Report - 95.165.104.92/

Report Overview

Submitted URL
95.165.104.92/
IP
95.165.104.92
ASN
#25513 PJSC Moscow city telephone network
Submitted
2024-05-08 06:08:16
Access
public
Website Title
Apache2 Debian Default Page: It works
Final URL
95.165.104.92/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
95.165.104.92	unknown	unknown	No data	No data	1.7 kB	10 kB	95.165.104.92

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	95.165.104.92	Sinkholed
2024-05-08	medium	95.165.104.92	Sinkholed
2024-05-08	medium	95.165.104.92	Sinkholed
2024-05-08	medium	95.165.104.92	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

95.165.104.92/

95.165.104.92

200 OK

309 B

URL User Request GET HTTP/1.1
95.165.104.92/
IP
95.165.104.92:443
ASN
#25513 PJSC Moscow city telephone network

Certificate
IssuerInternet Widgits Pty Ltd
Subject
Fingerprint1F:9B:9A:6A:9D:33:95:01:6C:87:EA:E7:FE:5D:17:ED:F4:6F:72:EA
ValidityWed, 24 Jan 2024 15:37:03 GMT - Thu, 23 Jan 2025 15:37:03 GMT

File type
HTML document, ASCII text
Size
309 B (309 bytes)
Hash
b72f1eb45cf13e0cab7952808614414d
4064477c3ed41605b5981b4e8b25ac7fd6b320f9
f5a970544bf1d6f6b44882a290984e1af85c997100ae3fc21da21bf2b6b32885

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 95.165.104.92
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 06:07:50 GMT
Server: Apache/2.4.57 (Debian)
Location: https://95.165.104.92/
Content-Length: 309
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

95.165.104.92/

95.165.104.92

200 OK

3.0 kB

URL User Request GET HTTP/1.1
95.165.104.92/
IP
95.165.104.92:443
ASN
#25513 PJSC Moscow city telephone network

Certificate
IssuerInternet Widgits Pty Ltd
Subject
Fingerprint1F:9B:9A:6A:9D:33:95:01:6C:87:EA:E7:FE:5D:17:ED:F4:6F:72:EA
ValidityWed, 24 Jan 2024 15:37:03 GMT - Thu, 23 Jan 2025 15:37:03 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3041 bytes)
Hash
e2620d4a5a0f8d80dd4b16de59af981f
d23f3a5389aee902652b149cbe2474a12c57fa5a
f14e8167f12be74330c1b881b5aa3df95f5bd66d26f42cc03b87a7c38946c571

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 95.165.104.92
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:07:52 GMT
Server: Apache/2.4.57 (Debian)
Last-Modified: Wed, 24 Jan 2024 14:52:03 GMT
ETag: "29cd-60fb234b992e9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3041
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

95.165.104.92/icons/openlogo-75.png

95.165.104.92

200 OK

5.8 kB

URL GET HTTP/1.1
95.165.104.92/icons/openlogo-75.png
IP
95.165.104.92:443
ASN
#25513 PJSC Moscow city telephone network

Requested by
https://95.165.104.92/
Certificate
IssuerInternet Widgits Pty Ltd
Subject
Fingerprint1F:9B:9A:6A:9D:33:95:01:6C:87:EA:E7:FE:5D:17:ED:F4:6F:72:EA
ValidityWed, 24 Jan 2024 15:37:03 GMT - Thu, 23 Jan 2025 15:37:03 GMT

File type
PNG image data, 75 x 99, 8-bit/color RGBA, non-interlaced
Size
5.8 kB (5754 bytes)
Hash
9a632d4b687f6f9af1f79003b9c0dbbe
54109595b25d01cdce8ce30fde5fad738c8c801a
51ffbba8c599af5046c366b8a121c3aee6db12e38f27c238c6b3a13147737635

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /icons/openlogo-75.png HTTP/1.1
Host: 95.165.104.92
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://95.165.104.92/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 06:07:52 GMT
Server: Apache/2.4.57 (Debian)
Last-Modified: Thu, 13 Apr 2023 03:26:51 GMT
ETag: "167a-5f92f4b9e54c0"
Accept-Ranges: bytes
Content-Length: 5754
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

95.165.104.92/favicon.ico

95.165.104.92

404 Not Found

276 B

URL GET HTTP/1.1
95.165.104.92/favicon.ico
IP
95.165.104.92:443
ASN
#25513 PJSC Moscow city telephone network

Requested by
https://95.165.104.92/
Certificate
IssuerInternet Widgits Pty Ltd
Subject
Fingerprint1F:9B:9A:6A:9D:33:95:01:6C:87:EA:E7:FE:5D:17:ED:F4:6F:72:EA
ValidityWed, 24 Jan 2024 15:37:03 GMT - Thu, 23 Jan 2025 15:37:03 GMT

File type
HTML document, ASCII text
Size
276 B (276 bytes)
Hash
86150963d4038a23d997ab9b6949cf9d
79040a943734590615c1f731411a88ecd12dd0ff
6e354395f0be880bc715716a526400786cde38bc474e94579c476c20926ad812

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 95.165.104.92
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://95.165.104.92/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 08 May 2024 06:07:52 GMT
Server: Apache/2.4.57 (Debian)
Content-Length: 276
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers