Report - 128.116.144.194/

Report Overview

Submitted URL
128.116.144.194/
IP
128.116.144.194
ASN
#35612 EOLO S.p.A.
Submitted
2024-05-08 20:55:04
Access
public
Website Title
128.116.144.194/
Final URL
128.116.144.194/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
128.116.144.194	unknown	unknown	No data	No data	6.4 kB	145 kB	128.116.144.194

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed
2024-05-08	medium	128.116.144.194	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	128.116.144.194/	0 B	2023-03-07	2024-05-20
Pretty URL 128.116.144.194/ IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 03:41:44 Times Seen37854691 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	128.116.144.194/menu_ready.html	0 B	2023-03-07	2024-05-20
Pretty URL 128.116.144.194/menu_ready.html IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 03:41:44 Times Seen37854691 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	128.116.144.194/cookieFun.js	5.4 kB	2023-03-07	2024-05-08
Pretty URL 128.116.144.194/cookieFun.js IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash a1075d04fb488b5b33907500b74be0e9 bf18b6321af698e74a6558a749359e8865cea15c 5d9157ab127ddb848a333f5e504935bca4bea30d4c533cb99c2af64fd53bd5fc Loading...

	128.116.144.194/SwitchJob.html	0 B	2023-03-07	2024-05-20
Pretty URL 128.116.144.194/SwitchJob.html IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 03:41:44 Times Seen37854691 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	128.116.144.194/WebCamFunc.js	69 kB	2023-06-13	2024-05-08
Pretty URL 128.116.144.194/WebCamFunc.js IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 22:19:35 Last Seen2024-05-08 22:55:11 Times Seen6 Hash e2c87320983641b33566cdcc5233643e 2848d4ba92f89288397abb8d947b6332923ab2d2 0a6687bd070aa730084d8c8802f45c253c53ad68c1cee84ca3426bd847921111 Loading...

	128.116.144.194/main_live.html	0 B	2023-03-07	2024-05-20
Pretty URL 128.116.144.194/main_live.html IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 03:41:44 Times Seen37854691 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	128.116.144.194/B_action.js	12 kB	2023-06-13	2024-05-08
Pretty URL 128.116.144.194/B_action.js IP 34.120.237.76 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 22:19:35 Last Seen2024-05-08 22:55:11 Times Seen6 Hash 93168d7650f12f6d2f18417b72b066c1 46cda805bfeaeb17b7d6d7231178cc44c4f6093b f68e1e13d4b21cdcf6316f2cde5c4fa39adb0d12f5e65dcd36a0a8bd54b8dcec Loading...

	128.116.144.194/Login.js	4.6 kB	2023-03-07	2024-05-08
Pretty URL 128.116.144.194/Login.js IP 128.116.144.194 ASN #35612 EOLO S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 2be9555a7e6a4f6f51aa987eb6b80b90 083843de56ea25f9872cb5808c6f559171de6aeb f38e1e1628bc3c5e9a598ada18c79db193ce858308737008dbac16eed6d389b1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 4fac9ba115140ac4f1c22da82aa0bc7f	3 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen15 Hash 4fac9ba115140ac4f1c22da82aa0bc7f 639d67af2a68eab848d5a1febd5f8d565abb85ba fe50b64954720ccb97ff36a6bd105b6c6018565eea17352a8e1c095204ff4e62 Loading...

	#2 Write - bb426217ac70b770638df722f37c5250	15 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 22:55:11 Last Seen2024-05-08 22:55:11 Times Seen1 Hash bb426217ac70b770638df722f37c5250 4175fda349e906f35a07eabbed391f6de75939eb 800d2be672f44ef9109bc81c1a44c8bfcecc08ed74940f238d8b947606f3566d Loading...

	#3 Write - e2a53968797d6b538a0197d3d8baa52a	42 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 22:55:11 Last Seen2024-05-08 22:55:11 Times Seen1 Hash e2a53968797d6b538a0197d3d8baa52a 729fad8af8577acd2177882aa06fa0dd12945278 086150c4a95d864052f3c04a719be5867528397e0ef2db26a0ad95480634684d Loading...

	#4 Write - 893f0135250d4c7ddb6c6e759d9a88e6	61 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 22:55:11 Last Seen2024-05-08 22:55:11 Times Seen1 Hash 893f0135250d4c7ddb6c6e759d9a88e6 bd91c13d8c17f081f3398ef2d4df52e35489239d ac5bd4b482c20231f96f171d141909654bde7b037a8f024a1a0b8f848acea4fb Loading...

	#5 Write - cedf8da05466bb54708268b3c694a78f	1 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:10:09 Last Seen2024-05-19 10:35:18 Times Seen706 Hash cedf8da05466bb54708268b3c694a78f 091385be99b45f459a231582d583ec9f3fa3d194 62b67e1f685b7fef51102005dddd27774be3fee38c42965c53aab035d0b6b221 Loading...

	#6 Write - 08f31b42499229676256dc89a8916a95	29 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 08f31b42499229676256dc89a8916a95 58deb9b0fea095208223d8d74c617315629a6a7a 9bceb3ccc05d6e157beb076fa3f0545c5ef5264a4fd2fb4727175a2f9876c791 Loading...

	#7 Write - 14303fc995ecf409b2133060d090ce2d	5 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 14303fc995ecf409b2133060d090ce2d 71a3bdd27830219aa481a6de4e8eb248834d7ec1 39c353b8758589b050db260c5f034c116a140bdcb458f2e25a5a0d60ff9d3994 Loading...

	#8 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-20 02:00:40 Times Seen12461 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#9 Write - 98f13708210194c475687be6106a3b84	2 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 01:10:09 Last Seen2024-05-08 22:55:11 Times Seen359 Hash 98f13708210194c475687be6106a3b84 91032ad7bbcb6cf72875e8e8207dcfba80173f7c f5ca38f748a1d6eaf726b8a42fb575c3c71f1864a8143301782de13da2d9202b Loading...

	#10 Write - 13ef2ba1f1ee69bb164988b9fcfc9178	16 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 13ef2ba1f1ee69bb164988b9fcfc9178 d045db8d93bc1e5f3a005036ce5841011eeedabb 81fb04738280ea69383886d646827494209c1b893e22391e52d541862298efa0 Loading...

	#11 Write - 3bcdce7b651ec1a152c9f1ec12f8f89c	31 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 3bcdce7b651ec1a152c9f1ec12f8f89c bec8c30eb187c8f39d4252499e370361df694eb7 7b1e836d85ce9e3fe66e5dc68445a4e80c17095c258a97e0164afe13ba948640 Loading...

	#12 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 03:41:44 Times Seen37854691 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#13 Write - a145d98a317fe961cc8c526ab65a4466	9 B	2023-03-07	2024-05-15
Pretty Observations First Seen2023-03-07 12:11:56 Last Seen2024-05-15 11:43:16 Times Seen169 Hash a145d98a317fe961cc8c526ab65a4466 bb6567de30c7d6965495e8d2929cfe348b292295 196c7c813d82c026b1111acb891087e8f52e9e7c936a6ea3edd38fcf0eea3a3e Loading...

	#14 Write - c539572b5e39f6b07be0c8c9b65f4872	79 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash c539572b5e39f6b07be0c8c9b65f4872 658e48fbe9b5aee20762d61b83d20f6236991348 3d6842b05f7700015a07957d6b731ecdb134f34cc70a8699092495fdc453f8b3 Loading...

	#15 Write - 4e429d1e84f56a0d5deb2336b2a4947a	51 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 4e429d1e84f56a0d5deb2336b2a4947a e1c391c3b84b174a8b42a0c9ba9c4f1d2e85a627 0d5e93e4c4838cd04fc36bbbef5b69ff30d386f2dd37fc1da4dddc046fabb841 Loading...

	#16 Write - a1e12ab3d7232340c0c9fee38e4d6c4a	55 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash a1e12ab3d7232340c0c9fee38e4d6c4a d9d14cd5b0596b61ae8c390219eb2a5bd5fe022c 6c65a70992c88e351187cf6c7bf23d2a0c6f96132ab8ee320752c25cb05c769e Loading...

	#17 Write - 164b900a9390e370c6316fa71ba4fe92	5 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 164b900a9390e370c6316fa71ba4fe92 2a786ad97e882d2f9e643f11b4d19bdc2ce26c2a 3220abf181804dd3f95ce025c900f12dad1d41490b5de1b35d59c7fc56342eda Loading...

	#18 Write - d9ffd2b8d081ff77b52f5aca91c70fab	79 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash d9ffd2b8d081ff77b52f5aca91c70fab d7015ec1b20115e93f301a393cfa6b2b52216a20 7026a2cfabae88df89da2004d824b3d8b391c664e12226fbf6272f29c8172a95 Loading...

	#19 Write - d3d9446802a44259755d38e6d163e820	2 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 01:10:09 Last Seen2024-05-08 22:55:11 Times Seen441 Hash d3d9446802a44259755d38e6d163e820 b1d5781111d84f7b3fe45a0852e59758cd7a87e5 4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5 Loading...

	#20 Write - 50f426e601f25b29223aa6a5afc99fd5	3 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen8 Hash 50f426e601f25b29223aa6a5afc99fd5 c821bd270d51812e8d8caff1c106e1ee85f7ebe4 1376200b6db166523cf12aff351df27152692786964bf48e9df3888861ad3496 Loading...

	#21 Write - e6b131276e87cb18dc0b37ddf96cf8a0	101 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash e6b131276e87cb18dc0b37ddf96cf8a0 29973a846e6862307411a34eb6a0236e088f9384 5fff8682e76b6a5eaeec91214fd3e9f9748872d40a1aee7fe9b2e0727c1cb434 Loading...

	#22 Write - 79f6b64568afe95e803e21daf14359d7	7 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:21:09 Last Seen2024-05-08 22:55:11 Times Seen7 Hash 79f6b64568afe95e803e21daf14359d7 68991874f68eed5c3a1e5975d0ca41ca8cdc577d 515694984689180cbc8ff1a2890bd64475f43a48716bce89e3dd63cfa6ace634 Loading...

HTTP Transactions (17)

URL IP Response Size

128.116.144.194/

128.116.144.194

934 B

URL User Request GET
128.116.144.194/
IP
128.116.144.194:0
ASN
#35612 EOLO S.p.A.

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
934 B (934 bytes)
Hash
fb3bfbc5354f4c5e0982928984710b5f
6803d2c47e15016b9ba931cddc20929faa1713e4
fec2d128e40e31078ccc5a0b75d9950ecb884206d17de530ade78a9b9533fd5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 934

128.116.144.194/Live.html

128.116.144.194

200 OK

472 B

URL GET HTTP/1.1
128.116.144.194/Live.html
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
472 B (472 bytes)
Hash
3b4ad1830950bf90f507afa7fbf4c2e1
d2d932bc7d9e43e5547570c99ac251c9bf178161
80455829e1a0e4eed64605e3354b3caeb5da8e591e3d1a5ad1f7af220d89c4b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Live.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 472

128.116.144.194/cookieFun.js

128.116.144.194

12 kB

URL GET
128.116.144.194/cookieFun.js
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/SwitchJob.html

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
12 kB (11581 bytes)
Hash
dab88f26d1e893ff955ac5dc35c87d9d
e29fbb725e741ad7d3f6ab08a19900e9d67afa09
8950803839de204bbd3c918a7e37750c23ff70bdd87aa3da55a7cdb12f10845f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cookieFun.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 6226

128.116.144.194/menu_ready.html

128.116.144.194

200 OK

476 B

URL GET HTTP/1.1
128.116.144.194/menu_ready.html
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/Live.html

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
476 B (476 bytes)
Hash
70baf72c2479c55ec5653a39f5ffbd60
695bfe0d61f4e74c9f053a70c0ed971b2d2f9634
060c8b831173f6f810f41128ad8b862612b462547a9e4196dda4e8e01408a10a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /menu_ready.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/Live.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 476

128.116.144.194/main_live.html

128.116.144.194

200 OK

9.0 kB

URL GET HTTP/1.1
128.116.144.194/main_live.html
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/Live.html

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
9.0 kB (9034 bytes)
Hash
3f3c6790e4cae75b15994ef8402dd771
f3e4d3c1b43e5720d7b013215c7efe7df02313bb
3091c762cb87ebce36eba912990640377fdbc4ac9341cfbdd796fc261dc610cb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main_live.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/Live.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 9034

128.116.144.194/B_action.js

34.120.237.76

20 kB

URL GET
128.116.144.194/B_action.js
IP
34.120.237.76:80
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://128.116.144.194/main_live.html

File type
data
Size
20 kB (19954 bytes)
Hash
31e39226d3593a4f0c598f0490c4ade9
af3acb92d425bcb1b66fcf66920c66065711fb16
fd435ed5ba40921e811693db1ec96bb27d9263e2f1a4fae500dd555b32400435

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /B_action.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-length: 8043
x-amzn-requestid: 25f404a4-e92e-4b8d-900f-741beed9e972
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XcJ2_Eu8oAMEP2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-663b235f-2e499cf54739955d4367a8ae;Parent=68f76a661d17370e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 08 May 2024 07:01:51 GMT
x-amz-cf-pop: HIO50-C1, SEA900-P2
x-cache: Miss from cloudfront
x-amz-cf-id: LL_lwkBLl4rO-o2aojtbvMxCC7V5wNRkHqBcX9J0mPoIsBDLybtH1w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b542d7019a03585dbf3c5588bc1da03a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 May 2024 07:04:56 GMT
age: 49794
etag: "ec5106993eb346171474efd5676e94e00acb980c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

128.116.144.194/png/background-preview-control.png

128.116.144.194

1.3 kB

URL GET
128.116.144.194/png/background-preview-control.png
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/SwitchJob.html

File type
PNG image data, 235 x 40, 8-bit/color RGB, non-interlaced
Size
1.3 kB (1328 bytes)
Hash
127b57b3061ab247ef80e786cad80b6f
c5a4f2b88bba22699f37154ed2a9a35cbfe4ac3b
fdb0b6dec922250efe8c294fbf94b8268eedc2dc0ace54bdb3314438d5ceb5d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /png/background-preview-control.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 476

128.116.144.194/Login.js

128.116.144.194

4.6 kB

URL GET
128.116.144.194/Login.js
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/main_live.html

File type
Unicode text, UTF-8 text, with very long lines (4744), with no line terminators
Size
4.6 kB (4577 bytes)
Hash
6a50797809029fb25ec2fa8bc44617d0
29644e85283b94e1742130eb39059722cd01972d
2802b9144a622a038d367990ae6ad9e13979d78f233cbe68027b470395f3c4f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Login.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/SwitchJob.css

128.116.144.194

854 B

URL GET
128.116.144.194/SwitchJob.css
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/SwitchJob.html

File type
Unicode text, UTF-8 text, with very long lines (839), with no line terminators
Size
854 B (854 bytes)
Hash
4d97d14663bb0d5864a1eb167a01d119
1079fd16c396a6dce12f668da2216225f0a4b5b0
dfd85bf5e2858a76816ba6b25aa80ef17c4433fe6cab291b693a58ba838eb9a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /SwitchJob.css HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/png/playback-up.png

128.116.144.194

2.7 kB

URL GET
128.116.144.194/png/playback-up.png
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/SwitchJob.html

File type
PNG image data, 103 x 25, 8-bit/color RGB, non-interlaced
Size
2.7 kB (2701 bytes)
Hash
bf66482a79e558da0c5eab44d506727a
ecd7bd082599c05d884795cb1c3246379f874b46
505644dd5836975958ce9b2d8e3361b5aa0aa3faf2a8804f844fa20ed1cb34bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /png/playback-up.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/WebCamFunc.js

128.116.144.194

69 kB

URL GET
128.116.144.194/WebCamFunc.js
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/main_live.html

File type

Size
69 kB (68950 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WebCamFunc.js HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/favicon.ico

0.0.0.0

0 B

URL GET
128.116.144.194/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
http://128.116.144.194/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/png/preview-dw.png

128.116.144.194

2.4 kB

URL GET
128.116.144.194/png/preview-dw.png
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/SwitchJob.html

File type
PNG image data, 103 x 25, 8-bit/color RGB, non-interlaced
Size
2.4 kB (2360 bytes)
Hash
c5b7f1308937e0cd72133ad4b6e58d50
367ea791c92d3e1898777e74c2bb2517ed04f19a
b46a7b171da7c3d8d7847c2a9b5e7804d3aa1859a3d60d4598f98393d7d9b576

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /png/preview-dw.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/SwitchJob.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/png/Login/loginbackground-1.png

128.116.144.194

3.1 kB

URL GET
128.116.144.194/png/Login/loginbackground-1.png
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/main_live.html

File type
PNG image data, 2 x 216, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3085 bytes)
Hash
faafd3e2d515fedda38f3711f67e9d75
d4b26b53c179c9e9db1f1889254818b1d9db8aeb
1dc9fee7d376456b81e98312ba961c79c2f0fad6e3f6fbf1917c17cac997fb36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /png/Login/loginbackground-1.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/png/Login/buttonup.png

128.116.144.194

3.4 kB

URL GET
128.116.144.194/png/Login/buttonup.png
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/main_live.html

File type
PNG image data, 89 x 21, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3366 bytes)
Hash
92757d50ca5b52bd07a44f56947a1366
2b68e22cddae851d196e138d92a03982e6572fbe
07f6b5a20ea677b952a17e4075bedf3898f1a2753417c73b8b37be7efc4bdbe7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /png/Login/buttonup.png HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache

128.116.144.194/SwitchJob.html

128.116.144.194

200 OK

6.2 kB

URL GET HTTP/1.1
128.116.144.194/SwitchJob.html
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6817), with no line terminators
Size
6.2 kB (6226 bytes)
Hash
d058fc29ea69cd6c52b2135090c9c685
9166a198acee14dbc1f9b9e77c001d5c5a2c162d
0733647eeaf7dc74eeabcd19788d0101e8b636f5cbbfe944c3c8543f6170387e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /SwitchJob.html HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 6226

128.116.144.194/PCViewer.css

128.116.144.194

7.8 kB

URL GET
128.116.144.194/PCViewer.css
IP
128.116.144.194:80
ASN
#35612 EOLO S.p.A.

Requested by
http://128.116.144.194/main_live.html

File type
Unicode text, UTF-8 text, with very long lines (8117), with no line terminators
Size
7.8 kB (7804 bytes)
Hash
60ba03a187fd87cba8c65c1378bcd76b
3fe18f1bd369549ca9bd8fe449e314afbc9f995f
077f44fd9873aa0cbf0b729848a13f6d80eb929101327d9508f07d4b0e15ab9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /PCViewer.css HTTP/1.1
Host: 128.116.144.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://128.116.144.194/main_live.html
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML