Report - 104.137.136.83/

Report Overview

Submitted URL
104.137.136.83/
IP
104.137.136.83
ASN
#33363 BHN-33363
Submitted
2024-05-03 21:37:55
Access
public
Website Title
104.137.136.83/html/webplugin.html
Final URL
104.137.136.83/html/webplugin.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
104.137.136.83	unknown	unknown	No data	No data	9.5 kB	798 kB	104.137.136.83

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed
2024-05-03	medium	104.137.136.83	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	104.137.136.83/html/webplugin.html	0 B	2023-03-07	2024-05-18
Pretty URL 104.137.136.83/html/webplugin.html IP 104.137.136.83 ASN #33363 BHN-33363 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 02:07:13 Times Seen37765330 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	104.137.136.83/js/jquery-1.11.1.min.js	96 kB	2023-03-07	2024-05-18
Pretty URL 104.137.136.83/js/jquery-1.11.1.min.js IP 104.137.136.83 ASN #33363 BHN-33363 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-18 01:32:35 Times Seen47987 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

HTTP Transactions (26)

URL IP Response Size

104.137.136.83/

104.137.136.83

425 B

URL
104.137.136.83/
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
425 B (425 bytes)
Hash
ebfbeaa2c9dc596d6d6e2699ba62637b
9747d0234eee3142f46006e35163225925bbdad5
33e936e694139aee27e83a72d2606d72c3133382920fd2a991847dc397810dd2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:06 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 425
Last-Modified: Mon, 14 Nov 2016 04:07:04 GMT
Content-Type: text/html

104.137.136.83/index.html?_1714772250684

104.137.136.83

21 kB

URL
104.137.136.83/index.html?_1714772250684
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
21 kB (20985 bytes)
Hash
dd7c3d7340046b2ff7ac06426f24ec51
c9a28b16463141f6f77cff2aa8b4c2af3c78c83d
be6d74ecc1751f856dd24c6eec77d5059b50387d7fbab8ae761d233bdee4b333

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.html?_1714772250684 HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.137.136.83/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 20985
Last-Modified: Mon, 14 Nov 2016 09:14:08 GMT
Content-Type: text/html

104.137.136.83/js/common.js

104.137.136.83

36 kB

URL
104.137.136.83/js/common.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (308), with CRLF line terminators
Size
36 kB (36402 bytes)
Hash
66fdcca8b521312428e7a5db5b92c8ae
79e4d8e2f28d258bdca6eb7c829eef11685ab22b
23eba91fa4b1f04e06d61994dfcc14e83089e50c864b6825e50eeaeec6dfc2c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/common.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 36402
Last-Modified: Wed, 23 Mar 2016 03:09:08 GMT
Content-Type: application/javascript

104.137.136.83/js/jquery.qrcode.min.js

104.137.136.83

14 kB

URL
104.137.136.83/js/jquery.qrcode.min.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
JavaScript source, ASCII text, with very long lines (544)
Size
14 kB (13995 bytes)
Hash
05f0b1d7d4b9b0b4975870606d650e3c
f424bd339870510d1160d1c5da5d698aedbb452e
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.qrcode.min.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 13995
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/js/json.js

104.137.136.83

5.0 kB

URL
104.137.136.83/js/json.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
ASCII text
Size
5.0 kB (4955 bytes)
Hash
34f7231a0a213167e801318716261d1e
f9383563b79b1df26542b6ede395bb8d1213f904
5b7242ed8e6fe3e6afec7c014b7c66fc1bd68a7b2e0d2706ffaab7876ab8f94a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/json.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 4955
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/js/qrcode.js

104.137.136.83

28 kB

URL
104.137.136.83/js/qrcode.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
ASCII text, with CRLF line terminators
Size
28 kB (28476 bytes)
Hash
2cfb76dea8f3f4710f8ea1748b194ceb
e52905594f898d470f5febeab1e847106da121aa
8aa7a76905121bb11504ede33557f03f375cfcd5d9777eb68579426086840d0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/qrcode.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 28476
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/js/jcookie.js

104.137.136.83

1.7 kB

URL
104.137.136.83/js/jcookie.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.7 kB (1677 bytes)
Hash
f2310f3108ac77f804b8d85a50d20915
bac1b13a6d66c8714865f8c86b0649186fd11ea7
d41818c43a35ca5cd31f95fae6d34daee46ca8e58a5b00c08950218d3d82efeb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jcookie.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 1677
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/js/jquery-1.11.1.min.js

104.137.136.83

200 OK

96 kB

URL GET HTTP/1.1
104.137.136.83/js/jquery-1.11.1.min.js
IP
104.137.136.83:80
ASN
#33363 BHN-33363

Requested by
http://104.137.136.83/html/webplugin.html

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 95786
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/js/CProgress.js

104.137.136.83

2.4 kB

URL
104.137.136.83/js/CProgress.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.4 kB (2400 bytes)
Hash
bc9e0142e6cb186e59bf3fdf275d1aff
237347d2b2a22767dcf513ead052af80c569afa6
208246414a3fc2e2a52885ea002913749ba455038ee019be51f83865045a78da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/CProgress.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 2400
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/ligerUI/js/ligerui.min.js

104.137.136.83

136 kB

URL
104.137.136.83/ligerUI/js/ligerui.min.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
JavaScript source, ISO-8859 text, with very long lines (4671), with CRLF line terminators
Size
136 kB (135881 bytes)
Hash
6ff162554a4af4bdfc987ef94e118c5d
3e42873f2466a3359f1daf3adbcb50b2a84bf527
8e10fc96a223aed4ba0e6e51c50bb8a780208423f2fd7a2a3754662e0afeeb1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/js/ligerui.min.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:07 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=1000
Content-Length: 135881
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: application/javascript

104.137.136.83/js/class.js

104.137.136.83

63 kB

URL
104.137.136.83/js/class.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
63 kB (63090 bytes)
Hash
377b14f762f93c71cadf9bc4674250f5
99493e6e123b5adb21bcccad4bde0ab29059857a
df1d6133fdcfb1f50d671aac159602dac961c160c7e67ae9b109aa9be12fe94f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/class.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 63090
Last-Modified: Fri, 25 Mar 2016 06:15:42 GMT
Content-Type: application/javascript

104.137.136.83/ligerUI/skins/Aqua/css/ligerui-all.css

104.137.136.83

106 B

URL
104.137.136.83/ligerUI/skins/Aqua/css/ligerui-all.css
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 (with BOM) text
Size
106 B (106 bytes)
Hash
08915761b35e17f7112b8ffc32a826a0
c4acbe5778eabc1a0c93fc44463661dd3d99e9a8
0b0b364228a46d51cd953a08b51bd8040f4cfdafc06297c12fe61d6f6dd43518

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-all.css HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 106
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

104.137.136.83/css/main.css

104.137.136.83

16 kB

URL
104.137.136.83/css/main.css
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
16 kB (16313 bytes)
Hash
c76075ec93a111b11ceed0285c115aab
19a37ad7463c962cf3852f61cca204d903bdd6bb
bdf4d382d11fc3105fe4e77d2f5222d9f32b4e64d95b563c3a89c151e078539f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.css HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 16313
Last-Modified: Tue, 20 Oct 2015 08:51:48 GMT
Content-Type: text/css

104.137.136.83/js/main.js

104.137.136.83

83 kB

URL
104.137.136.83/js/main.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
83 kB (83190 bytes)
Hash
60d6b83c7f9e7171e9aed40999634813
14568264f6e0289a077fb01a7c2f659ea560eda5
f67b1714c36282b90bb1177f06d047bba300cca6cde8495adc6e7cc6727aeac8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 83190
Last-Modified: Tue, 14 Jun 2016 00:40:00 GMT
Content-Type: application/javascript

104.137.136.83/js/language.js

104.137.136.83

132 kB

URL
104.137.136.83/js/language.js
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
132 kB (131538 bytes)
Hash
9a143ce9d1b662596599224acbe28ea4
2f21bc5c5c0b8b9464569e10972a7ba27f813e43
9a5dd07a317e24557713b7d354014050e8b6513c7cd71e7c3c2b07003273defb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/language.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:08 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 131538
Last-Modified: Fri, 15 Jul 2016 08:16:32 GMT
Content-Type: application/javascript

104.137.136.83/ligerUI/skins/Aqua/css/ligerui-common.css

104.137.136.83

5.4 kB

URL
104.137.136.83/ligerUI/skins/Aqua/css/ligerui-common.css
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (581), with CRLF line terminators
Size
5.4 kB (5379 bytes)
Hash
171c0be8907e5d3e2332fa2c8f8546b4
ef74619e5ca1d0e2233a501df354342fdf44ab1d
7dbcdcf21fac47de56f206c8f4af2ed67b47a8d34aa94796711f3f3ebf4dafb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-common.css HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=999
Content-Length: 5379
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

104.137.136.83/ligerUI/skins/Aqua/css/ligerui-grid.css

104.137.136.83

16 kB

URL
104.137.136.83/ligerUI/skins/Aqua/css/ligerui-grid.css
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
16 kB (15546 bytes)
Hash
61c53696a660c837f2ff338e133cb438
be733f7d61cd4140a2701bc7ecc0ec8b342ef9fa
2f206b4e1bcb6ce75ba3fb539dc7cd113b0f90da37182f3395cfe61b17d36f3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-grid.css HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 15546
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

104.137.136.83/ligerUI/skins/Aqua/css/ligerui-dialog.css

104.137.136.83

12 kB

URL
104.137.136.83/ligerUI/skins/Aqua/css/ligerui-dialog.css
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (305), with CRLF line terminators
Size
12 kB (12263 bytes)
Hash
684721a56d2ed66875c1bf509c9879c6
9b90f903ae0e44ff5a0d4217486be2928eed889b
38eaae1c9346bd246a9a4821b12b7d4261c7cc4db644839df5ecf793015404a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ligerUI/skins/Aqua/css/ligerui-dialog.css HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/ligerUI/skins/Aqua/css/ligerui-all.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 12263
Last-Modified: Wed, 14 Oct 2015 05:56:45 GMT
Content-Type: text/css

104.137.136.83/images/head_bg.png

104.137.136.83

523 B

URL
104.137.136.83/images/head_bg.png
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
PNG image data, 19 x 40, 8-bit colormap, non-interlaced
Size
523 B (523 bytes)
Hash
4df95c97e94adc7b895cf103d46c18fd
1ceb0526082c423904da5817cc638db52dcd4248
d3a93ccad452bb6efe124d89b98e48c1b9909b2b05603ccdb187a8a0d7decbf3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/head_bg.png HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/index.html?_1714772250684
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 523
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

104.137.136.83/images/zoom.png

104.137.136.83

2.2 kB

URL
104.137.136.83/images/zoom.png
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
PNG image data, 64 x 32, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2174 bytes)
Hash
66a23b9d809cb5c0ae2780bdf0c9c585
940e4ada6fdc801d95a22c6eb442b79cae9d6416
a2406b56a20de1f9978f7153e0646c68f417103427fd2dd2b02b814d5e52c6f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/zoom.png HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=995
Content-Length: 2174
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

104.137.136.83/images/sound.png

104.137.136.83

1.3 kB

URL
104.137.136.83/images/sound.png
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
PNG image data, 64 x 32, 8-bit colormap, non-interlaced
Size
1.3 kB (1317 bytes)
Hash
7f7cdabf02238d95f9e32e06e1a64ed3
8eacb3f4e82d66e394e44eb2b31f2803f4a0590f
9f1dbf1cad9bac168ad6c38005490233e10df30ad155198811ddcdbd15f4b60f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/sound.png HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 1317
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

104.137.136.83/images/style.png

104.137.136.83

14 kB

URL
104.137.136.83/images/style.png
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
PNG image data, 100 x 375, 8-bit/color RGB, interlaced
Size
14 kB (13572 bytes)
Hash
0e23981b78b905f6856a51f879ce4fc5
9c8ad37a5acfa3ffa147d8da33019304be0bb397
f8fcd4edcd4c72d582c9876db6a30db2163ed7aea56e916d5b438edbc50c6b10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/style.png HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 13572
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

104.137.136.83/images/live_icons.png

104.137.136.83

7.4 kB

URL
104.137.136.83/images/live_icons.png
IP
104.137.136.83:0
ASN
#33363 BHN-33363

File type
PNG image data, 128 x 256, 8-bit colormap, non-interlaced
Size
7.4 kB (7443 bytes)
Hash
f6a1307a72c59fbb17a48a25e0b68be5
2403751f34eb07d5f0f425430824b4392606609e
a251b381f285c475d9ece2b6982fd480304d8a10412577d0b0c13e3b04bc513e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/live_icons.png HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:09 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=998
Content-Length: 7443
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: image/png

104.137.136.83/html/webplugin.html

104.137.136.83

200 OK

2.4 kB

URL User Request GET HTTP/1.1
104.137.136.83/html/webplugin.html
IP
104.137.136.83:80
ASN
#33363 BHN-33363

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
2.4 kB (2417 bytes)
Hash
71cba94de7050a3623e425abc3b976d6
c5111b4a571b4ed5ae6b0600c0d05137c5499ec4
1245f2b701d80fad35d82fd18ad7ea53f9195888935b46d98c8cebe5c5a44bfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /html/webplugin.html HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.137.136.83/index.html?_1714772250684
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:10 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=997
Content-Length: 2417
Last-Modified: Fri, 27 Nov 2015 06:41:06 GMT
Content-Type: text/html

104.137.136.83/js/jquery-1.11.1.min.js

104.137.136.83

200 OK

96 kB

URL GET HTTP/1.1
104.137.136.83/js/jquery-1.11.1.min.js
IP
104.137.136.83:80
ASN
#33363 BHN-33363

Requested by
http://104.137.136.83/html/webplugin.html

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/html/webplugin.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 May 2024 14:34:10 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: Keep-Alive
Keep-Alive: timeout=10, max=996
Content-Length: 95786
Last-Modified: Wed, 14 Oct 2015 05:56:48 GMT
Content-Type: application/javascript

104.137.136.83/favicon.ico

104.137.136.83

404 Not Found

153 B

URL GET HTTP/1.1
104.137.136.83/favicon.ico
IP
104.137.136.83:80
ASN
#33363 BHN-33363

Requested by
http://104.137.136.83/html/webplugin.html

File type
HTML document, ASCII text, with no line terminators
Size
153 B (153 bytes)
Hash
643db8e09e99c1612c0a85625fee8d97
b9b0d33d341d102c49ae44f44be1ad29d3d31004
c8c9e6f863f3c59be98de0d85076403251943a7297e2fabb76383ac39c5512f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 104.137.136.83
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.137.136.83/html/webplugin.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 03 May 2024 14:34:11 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=ISO-8859-1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (26)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections