Report - 50.16.231.248/

Report Overview

Submitted URL
50.16.231.248/
IP
50.16.231.248
ASN
#14618 AMAZON-AES
Submitted
2024-04-24 08:25:13
Access
public
Website Title
Canvas Office Integration
Final URL
50.16.231.248/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
50.16.231.248	unknown	unknown	2012-08-06	2023-04-16	2.8 kB	357 kB	50.16.231.248
browser.sentry-cdn.com	4393	2018-05-30	2018-07-13	2024-04-23	415 B	18 kB	151.101.194.217

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	50.16.231.248	Sinkholed
2024-04-24	medium	50.16.231.248	Sinkholed
2024-04-24	medium	50.16.231.248	Sinkholed
2024-04-24	medium	50.16.231.248	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	browser.sentry-cdn.com/5.17.0/bundle.min.js	58 kB	2023-05-09	2024-04-24
Pretty URL browser.sentry-cdn.com/5.17.0/bundle.min.js IP 151.101.194.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 08:52:29 Last Seen2024-04-24 10:25:19 Times Seen6 Hash e8aa80fc55c88493ab744a33e585e497 eca7e1f2f21c9c8bf10e3cd47ddc275d0e8948a4 48dd1aa55061c1d8812b785ead4a1152bcf17785373bbad7db06bf5fb47213cd Loading...

	50.16.231.248/	0 B	2023-03-07	2024-05-06
Pretty URL 50.16.231.248/ IP 50.16.231.248 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 00:47:53 Times Seen37371606 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	50.16.231.248/assets/clipboard-8f038427815ec3d5e4609b7d6568efef29108f886996d3f3bf55b66e5db28a47.js	24 kB	2024-04-24	2024-04-24
Pretty URL 50.16.231.248/assets/clipboard-8f038427815ec3d5e4609b7d6568efef29108f886996d3f3bf55b66e5db28a47.js IP 50.16.231.248 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:25:19 Last Seen2024-04-24 10:25:19 Times Seen1 Hash b4a7f08f150be89fc86c99aec1584182 e09ee2bce4626f3d6d6cc6e138326553f9bdfd91 64359686690201f286bcc05f3d09caaacb82c32a8cfaa5d5cbb50db3451763df Loading...

HTTP Transactions (5)

URL IP Response Size

50.16.231.248/

50.16.231.248

200 OK

178 B

URL User Request GET HTTP/2
50.16.231.248/
IP
50.16.231.248:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectoffice365-iad-prod.instructure.com
FingerprintCA:10:EA:B0:44:24:2A:81:0B:EE:29:37:6D:24:E5:F3:23:4E:50:06
ValidityMon, 28 Aug 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 50.16.231.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 24 Apr 2024 08:24:48 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: https://50.16.231.248/

browser.sentry-cdn.com/5.17.0/bundle.min.js

151.101.194.217

200 OK

18 kB

URL GET HTTP/2
browser.sentry-cdn.com/5.17.0/bundle.min.js
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
https://50.16.231.248/
Certificate
IssuerGlobalSign nv-sa
Subject*.sentry-cdn.com
FingerprintF4:BF:96:D1:20:5D:BA:52:63:EB:1F:F7:56:39:FA:81:01:A3:64:DE
ValidityTue, 01 Aug 2023 14:42:24 GMT - Sun, 01 Sep 2024 14:42:23 GMT

File type
JavaScript source, ASCII text, with very long lines (57571)
Size
18 kB (17583 bytes)
Hash
e8aa80fc55c88493ab744a33e585e497
eca7e1f2f21c9c8bf10e3cd47ddc275d0e8948a4
48dd1aa55061c1d8812b785ead4a1152bcf17785373bbad7db06bf5fb47213cd

HTTP Headers

GET /5.17.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://50.16.231.248/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 02 Oct 2024 05:28:33 GMT
last-modified: Mon, 08 Jun 2020 13:47:37 GMT
etag: "43f26e6a610dc85d11e844f6fd813a89"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 24 Apr 2024 08:24:50 GMT
age: 7259557
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 17583
X-Firefox-Spdy: h2

50.16.231.248/assets/clipboard-8f038427815ec3d5e4609b7d6568efef29108f886996d3f3bf55b66e5db28a47.js

50.16.231.248

200 OK

24 kB

URL GET HTTP/2
50.16.231.248/assets/clipboard-8f038427815ec3d5e4609b7d6568efef29108f886996d3f3bf55b66e5db28a47.js
IP
50.16.231.248:443
ASN
#14618 AMAZON-AES

Requested by
https://50.16.231.248/
Certificate
IssuerAmazon
Subjectoffice365-iad-prod.instructure.com
FingerprintCA:10:EA:B0:44:24:2A:81:0B:EE:29:37:6D:24:E5:F3:23:4E:50:06
ValidityMon, 28 Aug 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (849)
Size
24 kB (23667 bytes)
Hash
4b554f883010311366a7c656b96edd9f
f927e52e731532c119a4d2144e62a7c576ef4d16
ee7b57e192529c57a7eab148885c34e9f3977b7a51c624986efcd6d9614e0350

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/clipboard-8f038427815ec3d5e4609b7d6568efef29108f886996d3f3bf55b66e5db28a47.js HTTP/1.1
Host: 50.16.231.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://50.16.231.248/
DNT: 1
Connection: keep-alive
Cookie: _CanvasOfficeAddInServer_session=cUdKTUNQYjlIU294ZmtNS0pTQnJ3bUZod1FWRWNWYUZXNlN0YnRRYWFvT2FxRmlYU0hUZ3JKVVgvZFRFeWF0WmZIMlozdjhUMlpBbHp1ak1VdzdxUVJvNHJMYTMrcjZWS0VkMVh4WGgrMUVFRWJFaGpLMlhUNmsvalY5TjNQREVaYm9ySVpIZDNsbTRLODZBeUhUY2lnPT0tLU9yZkFwcUoxZDRkN0pDYTZIWEFzV1E9PQ%3D%3D--9d36f275fc7a6b41346c2513d3f0468b50615078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:24:50 GMT
content-type: application/javascript
content-length: 23667
server: nginx
last-modified: Fri, 11 Aug 2023 18:46:51 GMT
etag: "64d6821b-5c73"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

50.16.231.248/assets/lti_credentials-9141f1bef4b3697d07dce28228d123f47a692d14e7aa37bc7f89ad2d2e2c6966.css

50.16.231.248

200 OK

332 kB

URL GET HTTP/2
50.16.231.248/assets/lti_credentials-9141f1bef4b3697d07dce28228d123f47a692d14e7aa37bc7f89ad2d2e2c6966.css
IP
50.16.231.248:443
ASN
#14618 AMAZON-AES

Requested by
https://50.16.231.248/
Certificate
IssuerAmazon
Subjectoffice365-iad-prod.instructure.com
FingerprintCA:10:EA:B0:44:24:2A:81:0B:EE:29:37:6D:24:E5:F3:23:4E:50:06
ValidityMon, 28 Aug 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (436)
Size
332 kB (331739 bytes)
Hash
3a3a68b9fe6ec4b6ee7c45f3c9bc0a0d
faed0a1f3de6281d8b188f9b88f4520d2d170383
acd033cbccfb75e5566c4badd6bc3996aeb8dfa77fee5de90626fe2b3f36730a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/lti_credentials-9141f1bef4b3697d07dce28228d123f47a692d14e7aa37bc7f89ad2d2e2c6966.css HTTP/1.1
Host: 50.16.231.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://50.16.231.248/
DNT: 1
Connection: keep-alive
Cookie: _CanvasOfficeAddInServer_session=cUdKTUNQYjlIU294ZmtNS0pTQnJ3bUZod1FWRWNWYUZXNlN0YnRRYWFvT2FxRmlYU0hUZ3JKVVgvZFRFeWF0WmZIMlozdjhUMlpBbHp1ak1VdzdxUVJvNHJMYTMrcjZWS0VkMVh4WGgrMUVFRWJFaGpLMlhUNmsvalY5TjNQREVaYm9ySVpIZDNsbTRLODZBeUhUY2lnPT0tLU9yZkFwcUoxZDRkN0pDYTZIWEFzV1E9PQ%3D%3D--9d36f275fc7a6b41346c2513d3f0468b50615078
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:24:50 GMT
content-type: text/css
content-length: 331739
server: nginx
last-modified: Fri, 11 Aug 2023 18:46:51 GMT
etag: "64d6821b-50fdb"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

50.16.231.248/favicon.ico

50.16.231.248

200 OK

0 B

URL GET HTTP/2
50.16.231.248/favicon.ico
IP
50.16.231.248:443
ASN
#14618 AMAZON-AES

Requested by
https://50.16.231.248/
Certificate
IssuerAmazon
Subjectoffice365-iad-prod.instructure.com
FingerprintCA:10:EA:B0:44:24:2A:81:0B:EE:29:37:6D:24:E5:F3:23:4E:50:06
ValidityMon, 28 Aug 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 50.16.231.248
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://50.16.231.248/
DNT: 1
Connection: keep-alive
Cookie: _CanvasOfficeAddInServer_session=cUdKTUNQYjlIU294ZmtNS0pTQnJ3bUZod1FWRWNWYUZXNlN0YnRRYWFvT2FxRmlYU0hUZ3JKVVgvZFRFeWF0WmZIMlozdjhUMlpBbHp1ak1VdzdxUVJvNHJMYTMrcjZWS0VkMVh4WGgrMUVFRWJFaGpLMlhUNmsvalY5TjNQREVaYm9ySVpIZDNsbTRLODZBeUhUY2lnPT0tLU9yZkFwcUoxZDRkN0pDYTZIWEFzV1E9PQ%3D%3D--9d36f275fc7a6b41346c2513d3f0468b50615078
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:24:51 GMT
content-type: image/x-icon
content-length: 0
server: nginx
last-modified: Wed, 05 Jul 2023 14:58:44 GMT
etag: "64a58524-0"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by