Report - 64.139.244.252/

Report Overview

Submitted URL
64.139.244.252/
IP
64.139.244.252
ASN
#35986 VYVE-BROADBAND
Submitted
2024-05-07 22:09:58
Access
public
Website Title
64.139.244.252/html/webplugin.html
Final URL
64.139.244.252/html/webplugin.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
64.139.244.252	unknown	unknown	No data	No data	9.5 kB	802 kB	64.139.244.252

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed
2024-05-07	medium	64.139.244.252	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	64.139.244.252/js/jquery-1.11.1.min.js	96 kB	2023-03-07	2024-05-19
Pretty URL 64.139.244.252/js/jquery-1.11.1.min.js IP 64.139.244.252 ASN #35986 VYVE-BROADBAND Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-19 20:40:32 Times Seen48084 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	64.139.244.252/html/webplugin.html	0 B	2023-03-07	2024-05-19
Pretty URL 64.139.244.252/html/webplugin.html IP 64.139.244.252 ASN #35986 VYVE-BROADBAND Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 20:47:07 Times Seen37842539 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (26)

URL IP Response Size

64.139.244.252/

64.139.244.252

425 B

URL
64.139.244.252/
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
425 B (425 bytes)
Hash
a7a0a097e12b5db988d8f9ab6def9c2b
a29dacc32513f353bfe311017b89959093bfece1
383142a148fcd1c07a9fc669aa0f5c132acdec7bf976f730cd52271c26cbf70c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:46 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 425
Last-Modified: Fri, 25 Mar 2016 14:22:05 GMT
Content-Type: text/html

64.139.244.252/index.html?_1715119773534

64.139.244.252

21 kB

URL
64.139.244.252/index.html?_1715119773534
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
21 kB (20893 bytes)
Hash
a7e82f52e1b51241fc61868c1fa10513
fe65cc4b08cff8a4da2014b94f91175d90450203
dbf9d41e4d566b70cb731f28bfac74d160a68745f46b0523229ea4b5d0b837a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.html?_1715119773534 HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://64.139.244.252/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 20893
Last-Modified: Fri, 25 Mar 2016 14:22:22 GMT
Content-Type: text/html

64.139.244.252/js/jcookie.js

64.139.244.252

1.7 kB

URL
64.139.244.252/js/jcookie.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.7 kB (1677 bytes)
Hash
f2310f3108ac77f804b8d85a50d20915
bac1b13a6d66c8714865f8c86b0649186fd11ea7
d41818c43a35ca5cd31f95fae6d34daee46ca8e58a5b00c08950218d3d82efeb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jcookie.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 1677
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/js/json.js

64.139.244.252

5.0 kB

URL
64.139.244.252/js/json.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
ASCII text
Size
5.0 kB (4955 bytes)
Hash
34f7231a0a213167e801318716261d1e
f9383563b79b1df26542b6ede395bb8d1213f904
5b7242ed8e6fe3e6afec7c014b7c66fc1bd68a7b2e0d2706ffaab7876ab8f94a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/json.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 4955
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/js/common.js

64.139.244.252

36 kB

URL
64.139.244.252/js/common.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (308), with CRLF line terminators
Size
36 kB (36402 bytes)
Hash
66fdcca8b521312428e7a5db5b92c8ae
79e4d8e2f28d258bdca6eb7c829eef11685ab22b
23eba91fa4b1f04e06d61994dfcc14e83089e50c864b6825e50eeaeec6dfc2c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/common.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 36402
Last-Modified: Wed, 23 Mar 2016 03:09:08 GMT
Content-Type: application/javascript

64.139.244.252/js/qrcode.js

64.139.244.252

28 kB

URL
64.139.244.252/js/qrcode.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
ASCII text, with CRLF line terminators
Size
28 kB (28476 bytes)
Hash
2cfb76dea8f3f4710f8ea1748b194ceb
e52905594f898d470f5febeab1e847106da121aa
8aa7a76905121bb11504ede33557f03f375cfcd5d9777eb68579426086840d0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/qrcode.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 28476
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/js/CProgress.js

64.139.244.252

2.4 kB

URL
64.139.244.252/js/CProgress.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.4 kB (2400 bytes)
Hash
bc9e0142e6cb186e59bf3fdf275d1aff
237347d2b2a22767dcf513ead052af80c569afa6
208246414a3fc2e2a52885ea002913749ba455038ee019be51f83865045a78da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/CProgress.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 2400
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/js/class.js

64.139.244.252

63 kB

URL
64.139.244.252/js/class.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
63 kB (63090 bytes)
Hash
377b14f762f93c71cadf9bc4674250f5
99493e6e123b5adb21bcccad4bde0ab29059857a
df1d6133fdcfb1f50d671aac159602dac961c160c7e67ae9b109aa9be12fe94f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/class.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 63090
Last-Modified: Fri, 25 Mar 2016 06:15:42 GMT
Content-Type: application/javascript

64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css

64.139.244.252

106 B

URL
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 (with BOM) text
Size
106 B (106 bytes)
Hash
08915761b35e17f7112b8ffc32a826a0
c4acbe5778eabc1a0c93fc44463661dd3d99e9a8
0b0b364228a46d51cd953a08b51bd8040f4cfdafc06297c12fe61d6f6dd43518

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-all.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 106
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

64.139.244.252/js/main.js

64.139.244.252

84 kB

URL
64.139.244.252/js/main.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
84 kB (83618 bytes)
Hash
63719f06f34606bc7d4c0aaca04142ea
f7f6a46c37369f6cf7cacdbafb3d791799de2411
04953f508e1cb4bd2789d3358695fa22aa80d1dacd204bed5b75d4d3f2097ee1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 83618
Last-Modified: Fri, 25 Mar 2016 13:05:26 GMT
Content-Type: application/javascript

64.139.244.252/css/main.css

64.139.244.252

16 kB

URL
64.139.244.252/css/main.css
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
16 kB (16313 bytes)
Hash
c76075ec93a111b11ceed0285c115aab
19a37ad7463c962cf3852f61cca204d903bdd6bb
bdf4d382d11fc3105fe4e77d2f5222d9f32b4e64d95b563c3a89c151e078539f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 16313
Last-Modified: Tue, 20 Oct 2015 08:51:48 GMT
Content-Type: text/css

64.139.244.252/js/jquery.qrcode.min.js

64.139.244.252

14 kB

URL
64.139.244.252/js/jquery.qrcode.min.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, ASCII text, with very long lines (544)
Size
14 kB (13995 bytes)
Hash
05f0b1d7d4b9b0b4975870606d650e3c
f424bd339870510d1160d1c5da5d698aedbb452e
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.qrcode.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 13995
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/ligerUI/skins/Aqua/css/ligerui-common.css

64.139.244.252

5.4 kB

URL
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-common.css
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (581), with CRLF line terminators
Size
5.4 kB (5379 bytes)
Hash
171c0be8907e5d3e2332fa2c8f8546b4
ef74619e5ca1d0e2233a501df354342fdf44ab1d
7dbcdcf21fac47de56f206c8f4af2ed67b47a8d34aa94796711f3f3ebf4dafb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-common.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 5379
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

64.139.244.252/ligerUI/skins/Aqua/css/ligerui-dialog.css

64.139.244.252

12 kB

URL
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-dialog.css
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (305), with CRLF line terminators
Size
12 kB (12263 bytes)
Hash
684721a56d2ed66875c1bf509c9879c6
9b90f903ae0e44ff5a0d4217486be2928eed889b
38eaae1c9346bd246a9a4821b12b7d4261c7cc4db644839df5ecf793015404a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-dialog.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 12263
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

64.139.244.252/js/language.js

64.139.244.252

130 kB

URL
64.139.244.252/js/language.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
130 kB (129484 bytes)
Hash
aebf7d463cd197918aa52fbabc186a3d
4f810630bfa15819aeb3500fe77fd5618d812f09
50dcbd3b40a8169087d7c80de386b703e1d086ceda5992fcd7ce1f8f8852118f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/language.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:47 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 129484
Last-Modified: Tue, 15 Mar 2016 09:22:34 GMT
Content-Type: application/javascript

64.139.244.252/js/jquery-1.11.1.min.js

64.139.244.252

200 OK

96 kB

URL GET HTTP/1.1
64.139.244.252/js/jquery-1.11.1.min.js
IP
64.139.244.252:80
ASN
#35986 VYVE-BROADBAND

Requested by
http://64.139.244.252/html/webplugin.html

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 95786
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/ligerUI/js/ligerui.min.js

64.139.244.252

136 kB

URL
64.139.244.252/ligerUI/js/ligerui.min.js
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, ISO-8859 text, with very long lines (4671), with CRLF line terminators
Size
136 kB (135881 bytes)
Hash
6ff162554a4af4bdfc987ef94e118c5d
3e42873f2466a3359f1daf3adbcb50b2a84bf527
8e10fc96a223aed4ba0e6e51c50bb8a780208423f2fd7a2a3754662e0afeeb1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/js/ligerui.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 135881
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: application/javascript

64.139.244.252/ligerUI/skins/Aqua/css/ligerui-grid.css

64.139.244.252

16 kB

URL
64.139.244.252/ligerUI/skins/Aqua/css/ligerui-grid.css
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
16 kB (15546 bytes)
Hash
61c53696a660c837f2ff338e133cb438
be733f7d61cd4140a2701bc7ecc0ec8b342ef9fa
2f206b4e1bcb6ce75ba3fb539dc7cd113b0f90da37182f3395cfe61b17d36f3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-grid.css HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=995
Content-Length: 15546
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

64.139.244.252/images/head_bg.png

64.139.244.252

523 B

URL
64.139.244.252/images/head_bg.png
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
PNG image data, 19 x 40, 8-bit colormap, non-interlaced
Size
523 B (523 bytes)
Hash
4df95c97e94adc7b895cf103d46c18fd
1ceb0526082c423904da5817cc638db52dcd4248
d3a93ccad452bb6efe124d89b98e48c1b9909b2b05603ccdb187a8a0d7decbf3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/head_bg.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/index.html?_1715119773534
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 523
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

64.139.244.252/images/sound.png

64.139.244.252

1.3 kB

URL
64.139.244.252/images/sound.png
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
PNG image data, 64 x 32, 8-bit colormap, non-interlaced
Size
1.3 kB (1317 bytes)
Hash
7f7cdabf02238d95f9e32e06e1a64ed3
8eacb3f4e82d66e394e44eb2b31f2803f4a0590f
9f1dbf1cad9bac168ad6c38005490233e10df30ad155198811ddcdbd15f4b60f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/sound.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 1317
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

64.139.244.252/images/zoom.png

64.139.244.252

2.2 kB

URL
64.139.244.252/images/zoom.png
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
PNG image data, 64 x 32, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2174 bytes)
Hash
66a23b9d809cb5c0ae2780bdf0c9c585
940e4ada6fdc801d95a22c6eb442b79cae9d6416
a2406b56a20de1f9978f7153e0646c68f417103427fd2dd2b02b814d5e52c6f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/zoom.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 2174
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

64.139.244.252/images/live_icons.png

64.139.244.252

7.4 kB

URL
64.139.244.252/images/live_icons.png
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
PNG image data, 128 x 256, 8-bit colormap, non-interlaced
Size
7.4 kB (7443 bytes)
Hash
f6a1307a72c59fbb17a48a25e0b68be5
2403751f34eb07d5f0f425430824b4392606609e
a251b381f285c475d9ece2b6982fd480304d8a10412577d0b0c13e3b04bc513e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/live_icons.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 7443
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

64.139.244.252/images/style.png

64.139.244.252

14 kB

URL
64.139.244.252/images/style.png
IP
64.139.244.252:0
ASN
#35986 VYVE-BROADBAND

File type
PNG image data, 100 x 375, 8-bit/color RGB, interlaced
Size
14 kB (13572 bytes)
Hash
0e23981b78b905f6856a51f879ce4fc5
9c8ad37a5acfa3ffa147d8da33019304be0bb397
f8fcd4edcd4c72d582c9876db6a30db2163ed7aea56e916d5b438edbc50c6b10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/style.png HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:48 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 13572
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

64.139.244.252/html/webplugin.html

64.139.244.252

200 OK

2.4 kB

URL User Request GET HTTP/1.1
64.139.244.252/html/webplugin.html
IP
64.139.244.252:80
ASN
#35986 VYVE-BROADBAND

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
2.4 kB (2417 bytes)
Hash
71cba94de7050a3623e425abc3b976d6
c5111b4a571b4ed5ae6b0600c0d05137c5499ec4
1245f2b701d80fad35d82fd18ad7ea53f9195888935b46d98c8cebe5c5a44bfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /html/webplugin.html HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://64.139.244.252/index.html?_1715119773534
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:49 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 2417
Last-Modified: Fri, 27 Nov 2015 06:41:06 GMT
Content-Type: text/html

64.139.244.252/js/jquery-1.11.1.min.js

64.139.244.252

200 OK

96 kB

URL GET HTTP/1.1
64.139.244.252/js/jquery-1.11.1.min.js
IP
64.139.244.252:80
ASN
#35986 VYVE-BROADBAND

Requested by
http://64.139.244.252/html/webplugin.html

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/html/webplugin.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 16:28:49 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 95786
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

64.139.244.252/favicon.ico

64.139.244.252

404 Not Found

5.6 kB

URL GET HTTP/1.1
64.139.244.252/favicon.ico
IP
64.139.244.252:80
ASN
#35986 VYVE-BROADBAND

Requested by
http://64.139.244.252/html/webplugin.html

File type
data
Size
5.6 kB (5648 bytes)
Hash
32be8125797d25e53e053cf53733f080
bd760cefe786eb88520c1cd24ec998b49e660dbc
0cf232001cea88ff609358394cbbcbc1c1ca57143ecd6f0b06a0086e1b42fc1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 64.139.244.252
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://64.139.244.252/html/webplugin.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 16:28:49 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=ISO-8859-1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (26)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections