Report - 136.228.239.100/

Report Overview

Submitted URL
136.228.239.100/
IP
136.228.239.100
ASN
#137922 IBOSS Inc.
Submitted
2024-05-10 14:18:25
Access
public
Website Title
Page Restricted
Final URL
136.228.239.100/
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
136.228.239.100	unknown	unknown	No data	No data	1.8 kB	108 kB	136.228.239.100
checkip.dyndns.org	4469	1998-11-22	2012-05-24	2024-03-13	423 B	271 B	193.122.130.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 14:18:02	medium	Client IP	193.122.130.0	ET POLICY External IP Lookup - checkip.dyndns.org
2024-05-10 14:18:02	medium	Client IP	193.122.130.0	ET POLICY External IP Lookup - checkip.dyndns.org

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	136.228.239.100	Sinkholed
2024-05-10	medium	136.228.239.100	Sinkholed
2024-05-10	medium	136.228.239.100	Sinkholed
2024-05-10	medium	136.228.239.100	Sinkholed
2024-05-10	medium	136.228.239.100	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	136.228.239.100/	5.9 kB	2024-02-12	2024-05-10
Pretty URL 136.228.239.100/ IP 136.228.239.100 ASN #137922 IBOSS Inc. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 11:50:04 Last Seen2024-05-10 16:18:31 Times Seen2 Hash 9e638835b2d991ac90c8a0b61c6dc73c d7cfd3194dd739530e168adf26d0f28b4ef6809f f6541971503e0f1dc5230979a21229550f9add6e81c2d45247b2635730c04a6b Loading...

	unknown	29 B	2023-05-11	2024-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-11 04:21:35 Last Seen2024-05-10 16:18:31 Times Seen34 Hash 7cd87f24dbf3efecc94667a85b835b85 ba870583ff7af08150e63dcb0ea851614d4b28c5 b68e7c630ed86b8f3c3bf3fd4608b03d84866b95d88cec014d6be24d14ee2ff9 Loading...

HTTP Transactions (6)

URL IP Response Size

136.228.239.100/

136.228.239.100

200 OK

11 kB

URL User Request GET HTTP/1.1
136.228.239.100/
IP
136.228.239.100:80
ASN
#137922 IBOSS Inc.

File type
HTML document, ASCII text, with very long lines (688)
Size
11 kB (10690 bytes)
Hash
83c6ce0c113fb64df960aacad376b5d9
fb3e087a43b61601e8879094030198bf79e5faa3
1c60cdc647df4832232d20e34e0e7acea54efb7d800f8b4f7304b218254bdc22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 136.228.239.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 14:18:02 GMT
Server: iboss cloud
X-Xss-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
X-Frame-Options: DENY
Last-Modified: Tue, 23 Apr 2024 21:25:36 GMT
Accept-Ranges: bytes
Content-Length: 10690
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

checkip.dyndns.org/

193.122.130.0

200 OK

104 B

URL GET HTTP/1.1
checkip.dyndns.org/
IP
193.122.130.0:80
ASN
#31898 ORACLE-BMC-31898

Requested by
http://136.228.239.100/

File type
HTML document, ASCII text, with CRLF line terminators
Size
104 B (104 bytes)
Hash
22ed9d4af1dab21dbf0ef3b639ccbd37
b201c7c5b7df4c0272b466e8ef1ecd45e016a01d
6efec0223e40e1febea87abe06a6d84df736129eb841044d00e1cd8c5794c053

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET POLICY External IP Lookup - checkip.dyndns.org
suricata	medium	ET POLICY External IP Lookup - checkip.dyndns.org

HTTP Headers

GET / HTTP/1.1
Host: checkip.dyndns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://136.228.239.100/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 14:18:02 GMT
Content-Type: text/html
Content-Length: 104
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache

136.228.239.100/1226/1226-block_page-mainContent.png

136.228.239.100

200 OK

6.9 kB

URL GET HTTP/1.1
136.228.239.100/1226/1226-block_page-mainContent.png
IP
136.228.239.100:80
ASN
#137922 IBOSS Inc.

Requested by
http://136.228.239.100/

File type
PNG image data, 300 x 253, 8-bit/color RGBA, non-interlaced
Size
6.9 kB (6946 bytes)
Hash
c147dd440945ce06665a51397f66b1f7
e1b3662da555e8594e983a1221a1ed4bc67611ee
2d74a75042aa9fa29e2b064bc923583cea0106353f6f38bbc117b58815f94f6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1226/1226-block_page-mainContent.png HTTP/1.1
Host: 136.228.239.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://136.228.239.100/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 14:18:03 GMT
Server: iboss cloud
X-Xss-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
X-Frame-Options: DENY
Last-Modified: Tue, 23 Apr 2024 21:25:36 GMT
Accept-Ranges: bytes
Content-Length: 6946
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

136.228.239.100/ibreports/images/securedbyiboss.jpg

136.228.239.100

200 200

15 kB

URL GET HTTP/1.1
136.228.239.100/ibreports/images/securedbyiboss.jpg
IP
136.228.239.100:80
ASN
#137922 IBOSS Inc.

Requested by
http://136.228.239.100/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=19, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=133], progressive, precision 8, 133x19, components 3
Size
15 kB (14889 bytes)
Hash
1d1a59dd3241adbda7982feab36b8d14
f167a257aa41ff779ccbc1a0ce13a3b93b59b256
8c98db1e03a074e06b3b888b170523bba4777bea93e135b12cbf9bd11fc777c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ibreports/images/securedbyiboss.jpg HTTP/1.1
Host: 136.228.239.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://136.228.239.100/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 200
Date: Fri, 10 May 2024 14:18:02 GMT
Server: iboss cloud
X-Xss-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
Accept-Ranges: bytes
ETag: W/"14889-1592373688000"
Last-Modified: Wed, 17 Jun 2020 06:01:28 GMT
Content-Length: 14889
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

136.228.239.100/favicon.ico

136.228.239.100

404 Not Found

209 B

URL GET HTTP/1.1
136.228.239.100/favicon.ico
IP
136.228.239.100:80
ASN
#137922 IBOSS Inc.

Requested by
http://136.228.239.100/

File type
HTML document, ASCII text
Size
209 B (209 bytes)
Hash
18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 136.228.239.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://136.228.239.100/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 10 May 2024 14:18:03 GMT
Server: iboss cloud
X-Xss-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
X-Frame-Options: DENY
Content-Length: 209
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

136.228.239.100/1226/1226-block_page-logo.jpg

136.228.239.100

200 OK

73 kB

URL GET HTTP/1.1
136.228.239.100/1226/1226-block_page-logo.jpg
IP
136.228.239.100:80
ASN
#137922 IBOSS Inc.

Requested by
http://136.228.239.100/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 229x217, components 3
Size
73 kB (73348 bytes)
Hash
ab7982c262b2040181f335d76f6a56e8
7ec1a4d41ae65bd088ee632f1493bd8b1416f6d3
ee51d7e775406e3dace446938440736510c128393b3c1391076b3a8422d25766

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1226/1226-block_page-logo.jpg HTTP/1.1
Host: 136.228.239.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://136.228.239.100/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 14:18:02 GMT
Server: iboss cloud
X-Xss-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
X-Frame-Options: DENY
Last-Modified: Tue, 23 Apr 2024 21:25:36 GMT
Accept-Ranges: bytes
Content-Length: 73348
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash