Report - 213.0.77.188/

Report Overview

Submitted URL
213.0.77.188/
IP
213.0.77.188
ASN
#207904 Veu I Bits, Serveis Empresarials S.l.
Submitted
2024-05-08 20:52:25
Access
public
Website Title
INVENT APP
Final URL
213.0.77.188/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
213.0.77.188	unknown	unknown	2017-03-06	2022-11-26	1.4 kB	11 kB	213.0.77.188
www.itchy.cat	unknown	unknown	No data	No data	1.3 kB	1.3 kB	46.18.43.149

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	213.0.77.188	Sinkholed
2024-05-08	medium	213.0.77.188	Sinkholed
2024-05-08	medium	213.0.77.188	Sinkholed
2024-05-08	medium	213.0.77.188	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	www.itchy.cat/lluis/M01_es/js/js.js?develop1	0 B	2023-03-07	2024-05-20
Pretty URL www.itchy.cat/lluis/M01_es/js/js.js?develop1 IP 46.18.43.149 ASN #201748 Infotelecom Networks Sl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 04:15:58 Times Seen37855345 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (7)

URL IP Response Size

213.0.77.188/

213.0.77.188

200 OK

987 B

URL User Request GET HTTP/1.1
213.0.77.188/
IP
213.0.77.188:80
ASN
#207904 Veu I Bits, Serveis Empresarials S.l.

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
987 B (987 bytes)
Hash
453b47ecbc48c98ebd48bac20c34a243
beabe5e4b0ce075091c7281b5bd51d54517ff397
62d9c7ed02d0cdfd9eaf9f65b4abb73f4085de7358d1281827a3d97d9531b14e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 213.0.77.188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:51:55 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 987
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

www.itchy.cat/lluis/M01_es/css/index.css?develop1

46.18.43.149

200 OK

458 B

URL GET HTTP/1.1
www.itchy.cat/lluis/M01_es/css/index.css?develop1
IP
46.18.43.149:443
ASN
#201748 Infotelecom Networks Sl

Requested by
http://213.0.77.188/
Certificate
IssuerLet's Encrypt
Subjectwww.itchy.cat
FingerprintF8:E1:E1:13:AA:CA:45:A6:9A:41:B0:76:96:03:DD:35:02:FF:78:7C
ValiditySun, 21 Apr 2024 07:38:52 GMT - Sat, 20 Jul 2024 07:38:51 GMT

File type
ASCII text, with CRLF line terminators
Size
458 B (458 bytes)
Hash
f6a398c04ef823869dba9fd86b102eb6
8b9687644b0e1a75ff4f156c753f3525424535e0
c8ce9ade8799fd4492ed88b19785219b7e5f4d2d386c4f4ade8020369a3acc5e

HTTP Headers

GET /lluis/M01_es/css/index.css?develop1 HTTP/1.1
Host: www.itchy.cat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.0.77.188/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:52:01 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 07:23:35 GMT
ETag: "423-59cb5671354e4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 458
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.itchy.cat/lluis/M01_es/js/index.js?develop1

46.18.43.149

200 OK

0 B

URL GET HTTP/1.1
www.itchy.cat/lluis/M01_es/js/index.js?develop1
IP
46.18.43.149:443
ASN
#201748 Infotelecom Networks Sl

Requested by
http://213.0.77.188/
Certificate
IssuerLet's Encrypt
Subjectwww.itchy.cat
FingerprintF8:E1:E1:13:AA:CA:45:A6:9A:41:B0:76:96:03:DD:35:02:FF:78:7C
ValiditySun, 21 Apr 2024 07:38:52 GMT - Sat, 20 Jul 2024 07:38:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lluis/M01_es/js/index.js?develop1 HTTP/1.1
Host: www.itchy.cat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.0.77.188/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:52:01 GMT
Server: Apache
Last-Modified: Wed, 18 Dec 2019 08:55:27 GMT
ETag: "0-599f69b1f1424"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.itchy.cat/lluis/M01_es/js/js.js?develop1

46.18.43.149

200 OK

0 B

URL GET HTTP/1.1
www.itchy.cat/lluis/M01_es/js/js.js?develop1
IP
46.18.43.149:443
ASN
#201748 Infotelecom Networks Sl

Requested by
http://213.0.77.188/
Certificate
IssuerLet's Encrypt
Subjectwww.itchy.cat
FingerprintF8:E1:E1:13:AA:CA:45:A6:9A:41:B0:76:96:03:DD:35:02:FF:78:7C
ValiditySun, 21 Apr 2024 07:38:52 GMT - Sat, 20 Jul 2024 07:38:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lluis/M01_es/js/js.js?develop1 HTTP/1.1
Host: www.itchy.cat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.0.77.188/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:52:01 GMT
Server: Apache
Last-Modified: Wed, 18 Dec 2019 08:55:27 GMT
ETag: "0-599f69b1f1424"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

213.0.77.188/img/poweredbyB.png

213.0.77.188

200 OK

2.5 kB

URL GET HTTP/1.1
213.0.77.188/img/poweredbyB.png
IP
213.0.77.188:80
ASN
#207904 Veu I Bits, Serveis Empresarials S.l.

Requested by
http://213.0.77.188/

File type
PNG image data, 104 x 27, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2508 bytes)
Hash
f85aa7649eca654e83a06dfd5d4e5dc0
d9fb39ec31ed621945519974235386e8fccd55d7
0007a95c36bc502ea8994c163e5a790b883bb43530033c6015b9a85d92ddc6ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/poweredbyB.png HTTP/1.1
Host: 213.0.77.188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.0.77.188/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:51:56 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 20 Jan 2020 11:07:22 GMT
ETag: "9cc-59c904bb1d221"
Accept-Ranges: bytes
Content-Length: 2508
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

213.0.77.188/img/invent_r.png

213.0.77.188

200 OK

6.5 kB

URL GET HTTP/1.1
213.0.77.188/img/invent_r.png
IP
213.0.77.188:80
ASN
#207904 Veu I Bits, Serveis Empresarials S.l.

Requested by
http://213.0.77.188/

File type
PNG image data, 236 x 227, 8-bit/color RGBA, non-interlaced
Size
6.5 kB (6477 bytes)
Hash
6a7621187a1cad080fbe3c292aa4b216
9ab99300df49741f45ce4c6c0c6339eecd07f542
87638eb0a0d9d77cf85f3e1b23b3f107a181f945bfbf29a75f55aed11e161c48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/invent_r.png HTTP/1.1
Host: 213.0.77.188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.0.77.188/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:51:56 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 20 Jan 2020 11:07:22 GMT
ETag: "194d-59c904bb1d221"
Accept-Ranges: bytes
Content-Length: 6477
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

213.0.77.188/favicon.ico

213.0.77.188

404 Not Found

286 B

URL GET HTTP/1.1
213.0.77.188/favicon.ico
IP
213.0.77.188:80
ASN
#207904 Veu I Bits, Serveis Empresarials S.l.

Requested by
http://213.0.77.188/

File type
HTML document, ASCII text
Size
286 B (286 bytes)
Hash
529620cd5e8b376d94c10c63adab2aa4
aef454b434a52a07323d266797636f5d7c36900a
e0903ffe734a7e55e3722de51d4dbbe21c1a47b1e71613b0104c3635ac0ff346

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 213.0.77.188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.0.77.188/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 08 May 2024 20:51:56 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 286
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP