Report - 5.144.135.155/

Report Overview

Submitted URL
5.144.135.155/
IP
5.144.135.155
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Submitted
2024-04-26 21:55:46
Access
public
Website Title
MDaemon Webmail
Final URL
5.144.135.155/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
5.144.135.155	unknown	unknown	2021-02-17	2023-02-20	5.0 kB	242 kB	5.144.135.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed
2024-04-26	medium	5.144.135.155	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	5.144.135.155/WorldClient/globals.min.js?v=f11caa76ed	29 kB	2023-05-17	2024-04-26
Pretty URL 5.144.135.155/WorldClient/globals.min.js?v=f11caa76ed IP 5.144.135.155 ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.) Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 01:48:31 Last Seen2024-04-26 23:55:52 Times Seen2 Hash 8d3ff3c95968e951cdd4fb2f08c4bc33 ee35ba7b30006faf74d979cc45c8a2dcb14296b1 530169975a866d416f60b2b61f368b625971bdeaeb9679ff1182da438d898223 Loading...

	5.144.135.155/All/JavaScript/punycode.min.js?v=f11caa76ed	4.2 kB	2023-03-12	2024-04-26
Pretty URL 5.144.135.155/All/JavaScript/punycode.min.js?v=f11caa76ed IP 5.144.135.155 ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.) Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:37:37 Last Seen2024-04-26 23:55:53 Times Seen9 Hash 1c522add88d8b06ed12addce59c81c8d 35909fb661a156dabdf705be20d01a3f864bd7b7 bdaec074dbb572f4a58f59177978b48ff79e78524f2a41b80461e3fb6cf3aef3 Loading...

	5.144.135.155/WorldClient/JavaScript/logon.js?v=f11caa76ed	8.5 kB	2023-05-17	2024-04-26
Pretty URL 5.144.135.155/WorldClient/JavaScript/logon.js?v=f11caa76ed IP 5.144.135.155 ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.) Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 01:48:31 Last Seen2024-04-26 23:55:53 Times Seen2 Hash a855a30fdb269e818bbf2a6cee475807 dfc1e4eecaaccc579e874051e739c76fd72a1b47 4a74ec5bfa43ffda154a4f7779b1bac206412e18c9a1edaf8478b8ee76263030 Loading...

	5.144.135.155/All/JavaScript/jquery-latest.js?v=f11caa76ed	100 kB	2023-03-12	2024-05-02
Pretty URL 5.144.135.155/All/JavaScript/jquery-latest.js?v=f11caa76ed IP 5.144.135.155 ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.) Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:37:37 Last Seen2024-05-02 15:56:17 Times Seen9 Hash 94dad50978324bf7b082d015d230f001 0483c53dd16dc89befdc97540935253daa4e9473 44df5acf102f26a92e19880629b71526fb648cf1e684176622c964a4c0dd8f4b Loading...

	5.144.135.155/	0 B	2023-03-07	2024-05-07
Pretty URL 5.144.135.155/ IP 5.144.135.155 ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.) Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 19:55:51 Times Seen37416403 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (11)

URL IP Response Size

5.144.135.155/font-awesome/css/font-awesome.min.css?v=f11caa76ed

5.144.135.155

200 OK

4.8 kB

URL GET HTTP/1.1
5.144.135.155/font-awesome/css/font-awesome.min.css?v=f11caa76ed
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
4.8 kB (4799 bytes)
Hash
f9b977ff5ed8d4100d9b1a0eda5f99ce
1f89f3ec1ebd877d7e603b01271013853500e7b9
43697c8f6cd18dda9414700d4e27dbb0b9de1ae849d3e80cbd8b3af836fd8cef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /font-awesome/css/font-awesome.min.css?v=f11caa76ed HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: text/css
Content-Encoding: deflate
Content-Length: 4799
Last-Modified: Tue, 14 Dec 2021 07:57:54 GMT

5.144.135.155/WorldClient/pages/logon.css?v=f11caa76ed

5.144.135.155

200 OK

2.6 kB

URL GET HTTP/1.1
5.144.135.155/WorldClient/pages/logon.css?v=f11caa76ed
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
2.6 kB (2593 bytes)
Hash
e5fd8b22d1ebbe1b7637bedd8c2dcb67
5f683fdef2420cbcd898647d95b6db2a21889c50
1fcbc938bc4e51a8e29cf6567e4eca6ae3f6a675bc6fc54e3e8de9609ebf9f7c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WorldClient/pages/logon.css?v=f11caa76ed HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: text/css
Content-Encoding: deflate
Content-Length: 2593
Last-Modified: Tue, 14 Dec 2021 07:57:58 GMT

5.144.135.155/WorldClient/globals.min.js?v=f11caa76ed

5.144.135.155

200 OK

11 kB

URL GET HTTP/1.1
5.144.135.155/WorldClient/globals.min.js?v=f11caa76ed
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
11 kB (11014 bytes)
Hash
0da0cfb80053d2c4fd0bb113867ff9b0
5b5d1480928425300b8459ae740b994da6499c56
3f4bb0165ddbbe5eeaf2242879289b2894d8a561b8a462ce6f748b65684cc675

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WorldClient/globals.min.js?v=f11caa76ed HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: text/ecmascript
Content-Encoding: deflate
Content-Length: 11014
Last-Modified: Tue, 14 Dec 2021 07:57:58 GMT

5.144.135.155/WorldClient/JavaScript/logon.js?v=f11caa76ed

5.144.135.155

200 OK

2.5 kB

URL GET HTTP/1.1
5.144.135.155/WorldClient/JavaScript/logon.js?v=f11caa76ed
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
2.5 kB (2546 bytes)
Hash
6d1a0e200164749f163f2f40d10b1808
3ae8e6f0b415927dd9c0314d07224ead5c12e5e7
8f6275bb04b826a51be8d6c3679a6b5b68abd6454b4d38e29651bd2839a9316c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WorldClient/JavaScript/logon.js?v=f11caa76ed HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: text/ecmascript
Content-Encoding: deflate
Content-Length: 2546
Last-Modified: Tue, 14 Dec 2021 07:57:58 GMT

5.144.135.155/All/JavaScript/punycode.min.js?v=f11caa76ed

5.144.135.155

200 OK

1.9 kB

URL GET HTTP/1.1
5.144.135.155/All/JavaScript/punycode.min.js?v=f11caa76ed
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
1.9 kB (1914 bytes)
Hash
e05c6cf5124047599f9432ee13dadb52
d7d778880013dfd6f580e2675292ed8f4ab01974
360e574962cff37dee4e92f8eafb2c93ef556b9408ecf3d37fc9b55a08388c01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /All/JavaScript/punycode.min.js?v=f11caa76ed HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: text/ecmascript
Content-Encoding: deflate
Content-Length: 1914
Last-Modified: Tue, 14 Dec 2021 07:57:52 GMT

5.144.135.155/All/JavaScript/jquery-latest.js?v=f11caa76ed

5.144.135.155

200 OK

42 kB

URL GET HTTP/1.1
5.144.135.155/All/JavaScript/jquery-latest.js?v=f11caa76ed
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
42 kB (41596 bytes)
Hash
b76a62cee6cc7e7687fdc236c7c053fc
65488d4ca1761a81d91a2c9fa0f6d484181218b8
81acb50dd8dd15c79b901429a1cf70149d96e4b525032f6b325215251d5e7dd8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /All/JavaScript/jquery-latest.js?v=f11caa76ed HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: text/ecmascript
Content-Encoding: deflate
Content-Length: 41596
Last-Modified: Tue, 14 Dec 2021 07:57:52 GMT

5.144.135.155/font-awesome/font/fontawesome-webfont.woff?v=3.2.1

5.144.135.155

200 OK

44 kB

URL GET HTTP/1.1
5.144.135.155/font-awesome/font/fontawesome-webfont.woff?v=3.2.1
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
Web Open Font Format, TrueType, length 43572, version 1.0
Size
44 kB (43572 bytes)
Hash
b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /font-awesome/font/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/font-awesome/css/font-awesome.min.css?v=f11caa76ed
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Length: 43572
Last-Modified: Tue, 14 Dec 2021 07:57:54 GMT

5.144.135.155/All/Images/Banner.png

5.144.135.155

200 OK

93 kB

URL GET HTTP/1.1
5.144.135.155/All/Images/Banner.png
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
PNG image data, 429 x 88, 8-bit/color RGBA, non-interlaced
Size
93 kB (92986 bytes)
Hash
6242dc7975e11b45d00cbb32ce5b88c0
b23abd6872bc45e55e195ba56d97f53c6c046731
516320102fbde9aa77c77e9e34ab4b9b80dde0f66ed1adf1210bdde359f74d36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /All/Images/Banner.png HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:07 GMT
Content-Type: image/png
Content-Length: 92986
Last-Modified: Tue, 14 Dec 2021 07:57:52 GMT

5.144.135.155/WorldClient.dll?&TRANSLATION=1&THEME=WorldClient&RETURNJAVASCRIPT=1&Lang=en

5.144.135.155

200 OK

16 kB

URL GET HTTP/1.1
5.144.135.155/WorldClient.dll?&TRANSLATION=1&THEME=WorldClient&RETURNJAVASCRIPT=1&Lang=en
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
data
Size
16 kB (15482 bytes)
Hash
b6a7f3083373f39ea15b0f8fc667d924
ebbcb323e37131b2c231a20d3804b3383c4bfdee
03e76d96b37496d847be00eb5dbbf4acc932061a71adf610859463ec166c505a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WorldClient.dll?&TRANSLATION=1&THEME=WorldClient&RETURNJAVASCRIPT=1&Lang=en HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 26 Apr 2024 21:29:08 GMT
Expires: 0
Pragma: no-cache
Cache-Control: no-store
Content-Encoding: deflate
Connection: close

5.144.135.155/favicon.ico?v=f11caa76edc

5.144.135.155

200 OK

15 kB

URL GET HTTP/1.1
5.144.135.155/favicon.ico?v=f11caa76edc
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Requested by
https://5.144.135.155/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15084 bytes)
Hash
f0382e05b7b71f7bb89e96253b673307
15759f5ff7bf5ad686ede036a7debdcd5b2a899b
d1d266ec10954e1d842c4ca061514102ad8b02591990c5d59934ea53db446d56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico?v=f11caa76edc HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5.144.135.155/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Date: Fri, 26 Apr 2024 21:29:08 GMT
Content-Type: image/x-icon
Content-Length: 15084
Last-Modified: Tue, 14 Dec 2021 07:57:52 GMT

5.144.135.155/

5.144.135.155

200 OK

7.9 kB

URL User Request GET HTTP/1.1
5.144.135.155/
IP
5.144.135.155:443
ASN
#59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Certificate
IssuerUnizeto Technologies S.A.
Subject*.darakala.com
FingerprintD3:B2:08:25:9C:82:99:39:FD:6D:43:1F:4E:2D:6F:17:85:CB:94:0C
ValiditySat, 27 Aug 2022 05:20:35 GMT - Sun, 27 Aug 2023 05:20:34 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8414), with no line terminators
Size
7.9 kB (7919 bytes)
Hash
054a96582c883c555d065f0148c0d96e
654c12e2b3f76e7dfa4858da703353a9932962b8
0861bf4c3bd0b7ae04a0862230842c2b7639c8041301e5b8af92afd6ec039432

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 5.144.135.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 26 Apr 2024 21:29:06 GMT
Expires: 0
Pragma: no-cache
Cache-Control: no-store
Content-Encoding: deflate
Connection: close

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash