed77fac1b126224af54d94bdb4d064026cb9f
d56e7a458495aa3c0a3bb3a377c46f031afcc875e67adecf7202acde1aec2754

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 131465
Date: Thu, 25 Apr 2024 09:18:14 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/img/user.png

124.70.206.122

200

1.1 kB

URL GET HTTP/1.1
124.70.206.122:808/img/user.png
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1106 bytes)
Hash
681dfebf3a20ec9c580d8dc248eb6a6e
46a81ebddfdb1e2e647b711cf896aea3c4557f74
09bbf9c144222134ee6d4f28b25d4b846f8c099d72c4360c7998bfd89715eb45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/user.png HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/css/login.min.css
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1106
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/img/locked.png

124.70.206.122

200

1.1 kB

URL GET HTTP/1.1
124.70.206.122:808/img/locked.png
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1132 bytes)
Hash
f6f30beb72f584e218bfec975eb1109d
bf2df8c47190b0643683569dbe42e619186135e3
5d49f096f9957f3b969cdf922469092b26550ec5cfe9c78a86515460c4230cd7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/locked.png HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/css/login.min.css
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1132
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/softding/js/softding-ui.js?v=4.5.0

124.70.206.122

200

89 kB

URL GET HTTP/1.1
124.70.206.122:808/softding/js/softding-ui.js?v=4.5.0
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
89 kB (88711 bytes)
Hash
fb818c7a524d035ac87b972ad00c9723
c59c03c27de1a0e05f16b22a062a7a7a6a2bbd04
565525f55ce252e234307124e0a5aaacec1f4ac71b3599df7270fe01a0b18f54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /softding/js/softding-ui.js?v=4.5.0 HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 88711
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/ajax/libs/layer/theme/default/layer.css?v=3.1.1

124.70.206.122

200

15 kB

URL GET HTTP/1.1
124.70.206.122:808/ajax/libs/layer/theme/default/layer.css?v=3.1.1
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
ASCII text, with very long lines (15156), with no line terminators
Size
15 kB (15156 bytes)
Hash
f0f9dca00a24bd457da5305214b2b4e5
9b08a0281f73c9d17a807def7e878fc27d01459c
811968878fd43543f1155d371a2f243dab5b469ca6c077fc40afeedc8b69c880

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/layer/theme/default/layer.css?v=3.1.1 HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 15156
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/favicon.ico

124.70.206.122

200

7.1 kB

URL GET HTTP/1.1
124.70.206.122:808/favicon.ico
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
PNG image data, 90 x 66, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7143 bytes)
Hash
1564387cef3c22ec311f3a4938a62546
60b44a53718d05f036cb85e3ae4be60f5432b7a6
74ff47dcab8b01b0bc337a5c38ff5c124c8649b62f5c78e3c94f2a141ca4a0f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/login
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 7143
Date: Thu, 25 Apr 2024 09:18:16 GMT
Keep-Alive: timeout=60
Connection: keep-alive

124.70.206.122:808/img/background-guolei.jpg

124.70.206.122

200

2.0 MB

URL GET HTTP/1.1
124.70.206.122:808/img/background-guolei.jpg
IP
124.70.206.122:808
ASN
#55990 Huawei Cloud Service data center

Requested by
http://124.70.206.122:808/login

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:06:08 16:33:26, copyright=摄图网是正版商业图库网站，所有原创作品（含预览图）均受著作权法保护。著作权及相关权利�], baseline, precision 8, 4000x2250, components 3
Size
2.0 MB (1981718 bytes)
Hash
f77835acc17e495b82341faefb634e25
61b50184bb9cb08308df09214938f72c41711387
b2d13ddbab4059dab9d887c6342213fab9433c021e83886194898bfbe56d5c6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/background-guolei.jpg HTTP/1.1
Host: 124.70.206.122:808
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://124.70.206.122:808/css/login.min.css
Cookie: JSESSIONID=1c3730ef-764c-4f5e-955d-07de3cc8eba2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 01:53:24 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 1981718
Date: Thu, 25 Apr 2024 09:18:15 GMT
Keep-Alive: timeout=60
Connection: keep-alive

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML