Report - 112.74.165.164:8083/adobe/pxtxfwjg

Report Overview

Visited public
2023-12-10 11:37:04
Tags
URL
112.74.165.164:8083/adobe/pxtxfwjg
Finishing URL
112.74.165.164:8083/adobe/pxtxfwjg
IP / ASN
112.74.165.164
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Title
Adobe 中国授权培训中心

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
112.74.165.164:8083	unknown	unknown	No data	No data	13 kB	1.6 MB	112.74.165.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed
2023-12-10	medium	112.74.165.164	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	112.74.165.164:8083/adobe/jsLib/jquery.fullPage.min.js	ScriptElement	107 kB	2023-08-05	2023-12-10
Pretty URL 112.74.165.164:8083/adobe/jsLib/jquery.fullPage.min.js IP 112.74.165.164 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 10:31 Last Seen2023-12-10 12:37 Times Seen1 Hash 023b79862feaf88278d05f12aa7e29ed c5674cfc2dbe084111d6a56db4ce2bbea290c67a a5e7c9349af28e04be33e55d7566f269d36085e9be96630312d39e0e7ea6affd Loading...

	112.74.165.164:8083/jsLib/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-09
Pretty URL 112.74.165.164:8083/jsLib/jquery.min.js IP 112.74.165.164 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:10 Times Seen6111 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	112.74.165.164:8083/jsLib/bootstrap.min.js	ScriptElement	40 kB	2023-03-07	2025-05-09
Pretty URL 112.74.165.164:8083/jsLib/bootstrap.min.js IP 112.74.165.164 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:08 Times Seen7450 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	112.74.165.164:8083/adobe/jsLib/setRem.js	ScriptElement	524 B	2023-12-10	2023-12-10
Pretty URL 112.74.165.164:8083/adobe/jsLib/setRem.js IP 112.74.165.164 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-10 12:37 Last Seen2023-12-10 12:37 Times Seen1 Hash 16390a67eb3226b516ff870b99f5a195 ff38eadae49f06b0ada2165cf82c369006a76343 57077247d03ba5f47aba6c99c73e1827ffc62a87819f88db576b0e56f8bfc424 Loading...

		Size	First Seen	Last Seen
	#1 Write - 02b040d6c2c2e535a51165370056e75b	99 B	2024-08-20 16:12	2024-08-20 16:12
Pretty Observations First Seen2024-08-20 16:12 Last Seen2024-08-20 16:12 Times Seen1 Hash 02b040d6c2c2e535a51165370056e75b 33dd364c70dacc1078e64984d40935c6626e27cd 1f0cd36240ed3cab8c77542afffbd22ff41ed4af3ac91b70642928cc225246d9 Loading...

HTTP Transactions (33)

URL IP Response Size

112.74.165.164:8083/adobe/pxtxfwjg

112.74.165.164

200

11 kB

URL User Request GET HTTP/1.1
112.74.165.164:8083/adobe/pxtxfwjg
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document text - exported SGML document, Unicode text, UTF-8 text
Size
11 kB (11349 bytes)
Hash
3032fcfa0d9b3d282841e4d7ee455956
5d21f617240a845bfcd6ade2e6b7dccf58eeb58e
613919b84a6f78a088135cdf8b8356779d6433498782c130dc88e2f1b9354555

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/pxtxfwjg HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/html;charset=UTF-8
Content-Language: zh-CN
Transfer-Encoding: chunked
Date: Sun, 10 Dec 2023 11:36:38 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/cssLib/resize.css

112.74.165.164

200

1.2 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/cssLib/resize.css
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
CSV text - , Unicode text, UTF-8 text
Size
1.2 kB (1157 bytes)
Hash
926575ff8eac35db53577369278fe1b4
fce576c6a045e29a771529f806f3f5e3a34635c0
1bf2ff629b28d78ee08f82cd73f8eb13707b5f5fa79465f19a29d2d8145202e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/cssLib/resize.css HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1157
Date: Sun, 10 Dec 2023 11:36:38 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/css/pxtxfwjg.css

112.74.165.164

200

5.9 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/css/pxtxfwjg.css
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text
Size
5.9 kB (5856 bytes)
Hash
60a24b727ec7cfacdb350087cdddcd3d
a44b22a64cb510cee6121b0ff738865f77005ebf
2948f88684907885f79504202898efff2e0f0da70f3790eeceac51f2a48936de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/css/pxtxfwjg.css HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 5856
Date: Sun, 10 Dec 2023 11:36:38 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/css/header.css

112.74.165.164

200

837 B

URL GET HTTP/1.1
112.74.165.164:8083/css/header.css
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text
Size
837 B (837 bytes)
Hash
4663a3b90589672ea0454915643b853d
638d95c5cc50758c02a68344b3537166c2e115c6
cbde4f4f4e2b04a5d5e8ecd10ac95828985f9c1533663a5724f6432c4ff7f484

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/header.css HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 837
Date: Sun, 10 Dec 2023 11:36:38 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/jsLib/bootstrap.min.js

112.74.165.164

200

40 kB

URL GET HTTP/1.1
112.74.165.164:8083/jsLib/bootstrap.min.js
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text, with very long lines (39553)
Size
40 kB (39680 bytes)
Hash
2f34b630ffe30ba2ff2b91e3f3c322a1
b16fd8226bd6bfb08e568f1b1d0a21d60247cefb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jsLib/bootstrap.min.js HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 39680
Date: Sun, 10 Dec 2023 11:36:38 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/css/footer.css

112.74.165.164

200

498 B

URL GET HTTP/1.1
112.74.165.164:8083/css/footer.css
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text
Size
498 B (498 bytes)
Hash
a616e8bc700fb59ec7ac94a4f472d4e8
b790c0591d57741f51128c4b33a4308664b2f412
a287a43d53e3d1a7a84c460c8a1b021e0275aa755e373d09530aab9007568955

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/footer.css HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 498
Date: Sun, 10 Dec 2023 11:36:39 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/jsLib/setRem.js

112.74.165.164

200

524 B

URL GET HTTP/1.1
112.74.165.164:8083/adobe/jsLib/setRem.js
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text
Size
524 B (524 bytes)
Hash
16390a67eb3226b516ff870b99f5a195
ff38eadae49f06b0ada2165cf82c369006a76343
57077247d03ba5f47aba6c99c73e1827ffc62a87819f88db576b0e56f8bfc424

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/jsLib/setRem.js HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 524
Date: Sun, 10 Dec 2023 11:36:39 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/cssLib/bootstrap.css

112.74.165.164

200

142 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/cssLib/bootstrap.css
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text, with very long lines (540)
Size
142 kB (141622 bytes)
Hash
2183d05f5a0a9a3b2e8cb0509ca363e3
f2183455571b19311a235bd5aa204e694ade8e94
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/cssLib/bootstrap.css HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 141622
Date: Sun, 10 Dec 2023 11:36:38 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/jsLib/jquery.fullPage.min.js

112.74.165.164

200

107 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/jsLib/jquery.fullPage.min.js
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text
Size
107 kB (106564 bytes)
Hash
023b79862feaf88278d05f12aa7e29ed
c5674cfc2dbe084111d6a56db4ce2bbea290c67a
a5e7c9349af28e04be33e55d7566f269d36085e9be96630312d39e0e7ea6affd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/jsLib/jquery.fullPage.min.js HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 106564
Date: Sun, 10 Dec 2023 11:36:39 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/jsLib/jquery.min.js

112.74.165.164

200

96 kB

URL GET HTTP/1.1
112.74.165.164:8083/jsLib/jquery.min.js
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
ASCII text, with very long lines (32038)
Size
96 kB (95957 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jsLib/jquery.min.js HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 95957
Date: Sun, 10 Dec 2023 11:36:39 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/shixi.png

112.74.165.164

200

2.6 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/shixi.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced - data
Size
2.6 kB (2597 bytes)
Hash
7166c8398fabb7e33d08678ef0a1762e
606544715c1bd85c93c321e12cd363f1fc9675d4
b518e3e7e6d09498b792605585a3dd436b5bf755f4961419bb36b40970b75681

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/shixi.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2597
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/wrjkbxs_icon.png

112.74.165.164

200

2.2 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/wrjkbxs_icon.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 52 x 50, 8-bit/color RGBA, non-interlaced - data
Size
2.2 kB (2226 bytes)
Hash
40e2cd22c9ca26cf4150fe8a56955b58
ecc29a809bbe8028e73b64f600b643cfd3f78958
a2961d035e3faf60885c554e8876a46566600223731dc4c660d430c2467e57c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/wrjkbxs_icon.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2226
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/youxue.png

112.74.165.164

200

3.8 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/youxue.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 59 x 59, 8-bit/color RGBA, non-interlaced - data
Size
3.8 kB (3816 bytes)
Hash
9fff4fdce8395badcd339de2a8b4740f
3123166e0edf95ec06bdc978f7b3dbc2a9ee07a1
1185c184f5ea63f9b7bf83c45dbfc2743f2c75338d5a111f387532b4a84195e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/youxue.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3816
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/qiye.png

112.74.165.164

200

2.5 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/qiye.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 61 x 53, 8-bit/color RGBA, non-interlaced - data
Size
2.5 kB (2543 bytes)
Hash
03179e083d159589846b3a820ce11fd8
ddc0dbcc1217b686fd5df9e64347949a5f9469a1
5841c984be4333c7491c3fe29e0a97edec10de9f2918fb56b4f9f5a490fa90b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/qiye.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2543
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/qf.png

112.74.165.164

200

9.1 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/image/pxtxfwjg/qf.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 287 x 276, 8-bit/color RGB, non-interlaced - data
Size
9.1 kB (9147 bytes)
Hash
109bdbf35f954e8b5d5822598c2df280
8ceac15b06ff7099467db4734bc0417f144814f8
9d0cfcebb0acc86d094db6537980f47ea13c89dc5e15b54614bdb1bfab30346f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/qf.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/css/pxtxfwjg.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9147
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/wrjkbxs.png

112.74.165.164

200

1.5 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/image/pxtxfwjg/wrjkbxs.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 287 x 276, 8-bit/color RGB, non-interlaced - data
Size
1.5 kB (1490 bytes)
Hash
b32677d63a6d6685e21590502f02733f
569c162c05b986cdebe9e76309949a2baef85240
5fb1817b019d9037330869fefc83a9e3b971e0b01569fedd0c2b404d5b8d516b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/wrjkbxs.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/css/pxtxfwjg.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1490
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/cjqyxmsjjh.png

112.74.165.164

200

1.5 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/image/pxtxfwjg/cjqyxmsjjh.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 287 x 276, 8-bit/color RGB, non-interlaced - data
Size
1.5 kB (1489 bytes)
Hash
174faa3170d1f7ec70abc7aaf5674a46
011dee043b6e5e7312e79059da72e34fb0fe467f
47d6053ba90fdd20f2e3633460284f07a2680ec3cc806b5bf6b2f4267ae3a861

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/cjqyxmsjjh.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/css/pxtxfwjg.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1489
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pubImage/xian.png

112.74.165.164

200

6.8 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pubImage/xian.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 1918 x 12, 8-bit/color RGB, non-interlaced - data
Size
6.8 kB (6806 bytes)
Hash
9d6c0e3f1903657da5f996fe1b1f2000
b69b59d568eccdcfb102328940dec2938b9d88fe
b2ea5ef39468c32f870a1971ec5c0d7bacc6487cba595858a19b821079906ffe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pubImage/xian.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 6806
Date: Sun, 10 Dec 2023 11:36:45 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/zzscjn.png

112.74.165.164

200

32 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/image/pxtxfwjg/zzscjn.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 287 x 276, 8-bit/color RGB, non-interlaced - data
Size
32 kB (32055 bytes)
Hash
20fc70a1eb1bf794ca44f9f3417598a0
b39a260fecc0824b6e5c6a8b06921b98b6516376
f3c3f0c4498702046a78ce417435951534209ac8a87c66450a6852895d1e67be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/zzscjn.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/css/pxtxfwjg.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 32055
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/favicon.ico

112.74.165.164

200

17 kB

URL GET HTTP/1.1
112.74.165.164:8083/favicon.ico
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel - data
Size
17 kB (16958 bytes)
Hash
e49fd30ea870c7a820464ca56a113e6e
38ccc3603a8bc74ed3f7491222c9d50e73aa421a
148ce319907e947199c93f77c9317c0b166bc17d77d6cf6378f8374e8d2fb1a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 16958
Date: Sun, 10 Dec 2023 11:36:46 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/pinpai.png

112.74.165.164

200

2.2 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/pinpai.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 53 x 58, 8-bit/color RGBA, non-interlaced - data
Size
2.2 kB (2210 bytes)
Hash
d6d7ecd912c158510aeccea2c3e4e74f
caa41b3c8c64985633ec505bf339d1153c13c2d9
f0ec5b694b54847016a369eacdbca4024f033b65f22524427583ecbb103608aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/pinpai.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2210
Date: Sun, 10 Dec 2023 11:36:46 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/PS.png

112.74.165.164

200

1.7 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/PS.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 59 x 52, 8-bit/color RGBA, non-interlaced - data
Size
1.7 kB (1675 bytes)
Hash
d75ce484791ffd47aa43c2d7d91b3291
7cde39c5dec4f877a2b17632066ca1350df583f4
9034433afd82bfdd39db10743c92e519637a6bdeb8ca029c1a1061013345e87c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/PS.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1675
Date: Sun, 10 Dec 2023 11:36:46 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/jiaoxue.png

112.74.165.164

200

2.6 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/jiaoxue.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 64 x 44, 8-bit/color RGBA, non-interlaced - data
Size
2.6 kB (2598 bytes)
Hash
70b5822088e5607bb3fa5895189e9732
106d281bebe769a7fe78f0f94c842bd5caff8254
a21ead082269bca981e4b72e521990593a51f2621e5c009460a710c0321df0e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/jiaoxue.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2598
Date: Sun, 10 Dec 2023 11:36:48 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/profile/upload/2023/01/14/%E8%AF%81%E4%B9%A62_20230114171500A002.png

112.74.165.164

200

154 kB

URL GET HTTP/1.1
112.74.165.164:8083/profile/upload/2023/01/14/%E8%AF%81%E4%B9%A62_20230114171500A002.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 600 x 466, 8-bit/color RGB, non-interlaced - data
Size
154 kB (153488 bytes)
Hash
7d4a7dad9f981b1e01d5a1d2f0d53770
34c5c0680d251f057a22a599784fb9b94d9e07b4
a4c5719bbf28824cc7d24fd4c652ac0c0202456855b7b08036625a9e280d35a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /profile/upload/2023/01/14/%E8%AF%81%E4%B9%A62_20230114171500A002.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sat, 14 Jan 2023 09:15:00 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 153488
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/zzscjn_icon.png

112.74.165.164

200

2.6 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/zzscjn_icon.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 61 x 45, 8-bit/color RGBA, non-interlaced - data
Size
2.6 kB (2604 bytes)
Hash
d0d5f79844a61868b71c657789273d5e
35e7035903db7c86c06d9aa1c4b52abdf1ebbf49
e5994ce9d39a0259ee063ea4181521c6ed52fbccfd7f13714c0a7bff7dd1eb4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/zzscjn_icon.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2604
Date: Sun, 10 Dec 2023 11:36:49 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/qf_icon.png

112.74.165.164

200

2.9 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/qf_icon.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 56 x 54, 8-bit/color RGBA, non-interlaced - data
Size
2.9 kB (2865 bytes)
Hash
d2046026779d49b17bfba9751d90d91f
d8afe1976f779585bdcbf31b651b7acf087520df
5e5d849db7f146e1b5da4d7c0541619e70b7497af87671a3bc6e70ef7e804f4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/qf_icon.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2865
Date: Sun, 10 Dec 2023 11:36:48 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pxtxfwjg/cjqyxmsjjh_icon.png

112.74.165.164

200

3.0 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pxtxfwjg/cjqyxmsjjh_icon.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 54 x 56, 8-bit/color RGBA, non-interlaced - data
Size
3.0 kB (2976 bytes)
Hash
147f30924323221e0c61357aa0dc3df0
e911af9e350ca32c3f129e13bd2aa02eeae3c06c
f76702dff809698ac62faccf9b7a778fdc69a9987848296b684db5f5386daae5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pxtxfwjg/cjqyxmsjjh_icon.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2976
Date: Sun, 10 Dec 2023 11:36:49 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/image/pubImage/logo.png

112.74.165.164

200

11 kB

URL GET HTTP/1.1
112.74.165.164:8083/image/pubImage/logo.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 262 x 54, 8-bit/color RGBA, non-interlaced - data
Size
11 kB (11048 bytes)
Hash
ddf6caf665f5535318dda82b4088e2ce
6d650c82176d95ae8861912b520c45568ac7cfbc
55ffe78a24cb9b2273b5de659666112c1c1345fffb9573a2e1b77c4217d6160a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/pubImage/logo.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 11048
Date: Sun, 10 Dec 2023 11:36:49 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/profile/upload/2023/01/14/%E8%AF%81%E4%B9%A61_20230114171452A001.png

112.74.165.164

200

156 kB

URL GET HTTP/1.1
112.74.165.164:8083/profile/upload/2023/01/14/%E8%AF%81%E4%B9%A61_20230114171452A001.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 600 x 466, 8-bit/color RGB, non-interlaced - data
Size
156 kB (156134 bytes)
Hash
66b2768e8b34f1ce50f9e9ce88967afe
96bff552493c2a4284c1b6b473a4f99fc5abe2b3
dcbcc80114ede279fb8668273742b297ff91ab5a57f46b145ca07ab95aec0099

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /profile/upload/2023/01/14/%E8%AF%81%E4%B9%A61_20230114171452A001.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sat, 14 Jan 2023 09:14:52 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 156134
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/Services.png

112.74.165.164

200

248 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/image/pxtxfwjg/Services.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 1028 x 636, 8-bit/color RGBA, non-interlaced - data
Size
248 kB (247758 bytes)
Hash
1bfb69dbb0ca97da042827ccba037741
d60cf33030bbc481c62e5f00f117706c41d93c4d
739bceaf5a49062bab9f6ec8873a8eb479d09efe15df29d1aca337e546cfc43d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/Services.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/css/pxtxfwjg.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 247758
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/bigHz.png

112.74.165.164

200

553 kB

URL GET HTTP/1.1
112.74.165.164:8083/adobe/image/pxtxfwjg/bigHz.png
IP
112.74.165.164:8083
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type
PNG image data, 1248 x 362, 8-bit/color RGB, non-interlaced - data
Size
553 kB (552613 bytes)
Hash
374b837318b3ed8d9a6626a1184ef087
c0e73e81c7bb1c26160df065a1453b72583c0ba4
6ef475efaf8e1bd3910b6e7bd1273c6e2e79a0f2104fe874e1f680fe168cd327

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/bigHz.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 552613
Date: Sun, 10 Dec 2023 11:36:45 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/banner.png

0.0.0.0

0 B

URL GET
112.74.165.164:8083/adobe/image/pxtxfwjg/banner.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/banner.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/pxtxfwjg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 720771
Date: Sun, 10 Dec 2023 11:36:49 GMT
Keep-Alive: timeout=60
Connection: keep-alive

112.74.165.164:8083/adobe/image/pxtxfwjg/photo.png

0.0.0.0

0 B

URL GET
112.74.165.164:8083/adobe/image/pxtxfwjg/photo.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://112.74.165.164:8083/adobe/pxtxfwjg

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adobe/image/pxtxfwjg/photo.png HTTP/1.1
Host: 112.74.165.164:8083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://112.74.165.164:8083/adobe/css/pxtxfwjg.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 07 Aug 2023 01:07:21 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1433510
Date: Sun, 10 Dec 2023 11:36:44 GMT
Keep-Alive: timeout=60
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (33)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1