Report - 125.229.144.213/

Report Overview

Submitted URL
125.229.144.213/
IP
125.229.144.213
ASN
#3462 Data Communication Business Group
Submitted
2024-04-25 04:17:25
Access
public
Website Title
125.229.144.213
Final URL
125.229.144.213/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
125.229.144.213	unknown	unknown	No data	No data	9.8 kB	773 kB	125.229.144.213

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed
2024-04-25	medium	125.229.144.213	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	125.229.144.213/script/plugins/MD5_f913ed0.js	5.0 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/MD5_f913ed0.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen125 Hash f913ed09e5647d9123879da828944fec 7bdfbc1b676b882a5cfa6bf282645df78fe625e2 b43d54b765692c627072eb00d3ba8cbeeda005c84666c561c67f6b77de12fb83 Loading...

	125.229.144.213/script/plugins/jquery.xml2json_0bb5881.js	1.3 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/jquery.xml2json_0bb5881.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen135 Hash 0bb5881c6d02f7c2bbef99f490418751 96834a4508bbdb69a6f6244b56b38c039bd6c198 a5f940126512c7a1197e15f3c6a46d4d63f20efea763c53014efde620ce05b71 Loading...

	125.229.144.213/script/plugins/base64.min_ae031ff.js	2.9 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/base64.min_ae031ff.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen139 Hash ae031fff66d56f901ad638142d6db126 d8c94f9390534bb124ef0344273531b11b540ff2 d373d4102eb6676e442e976b37064226adbdda5a821f034ce2f428ecdad379ea Loading...

	125.229.144.213/script/common_a526adc.js	66 kB	2023-03-09	2024-04-25
Pretty URL 125.229.144.213/script/common_a526adc.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:30:26 Last Seen2024-04-25 06:17:31 Times Seen9 Hash a526adc2ba2cdf8904a88bb6fda1bd9b e527b3010376fadebdee81ef682d2c3f8fa60e61 749e447aaa24b2258af9b3649d39c74b41aa9e683884cbb7ee049d2063201047 Loading...

	125.229.144.213/script/plugins/jquery_0462a82.js	93 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/jquery_0462a82.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen67 Hash 0462a824317b31550dbbc17270fe5229 9410dfd263e9e62ff7cfe17d9c3d88becfff5ee2 cedd187fae3adb65b2ad04ee12674bd25de95cc67902df32c4717a7c4ce5dd71 Loading...

	125.229.144.213/script/index_5240c36.js	18 kB	2023-05-03	2024-04-25
Pretty URL 125.229.144.213/script/index_5240c36.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 18:32:51 Last Seen2024-04-25 06:17:31 Times Seen4 Hash f4024b9dd207ad2e00ba5ebedbda42da 8c3deed2b821da56269426a60be671588767490d f7ff26db7614dbede3fb4d9fe3e744d09583fb8873ec003e4dac5ee3c46c6faf Loading...

	125.229.144.213/script/plugins/excanvas_b43971b.js	18 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/excanvas_b43971b.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen103 Hash b43971b62b6c84e5e60a0beaacc9d5e1 224c7df6a3eaaf3efb072efc07bdae529d202c49 68a0469dd1548c0ce165a166184043945989a1920272e1c906c8676197c95052 Loading...

	125.229.144.213/script/plugins/juicer-min_8643248.js	7.6 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/juicer-min_8643248.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen93 Hash 864324813559f7ec70c8dca8d626ada1 aa841cb7e0c18a56f1ca415f907969035e9906a0 ff1d9841436ddbe2b64a57ccf229472dac19cf64a3fb46303338dd29c0030685 Loading...

	125.229.144.213/?_=375794744826	715 B	2023-04-15	2024-04-25
Pretty URL 125.229.144.213/?_=375794744826 IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-15 23:08:50 Last Seen2024-04-25 06:17:31 Times Seen45 Hash 96c27143253eea50b275de908cdfa5b2 1c5ece3a371f134881d6f4476379e872dbea7fb5 0af2fde764e088dae3abaa8a4dc6495ea945b3360d60b10443626b446ccd7093 Loading...

	125.229.144.213/script/static_94c85b0.js	50 kB	2023-03-09	2024-04-25
Pretty URL 125.229.144.213/script/static_94c85b0.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:30:26 Last Seen2024-04-25 06:17:31 Times Seen9 Hash 94c85b03a1ec71383a1cadc6f6b84312 4ea7a87a1b635b26e441533147d3bb28195395bb fdb2dbda696993775a3cafb8bcd89a45f91f0e6e56f8efff18de5a6cf22cf4cf Loading...

	125.229.144.213/script/plugins/jquery.cookie_a5283b2.js	1.3 kB	2023-03-07	2024-04-25
Pretty URL 125.229.144.213/script/plugins/jquery.cookie_a5283b2.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:53 Last Seen2024-04-25 06:17:31 Times Seen149 Hash a5283b23e629ae1b1f578f73a539f1f7 1635a44187afa7d669723703499df1d422dab79b a95f4875531b12642d2ef720c592e2ed845d57cc846f0386147e6ab24a268e3a Loading...

	125.229.144.213/script/plugins/jquery.qrcode.min_8c0b79c.js	14 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/jquery.qrcode.min_8c0b79c.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen106 Hash 8c0b79c0ebc470280b11d101200973fa 93679d5aebaec6ea11438b4eea9e1d0341fbe3fa 6763cffba1001e10096f012739378d90031aa1a1d8b0df1170a3ac6540ce8575 Loading...

	125.229.144.213/script/plugins/jquery-ui.min_1181bd7.js	252 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/jquery-ui.min_1181bd7.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen75 Hash 1181bd77c55b64d5f8a9fe1f50fff2f9 c237f918a8c67f014a6e9e0478ac479c0330d4f0 29e2ed2e18d0f3924908e511c93ce375712e51a9b039ded2e9cc32d3e8155de0 Loading...

	125.229.144.213/script/plugins/jquery-migrate-1.4.1.min_bb02cbc.js	10 kB	2023-03-08	2024-04-25
Pretty URL 125.229.144.213/script/plugins/jquery-migrate-1.4.1.min_bb02cbc.js IP 125.229.144.213 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:17 Last Seen2024-04-25 06:17:31 Times Seen75 Hash bb02cbcf32f83798ebffeb54b3fd067b 40a57d189ffaca4f1a7d7ed488b8a400e564f6a9 96b653f34a221f2a58a9220fc8e7805fa368625c10f6ee22097a7688ad458064 Loading...

HTTP Transactions (26)

URL IP Response Size

125.229.144.213/?_=375794744826

125.229.144.213

200 OK

11 kB

URL User Request GET HTTP/1.1
125.229.144.213/?_=375794744826
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

File type
HTML document, Unicode text, UTF-8 text
Size
11 kB (11171 bytes)
Hash
5165889bd265165fd2db4dc232aecb64
2f2abcdd5eb839cd53405673b613f9a7d48c6de9
513a85c63a0f71388915f897b071d8fb6aef7483cc71a2c3b370dfc94a23c1dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?_=375794744826 HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://125.229.144.213/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:00 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.11171"
Content-Type: text/html
Content-Length: 11171
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/style/plugins/jquery-ui.min_6389365.css

125.229.144.213

200 OK

32 kB

URL GET HTTP/1.1
125.229.144.213/style/plugins/jquery-ui.min_6389365.css
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
ASCII text, with very long lines (29036)
Size
32 kB (31904 bytes)
Hash
6389365a82ab99c11eb045664d92031f
d73261509fd8aef2b2699d2592759dfbe9d82597
6afe7cd6e5e23c7a5cd78f5c74ce9a8cefbda478e8f030f307ce6f7791b8cb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style/plugins/jquery-ui.min_6389365.css HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.31904"
Content-Type: text/css
Content-Length: 31904
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/style/index_78d48c7.css

125.229.144.213

200 OK

8.8 kB

URL GET HTTP/1.1
125.229.144.213/style/index_78d48c7.css
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
Unicode text, UTF-8 text, with very long lines (8782), with no line terminators
Size
8.8 kB (8798 bytes)
Hash
78d48c7578f4c16fdc2ee24d8f90ec45
535a96624284abb0caa97122650e2e7f13954951
041f03df8fcadc090a8da4f9419f39bf6fcc11605d852519d7964416556dfbe7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style/index_78d48c7.css HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.8798"
Content-Type: text/css
Content-Length: 8798
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/juicer-min_8643248.js

125.229.144.213

200 OK

7.6 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/juicer-min_8643248.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (7633), with no line terminators
Size
7.6 kB (7633 bytes)
Hash
864324813559f7ec70c8dca8d626ada1
aa841cb7e0c18a56f1ca415f907969035e9906a0
ff1d9841436ddbe2b64a57ccf229472dac19cf64a3fb46303338dd29c0030685

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/juicer-min_8643248.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.7633"
Content-Type: application/x-javascript
Content-Length: 7633
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/style/background-color_3218025.css

125.229.144.213

200 OK

9.1 kB

URL GET HTTP/1.1
125.229.144.213/style/background-color_3218025.css
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
Unicode text, UTF-8 text, with very long lines (9066), with no line terminators
Size
9.1 kB (9070 bytes)
Hash
32180259659bee36c413e51734fb6791
27f72695df8889d795899b6c07b0f349bd70633a
f06512e104bc435a528b5722fb4737d9768007b9c9524c06ca6e9698377c4afd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style/background-color_3218025.css HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.9070"
Content-Type: text/css
Content-Length: 9070
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/jquery-migrate-1.4.1.min_bb02cbc.js

125.229.144.213

200 OK

10 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/jquery-migrate-1.4.1.min_bb02cbc.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (9959), with no line terminators
Size
10 kB (9959 bytes)
Hash
bb02cbcf32f83798ebffeb54b3fd067b
40a57d189ffaca4f1a7d7ed488b8a400e564f6a9
96b653f34a221f2a58a9220fc8e7805fa368625c10f6ee22097a7688ad458064

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/jquery-migrate-1.4.1.min_bb02cbc.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.9959"
Content-Type: application/x-javascript
Content-Length: 9959
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/MD5_f913ed0.js

125.229.144.213

200 OK

5.0 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/MD5_f913ed0.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (5028), with no line terminators
Size
5.0 kB (5028 bytes)
Hash
f913ed09e5647d9123879da828944fec
7bdfbc1b676b882a5cfa6bf282645df78fe625e2
b43d54b765692c627072eb00d3ba8cbeeda005c84666c561c67f6b77de12fb83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/MD5_f913ed0.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.5028"
Content-Type: application/x-javascript
Content-Length: 5028
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/jquery.xml2json_0bb5881.js

125.229.144.213

200 OK

1.3 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/jquery.xml2json_0bb5881.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
ASCII text, with very long lines (1286), with no line terminators
Size
1.3 kB (1286 bytes)
Hash
0bb5881c6d02f7c2bbef99f490418751
96834a4508bbdb69a6f6244b56b38c039bd6c198
a5f940126512c7a1197e15f3c6a46d4d63f20efea763c53014efde620ce05b71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/jquery.xml2json_0bb5881.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.1286"
Content-Type: application/x-javascript
Content-Length: 1286
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/jquery_0462a82.js

125.229.144.213

200 OK

93 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/jquery_0462a82.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
93 kB (93421 bytes)
Hash
0462a824317b31550dbbc17270fe5229
9410dfd263e9e62ff7cfe17d9c3d88becfff5ee2
cedd187fae3adb65b2ad04ee12674bd25de95cc67902df32c4717a7c4ce5dd71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/jquery_0462a82.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.93421"
Content-Type: application/x-javascript
Content-Length: 93421
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/base64.min_ae031ff.js

125.229.144.213

200 OK

2.9 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/base64.min_ae031ff.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2865), with no line terminators
Size
2.9 kB (2877 bytes)
Hash
ae031fff66d56f901ad638142d6db126
d8c94f9390534bb124ef0344273531b11b540ff2
d373d4102eb6676e442e976b37064226adbdda5a821f034ce2f428ecdad379ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/base64.min_ae031ff.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.2877"
Content-Type: application/x-javascript
Content-Length: 2877
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/images/logo.png

125.229.144.213

200 OK

2.9 kB

URL GET HTTP/1.1
125.229.144.213/images/logo.png
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2902 bytes)
Hash
bc6732baa9ac7060b77d8480926706ce
629a8a1d68e0d5b0c9ebd3f9eeaf2967399f39df
b39cb59e927dc9054c64da6495939b0efaf787e726514d38e18d47d727803e48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Sat, 06 Apr 2024 08:08:59 GMT
Etag: "6611031b.2902"
Content-Type: image/png
Content-Length: 2902
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/images/login_form_background_449dfee.gif

125.229.144.213

200 OK

353 B

URL GET HTTP/1.1
125.229.144.213/images/login_form_background_449dfee.gif
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
GIF image data, version 89a, 1 x 250
Size
353 B (353 bytes)
Hash
449dfeecb9da57ea32687f965d47ca04
be1c213002900511ba9e9ef56019f4d49a6992fa
a038b95eab62f5df980bcf0a122d136753542ac90407f492d71e0f3617d9c9d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_form_background_449dfee.gif HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/style/index_78d48c7.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.353"
Content-Type: image/gif
Content-Length: 353
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/images/bg/btn-skin_82fa90d.png

125.229.144.213

200 OK

3.6 kB

URL GET HTTP/1.1
125.229.144.213/images/bg/btn-skin_82fa90d.png
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
PNG image data, 4 x 300, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3601 bytes)
Hash
82fa90d288867170fe267fb2cd2046e8
b6888dbddd1eb15460124614c006704d8da60db5
2a9fc1413966d55e7929ebf10151776229900554f980aeb306d2b21b5e861220

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg/btn-skin_82fa90d.png HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/style/index_78d48c7.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.3601"
Content-Type: image/png
Content-Length: 3601
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/images/login-header_914f13a.png

125.229.144.213

200 OK

15 kB

URL GET HTTP/1.1
125.229.144.213/images/login-header_914f13a.png
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
PNG image data, 550 x 86, 8-bit/color RGB, non-interlaced
Size
15 kB (15145 bytes)
Hash
914f13a5fb8f90d7505654139ad64e27
86d90deffac63e7e9085ecf53bc7f6a38b430bc5
d7d7e6a6ca18b6b60c441fb36dc1b3c1d66e05e0588a842a966dce7a37c3809d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login-header_914f13a.png HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/style/index_78d48c7.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.15145"
Content-Type: image/png
Content-Length: 15145
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/jquery.cookie_a5283b2.js

125.229.144.213

200 OK

1.3 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/jquery.cookie_a5283b2.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (1263), with no line terminators
Size
1.3 kB (1263 bytes)
Hash
a5283b23e629ae1b1f578f73a539f1f7
1635a44187afa7d669723703499df1d422dab79b
a95f4875531b12642d2ef720c592e2ed845d57cc846f0386147e6ab24a268e3a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/jquery.cookie_a5283b2.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.1263"
Content-Type: application/x-javascript
Content-Length: 1263
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/common_a526adc.js

125.229.144.213

200 OK

66 kB

URL GET HTTP/1.1
125.229.144.213/script/common_a526adc.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (32141)
Size
66 kB (66000 bytes)
Hash
a526adc2ba2cdf8904a88bb6fda1bd9b
e527b3010376fadebdee81ef682d2c3f8fa60e61
749e447aaa24b2258af9b3649d39c74b41aa9e683884cbb7ee049d2063201047

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/common_a526adc.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.66000"
Content-Type: application/x-javascript
Content-Length: 66000
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/jquery-ui.min_1181bd7.js

125.229.144.213

200 OK

252 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/jquery-ui.min_1181bd7.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (32277)
Size
252 kB (252324 bytes)
Hash
1181bd77c55b64d5f8a9fe1f50fff2f9
c237f918a8c67f014a6e9e0478ac479c0330d4f0
29e2ed2e18d0f3924908e511c93ce375712e51a9b039ded2e9cc32d3e8155de0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/jquery-ui.min_1181bd7.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:01 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.252324"
Content-Type: application/x-javascript
Content-Length: 252324
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/index_5240c36.js

125.229.144.213

200 OK

18 kB

URL GET HTTP/1.1
125.229.144.213/script/index_5240c36.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (18050), with no line terminators
Size
18 kB (18160 bytes)
Hash
5240c36984b1f86c50487208c0c7186d
b7207ffe20d9700badae3b6bce6a307e656f37e9
c39498e9c425825d3020154f079e2cc689ddad7c1458ba8e63a3e5bf447dd2ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/index_5240c36.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.18160"
Content-Type: application/x-javascript
Content-Length: 18160
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/static_94c85b0.js

125.229.144.213

200 OK

50 kB

URL GET HTTP/1.1
125.229.144.213/script/static_94c85b0.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
Unicode text, UTF-8 text, with very long lines (50221)
Size
50 kB (50226 bytes)
Hash
94c85b03a1ec71383a1cadc6f6b84312
4ea7a87a1b635b26e441533147d3bb28195395bb
fdb2dbda696993775a3cafb8bcd89a45f91f0e6e56f8efff18de5a6cf22cf4cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/static_94c85b0.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.50226"
Content-Type: application/x-javascript
Content-Length: 50226
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/jquery.qrcode.min_8c0b79c.js

125.229.144.213

200 OK

14 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/jquery.qrcode.min_8c0b79c.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
ASCII text, with very long lines (13954), with no line terminators
Size
14 kB (13954 bytes)
Hash
8c0b79c0ebc470280b11d101200973fa
93679d5aebaec6ea11438b4eea9e1d0341fbe3fa
6763cffba1001e10096f012739378d90031aa1a1d8b0df1170a3ac6540ce8575

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/jquery.qrcode.min_8c0b79c.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.13954"
Content-Type: application/x-javascript
Content-Length: 13954
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/script/plugins/excanvas_b43971b.js

125.229.144.213

200 OK

18 kB

URL GET HTTP/1.1
125.229.144.213/script/plugins/excanvas_b43971b.js
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JavaScript source, ASCII text, with very long lines (17939), with no line terminators
Size
18 kB (17939 bytes)
Hash
b43971b62b6c84e5e60a0beaacc9d5e1
224c7df6a3eaaf3efb072efc07bdae529d202c49
68a0469dd1548c0ce165a166184043945989a1920272e1c906c8676197c95052

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/plugins/excanvas_b43971b.js HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:02 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.17939"
Content-Type: application/x-javascript
Content-Length: 17939
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/

125.229.144.213

14 kB

URL
125.229.144.213/
IP
125.229.144.213:0
ASN
#3462 Data Communication Business Group

File type
data
Size
14 kB (13646 bytes)
Hash
65a2465b9716fd26dc19ee5a2da4c183
894df934bc719ed0e8be78c664faf79fa4bff6b7
84b1ba263ff2053b1d679031f451d388cc2dd728d92d849199454b460320fb67

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:16:59 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.11171"
Content-Type: text/html
Content-Length: 11171
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/cgi-bin/main-cgi?json={%22cmd%22:%20116}&_=1714018622717

125.229.144.213

200 OK

299 B

URL GET HTTP/1.1
125.229.144.213/cgi-bin/main-cgi?json={%22cmd%22:%20116}&_=1714018622717
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JSON text data
Size
299 B (299 bytes)
Hash
ec38de2b47c9f8274ec2ee003f09bff6
244b627f59cb6187c3452814d36c0c48ba5cbdf7
2c5be179f4e8207950e9394573b40bad09aced219220b4971cd47334284477a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cgi-bin/main-cgi?json={%22cmd%22:%20116}&_=1714018622717 HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html;CHARset=utf-8
Content-Length: 299
Connection: close
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

125.229.144.213/res/Web_zh_TW.json?_=1714018622718

125.229.144.213

200 OK

124 kB

URL GET HTTP/1.1
125.229.144.213/res/Web_zh_TW.json?_=1714018622718
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
JSON text data
Size
124 kB (123584 bytes)
Hash
e729f62e44afbe6fcd49c14afd6d0137
1e3b2c5cbb06ccd0e381758ccac854ad620011a2
3293959e2a413e5c0d086c01089cde7e9f1c5ee78e2a7b2f4aa6dda1f9412b01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/Web_zh_TW.json?_=1714018622718 HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Cookie: len=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:03 GMT
Last-Modified: Fri, 10 Sep 2021 08:09:04 GMT
Etag: "613b12a0.123584"
Content-Type: application/json
Content-Length: 123584
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/images/icon-warning_3f20258.gif

125.229.144.213

200 OK

1.5 kB

URL GET HTTP/1.1
125.229.144.213/images/icon-warning_3f20258.gif
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
GIF image data, version 89a, 31 x 32
Size
1.5 kB (1483 bytes)
Hash
3f20258272af0e00f6b7531b3b9aee35
3d4f047b9de8f17d18b39fabfc166fb6b1b63d3b
e80856715e5f2dc6b7a86bd1777d6095f7581ca53ac6f1af9b424ecfb1050ea2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/icon-warning_3f20258.gif HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/style/index_78d48c7.css
Cookie: len=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:04 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.1483"
Content-Type: image/gif
Content-Length: 1483
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

125.229.144.213/favicon.ico

125.229.144.213

200 OK

2.6 kB

URL GET HTTP/1.1
125.229.144.213/favicon.ico
IP
125.229.144.213:80
ASN
#3462 Data Communication Business Group

Requested by
http://125.229.144.213/?_=375794744826

File type
MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel
Size
2.6 kB (2550 bytes)
Hash
1536f25632f78fb03babedcb156d3f69
02d425fe4f0a322dd5589c7a434d9bff3e518dc6
0396f746b2ac3064d779fe3a02187a3f0663dc186e728c21d28c9bda71ba2fcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 125.229.144.213
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://125.229.144.213/?_=375794744826
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 04:17:03 GMT
Last-Modified: Fri, 10 Sep 2021 08:01:14 GMT
Etag: "613b10ca.2550"
Content-Type: image/x-icon
Content-Length: 2550
Connection: keep-alive
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML