Report - 37.194.206.12/

Report Overview

Submitted URL
37.194.206.12/
IP
37.194.206.12
ASN
#31200 Novotelecom Ltd
Submitted
2024-05-01 21:33:26
Access
public
Website Title
API-BIO
Final URL
37.194.206.12/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
37.194.206.12	unknown	unknown	2016-07-24	2016-07-24	4.1 kB	715 kB	37.194.206.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed
2024-05-01	medium	37.194.206.12	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	37.194.206.12/js/jquery.min.js	90 kB	2023-03-07	2024-05-15
Pretty URL 37.194.206.12/js/jquery.min.js IP 37.194.206.12 ASN #31200 Novotelecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-15 20:30:49 Times Seen273722 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	37.194.206.12/js/popper.min.js	19 kB	2023-03-07	2024-05-15
Pretty URL 37.194.206.12/js/popper.min.js IP 37.194.206.12 ASN #31200 Novotelecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-15 20:29:54 Times Seen115350 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	37.194.206.12/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-15
Pretty URL 37.194.206.12/js/bootstrap.min.js IP 37.194.206.12 ASN #31200 Novotelecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-15 20:29:55 Times Seen140528 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	37.194.206.12/js/categories.js	4.1 kB	2023-03-13	2024-05-01
Pretty URL 37.194.206.12/js/categories.js IP 37.194.206.12 ASN #31200 Novotelecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:06:35 Last Seen2024-05-01 23:33:27 Times Seen5 Hash 9f61af9236b424c4fb7ea711f1ce5092 895bc9dce5a00c40175900abf361145d57f7f691 5bacb350cb7bb15d91e20157d1d9579a5b8d17799f296515e91938fbad3378c3 Loading...

HTTP Transactions (12)

URL IP Response Size

37.194.206.12/

37.194.206.12

200 OK

5.6 kB

URL User Request GET HTTP/1.1
37.194.206.12/
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

File type
HTML document, Unicode text, UTF-8 text
Size
5.6 kB (5640 bytes)
Hash
8b6277e26d24772a5bcebdd4d741b56e
6f7d840971d38289fbb353b0136da4adef326cbc
f12f74e4586c1b6c77e91c1c95fabc463c9c09c8d67eef16f38c46cb300e3ae1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.3.3

37.194.206.12/css/main.css

37.194.206.12

200 OK

2.9 kB

URL GET HTTP/1.1
37.194.206.12/css/main.css
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
Unicode text, UTF-8 text
Size
2.9 kB (2927 bytes)
Hash
5cf1c9ffcb1f81a1ff609825db990e77
2d30c127a01a9f360908d37f863b7689fa44940d
d4d619fd04b8a94ac96c87fb3884e2f4bac888513b6162d6b092d0064b7a81cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.css HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/css
Content-Length: 2927
Last-Modified: Wed, 04 May 2022 01:51:04 GMT
Connection: keep-alive
ETag: "6271dc08-b6f"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/css/w3.css

37.194.206.12

200 OK

23 kB

URL GET HTTP/1.1
37.194.206.12/css/w3.css
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
Unicode text, UTF-8 (with BOM) text
Size
23 kB (23427 bytes)
Hash
ba0537e9574725096af97c27d7e54f76
bd46b47d74d344f435b5805114559d45979762d5
4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/w3.css HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/css
Content-Length: 23427
Last-Modified: Tue, 03 May 2022 08:57:04 GMT
Connection: keep-alive
ETag: "6270ee60-5b83"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/js/popper.min.js

37.194.206.12

200 OK

19 kB

URL GET HTTP/1.1
37.194.206.12/js/popper.min.js
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
19 kB (19188 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/javascript
Content-Length: 19188
Last-Modified: Wed, 27 Apr 2022 10:07:25 GMT
Connection: keep-alive
ETag: "626915dd-4af4"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/css/bootstrap-grid.min.css

37.194.206.12

200 OK

53 kB

URL GET HTTP/1.1
37.194.206.12/css/bootstrap-grid.min.css
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
ASCII text, with very long lines (52539)
Size
53 kB (52805 bytes)
Hash
a92ffe0efac491b009a7c8e4e15b6861
1b3c1e334bb8687f5fcbdcdebc2255d2a462964a
9abd3f5a7973251d6b17cccd16652859f722a145f3e74272a5d31923c18f22c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap-grid.min.css HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/css
Content-Length: 52805
Last-Modified: Sat, 09 Oct 2021 14:44:23 GMT
Connection: keep-alive
ETag: "6161aac7-ce45"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/css/bootstrap.min.css

37.194.206.12

200 OK

145 kB

URL GET HTTP/1.1
37.194.206.12/css/bootstrap.min.css
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
ASCII text, with very long lines (65325)
Size
145 kB (144877 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/css
Content-Length: 144877
Last-Modified: Wed, 04 May 2022 05:15:27 GMT
Connection: keep-alive
ETag: "62720bef-235ed"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/js/jquery.min.js

37.194.206.12

200 OK

90 kB

URL GET HTTP/1.1
37.194.206.12/js/jquery.min.js
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/javascript
Content-Length: 89501
Last-Modified: Wed, 10 Mar 2021 14:28:09 GMT
Connection: keep-alive
ETag: "6048d779-15d9d"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/js/categories.js

37.194.206.12

200 OK

4.1 kB

URL GET HTTP/1.1
37.194.206.12/js/categories.js
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
Unicode text, UTF-8 text
Size
4.1 kB (4084 bytes)
Hash
9f61af9236b424c4fb7ea711f1ce5092
895bc9dce5a00c40175900abf361145d57f7f691
5bacb350cb7bb15d91e20157d1d9579a5b8d17799f296515e91938fbad3378c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/categories.js HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:02 GMT
Content-Type: text/javascript
Content-Length: 4084
Last-Modified: Fri, 29 Apr 2022 13:59:56 GMT
Connection: keep-alive
ETag: "626bef5c-ff4"
Expires: Fri, 31 May 2024 21:33:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/images/logo.png

37.194.206.12

200 OK

4.9 kB

URL GET HTTP/1.1
37.194.206.12/images/logo.png
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
PNG image data, 408 x 80, 8-bit/color RGBA, non-interlaced
Size
4.9 kB (4930 bytes)
Hash
8a4eb2877d6fcf647e52c89b19969fdf
a955b37bcd99b102e1d758d16f5fdcbee7b22e75
ed9938bb8705473e10306b700d6e3144125af4b4283d17037937b08e63898238

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:02 GMT
Content-Type: image/png
Content-Length: 4930
Last-Modified: Mon, 25 Apr 2022 10:15:50 GMT
Connection: keep-alive
ETag: "626674d6-1342"
Expires: Fri, 31 May 2024 21:33:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/js/bootstrap.min.js

37.194.206.12

200 OK

49 kB

URL GET HTTP/1.1
37.194.206.12/js/bootstrap.min.js
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:01 GMT
Content-Type: text/javascript
Content-Length: 48944
Last-Modified: Wed, 27 Apr 2022 10:08:01 GMT
Connection: keep-alive
ETag: "62691601-bf30"
Expires: Fri, 31 May 2024 21:33:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

37.194.206.12/fonts/Pacifico-Regular.ttf

37.194.206.12

200 OK

315 kB

URL GET HTTP/1.1
37.194.206.12/fonts/Pacifico-Regular.ttf
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409
Size
315 kB (315408 bytes)
Hash
85bb2d0ec4a0da159de42e89089ccc0b
baca1fca7fe74b61cb33aa0da48ec1a3a77bcf49
4dac9db3fa9ca072f7861fd916bf04bdceac6069d0f3a886f5e523d922e918f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/Pacifico-Regular.ttf HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:02 GMT
Content-Type: font/ttf
Content-Length: 315408
Last-Modified: Tue, 08 Mar 2011 17:00:00 GMT
Connection: keep-alive
ETag: "4d766090-4d010"
Accept-Ranges: bytes

37.194.206.12/favicon.ico

37.194.206.12

404 Not Found

153 B

URL GET HTTP/1.1
37.194.206.12/favicon.ico
IP
37.194.206.12:80
ASN
#31200 Novotelecom Ltd

Requested by
http://37.194.206.12/

File type
HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
d47b646093dd84d34885a714ce4bd74e
c4df23671b6440e29159093dc52cb8c4aa184597
6807c84bf35d67496e020c1528303b87d4759933c09817e514a7159ac689d352

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 37.194.206.12
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://37.194.206.12/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:33:02 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections