Report - 104.129.31.245

Report Overview

Visited public
2024-06-11 12:00:50
Tags
Submit Tags
URL
104.129.31.245
Finishing URL
104.129.31.245/
IP / ASN
104.129.31.245
#8100 ASN-QUADRANET-GLOBAL
Title
repos.lax-noc.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
104.129.31.245	unknown	unknown	2017-02-02 12:03:11	2022-11-19 09:14:00	1.1 kB	20 kB	104.129.31.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-11	medium	104.129.31.245	Sinkholed
2024-06-11	medium	104.129.31.245	Sinkholed
2024-06-11	medium	104.129.31.245	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

GET 104.129.31.245/

104.129.31.245

200 OK

2.4 kB

URL User Request GET HTTP/1.1
104.129.31.245/
IP
104.129.31.245:80
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
XML 1.0 document, ASCII text
Size
2.4 kB (2350 bytes)
Hash
413649aa07e7725022a6e0e6f4a7a804
c614b61b1da99ed4bb2818fa70bfa8d9e2513886
aabb839c84ebd71ed7cedb47b2cdc8d4951c45effa055046405ee20880b427d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 104.129.31.245
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 11 Jun 2024 12:00:25 GMT
Content-Type: text/html
Content-Length: 2350
Last-Modified: Tue, 30 Jun 2020 09:25:22 GMT
Connection: keep-alive
ETag: "5efb0502-92e"
Accept-Ranges: bytes

GET 104.129.31.245/images/quadra.jpg

104.129.31.245

200 OK

16 kB

URL GET HTTP/1.1
104.129.31.245/images/quadra.jpg
IP
104.129.31.245:80
ASN
#8100 ASN-QUADRANET-GLOBAL

Requested by
http://104.129.31.245/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, software=Adobe ImageReady], baseline, precision 8, 549x81, components 3
Size
16 kB (16170 bytes)
Hash
418ff648e338760edcf85b70550c57b4
2cf5a05c87f1c2ab7c7178cb0da17c49ba35b19e
68909926658827f748ef6bcca0b7803c5060deaaa31c902e38b6503ad169eb44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/quadra.jpg HTTP/1.1
Host: 104.129.31.245
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.129.31.245/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 11 Jun 2024 12:00:26 GMT
Content-Type: image/jpeg
Content-Length: 16170
Last-Modified: Tue, 13 Mar 2018 21:32:05 GMT
Connection: keep-alive
ETag: "5aa84355-3f2a"
Accept-Ranges: bytes

GET 104.129.31.245/favicon.ico

104.129.31.245

200 OK

1.2 kB

URL GET HTTP/1.1
104.129.31.245/favicon.ico
IP
104.129.31.245:80
ASN
#8100 ASN-QUADRANET-GLOBAL

Requested by
http://104.129.31.245/

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
2f037fbcb28b2d4f63b46c240281d094
1e129b936d70f2c199892a9f0582d35431047900
4d15f3c881df984d975420e47e8e6fe90c84cd7a7e446ff2a7062ae6ad19a509

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 104.129.31.245
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.129.31.245/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 11 Jun 2024 12:00:26 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Feb 2013 08:00:00 GMT
Connection: keep-alive
ETag: "510b7600-47e"
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers