Report - 36.89.206.234/

Report Overview

Submitted URL
36.89.206.234/
IP
36.89.206.234
ASN
#7713 PT Telekomunikasi Indonesia
Submitted
2024-05-01 21:33:46
Access
public
Website Title
Login
Final URL
36.89.206.234/doc/page/login.asp
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
36.89.206.234	unknown	unknown	No data	No data	8.6 kB	363 kB	36.89.206.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed
2024-05-01	medium	36.89.206.234	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	36.89.206.234/doc/script/LAB.min.js	5.5 kB	2023-03-07	2024-05-13
Pretty URL 36.89.206.234/doc/script/LAB.min.js IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:34 Last Seen2024-05-13 13:09:47 Times Seen544 Hash e842152f94c9b774040a36d6912188d9 82bac8881a591d959d78c37edc73bffd3cd9ae74 bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7 Loading...

	36.89.206.234/doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:30%20GMT+0000%20(GMT)	84 B	2023-07-11	2024-05-01
Pretty URL 36.89.206.234/doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:30%20GMT+0000%20(GMT) IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 00:15:59 Last Seen2024-05-01 23:33:53 Times Seen9 Hash 99eb76125bb68e8421b5f595502b7ac2 32c6b4e00782a8d56b5e399f28d1e8cc1270c055 0bc6ed582a041c26994e3a8af3b5f1de85939cd1cad07d86ccfeea98b5823f63 Loading...

	36.89.206.234/doc/script/jquery-1.7.1.min.js	94 kB	2023-03-07	2024-05-15
Pretty URL 36.89.206.234/doc/script/jquery-1.7.1.min.js IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-05-15 20:22:45 Times Seen10764 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	36.89.206.234/doc/script/Translator.js?version=3.0.4.131106	15 kB	2023-07-11	2024-05-01
Pretty URL 36.89.206.234/doc/script/Translator.js?version=3.0.4.131106 IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 00:15:59 Last Seen2024-05-01 23:33:53 Times Seen3 Hash 66dbca312a366c29fcae9e696dea1290 d164d3ac0a6d8a6cb820362e10c7ae3c01acf116 5c5d435c6643be872ba3b2973b7fd2bcabb4cd045360402327bdec21216d864f Loading...

	36.89.206.234/doc/script/common.js?version=3.0.4.131106	38 kB	2023-07-11	2024-05-01
Pretty URL 36.89.206.234/doc/script/common.js?version=3.0.4.131106 IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 00:15:59 Last Seen2024-05-01 23:33:53 Times Seen3 Hash ba38826db0f76d5e453e6529118d2b6b d1ce31ee5d039243a69c4a9b87599c49a446ad92 c88b2cbf636a217377ae94a8a33c8339e9b43a2c602bcd2e9486a24b34bb2522 Loading...

	36.89.206.234/doc/page/login.asp	0 B	2023-03-07	2024-05-15
Pretty URL 36.89.206.234/doc/page/login.asp IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-15 20:39:20 Times Seen37675905 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	36.89.206.234/doc/page/login.asp	0 B	2023-03-07	2024-05-15
Pretty URL 36.89.206.234/doc/page/login.asp IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-15 20:39:20 Times Seen37675905 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	36.89.206.234/doc/script/jquery.cookie.js	3.8 kB	2023-03-08	2024-05-15
Pretty URL 36.89.206.234/doc/script/jquery.cookie.js IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:07:58 Last Seen2024-05-15 00:34:46 Times Seen511 Hash a479f46b2a66d5772f839cdf20c24898 dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1 087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148 Loading...

	36.89.206.234/doc/script/login.js?version=3.0.4.131106	4.8 kB	2023-03-09	2024-05-08
Pretty URL 36.89.206.234/doc/script/login.js?version=3.0.4.131106 IP 36.89.206.234 ASN #7713 PT Telekomunikasi Indonesia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:49:35 Last Seen2024-05-08 22:46:18 Times Seen21 Hash 85fcd5c8cdbe41b7ff665195b38d75ed dabeaa4a57bf8203f20b3d3d13accbaf7f17cb84 174036ee2d347d3e92f435bcecb55bc65a6dede48a626e3741d4f9140aa33959 Loading...

		Size	First Seen	Last Seen
	#1 Write - 873f80066bf79d9aa5a59ce82654e47a	112 B	2024-05-01	2024-05-01
Pretty Observations First Seen2024-05-01 23:33:53 Last Seen2024-05-01 23:33:53 Times Seen1 Hash 873f80066bf79d9aa5a59ce82654e47a d883f5ed3ca9708607b085dfd263031eaa1fba6c 873b852fc3823040d1474ce9b97ed43a92ec0e3fbcfd60f883247ba156c226b3 Loading...

	#2 Write - 16ad7addbd6ebdb8dcd9095d3b884fc3	113 B	2024-05-01	2024-05-01
Pretty Observations First Seen2024-05-01 23:33:53 Last Seen2024-05-01 23:33:53 Times Seen1 Hash 16ad7addbd6ebdb8dcd9095d3b884fc3 29eaf6dd170e63d5b49f11d7f793aa3d39b4a9d0 4590f0b188e0f4a85767b2f6e7d8be3e544c96b3393fc88b70daa8f864492050 Loading...

HTTP Transactions (21)

URL IP Response Size

36.89.206.234/

36.89.206.234

1.6 kB

URL
36.89.206.234/
IP
36.89.206.234:0
ASN
#7713 PT Telekomunikasi Indonesia

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.6 kB (1581 bytes)
Hash
08795ed345d72c1749c635944aaa5e79
2d2e1fa21b700138995ed9e27ade17802c380f5c
cc64d87069b1fde537a0c1612c8ec8afd12828f149e18b9de06abb56fa1386ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:24 GMT
Server: DNVRS-Webs
ETag: "248-3c5-62d"
Content-Length: 1581
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=60, max=99
Last-Modified: Wed, 24 Apr 2013 05:37:17 GMT

36.89.206.234/doc/script/LAB.min.js

36.89.206.234

200 OK

5.5 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/LAB.min.js
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, ASCII text, with very long lines (5389)
Size
5.5 kB (5490 bytes)
Hash
e842152f94c9b774040a36d6912188d9
82bac8881a591d959d78c37edc73bffd3cd9ae74
bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/LAB.min.js HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:25 GMT
Server: DNVRS-Webs
ETag: "248-3d6-1572"
Content-Length: 5490
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=99
Last-Modified: Wed, 24 Apr 2013 01:37:50 GMT

36.89.206.234/favicon.ico

36.89.206.234

200 OK

1.2 kB

URL GET HTTP/1.1
36.89.206.234/favicon.ico
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
89b932fcc47cf4ca3faadb0cfdef89cf
bbe285bc080460c8d71e80965e993852e62d438f
7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:25 GMT
Server: DNVRS-Webs
ETag: "248-3c6-47e"
Content-Length: 1150
Content-Type: image/x-icon
Connection: keep-alive
Keep-Alive: timeout=60, max=98
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/script/jquery.cookie.js

36.89.206.234

200 OK

3.8 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/jquery.cookie.js
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.8 kB (3752 bytes)
Hash
a479f46b2a66d5772f839cdf20c24898
dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1
087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/jquery.cookie.js HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:26 GMT
Server: DNVRS-Webs
ETag: "248-3d8-ea8"
Content-Length: 3752
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=97
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:25%20GMT+0000%20(GMT)

36.89.206.234

84 B

URL
36.89.206.234/doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:25%20GMT+0000%20(GMT)
IP
36.89.206.234:0
ASN
#7713 PT Telekomunikasi Indonesia

File type
ASCII text, with CRLF line terminators
Size
84 B (84 bytes)
Hash
99eb76125bb68e8421b5f595502b7ac2
32c6b4e00782a8d56b5e399f28d1e8cc1270c055
0bc6ed582a041c26994e3a8af3b5f1de85939cd1cad07d86ccfeea98b5823f63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:25%20GMT+0000%20(GMT) HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:26 GMT
Server: DNVRS-Webs
ETag: "248-3db-54"
Content-Length: 84
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=99
Last-Modified: Fri, 08 Nov 2013 01:25:06 GMT

36.89.206.234/doc/script/jquery-1.7.1.min.js

36.89.206.234

200 OK

94 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/jquery-1.7.1.min.js
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
94 kB (93868 bytes)
Hash
ddb84c1587287b2df08966081ef063bf
9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/jquery-1.7.1.min.js HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:25 GMT
Server: DNVRS-Webs
ETag: "248-3d9-16eac"
Content-Length: 93868
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=98
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/page/login.asp

36.89.206.234

2.5 kB

URL User Request GET
36.89.206.234/doc/page/login.asp
IP
36.89.206.234:0
ASN
#7713 PT Telekomunikasi Indonesia

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
2.5 kB (2478 bytes)
Hash
a564869eae67953fbffba706064f584d
5cdedd5bb372057998dcabee43bf85875e657c73
207565427df7246dd507b12e7aa2d33d5f1d1187676d77f3cb3028eb9c84ed2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/page/login.asp HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://36.89.206.234/
DNT: 1
Connection: keep-alive
Cookie: language=en; updateTips=true
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:28 GMT
Server: DNVRS-Webs
ETag: "248-3e4-9ae"
Content-Length: 2478
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=60, max=97
Last-Modified: Tue, 15 Oct 2013 02:53:35 GMT

36.89.206.234/doc/css/base.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT)

36.89.206.234

200 OK

933 B

URL GET HTTP/1.1
36.89.206.234/doc/css/base.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT)
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
933 B (933 bytes)
Hash
adc6cf5166ce4a164e15c6e3581fa8db
79602ee3f4cd76323cc0951c9d5203efa81cb8c0
11700256bf84534843392ce6f4467180292488fbfc596024b7529f23b4da7172

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/css/base.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT) HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:28 GMT
Server: DNVRS-Webs
ETag: "248-3ef-3a5"
Content-Length: 933
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=60, max=98
Last-Modified: Wed, 20 Feb 2013 02:13:14 GMT

36.89.206.234/doc/script/LAB.min.js

36.89.206.234

200 OK

5.5 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/LAB.min.js
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, ASCII text, with very long lines (5389)
Size
5.5 kB (5490 bytes)
Hash
e842152f94c9b774040a36d6912188d9
82bac8881a591d959d78c37edc73bffd3cd9ae74
bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/LAB.min.js HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:28 GMT
Server: DNVRS-Webs
ETag: "248-3d6-1572"
Content-Length: 5490
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=96
Last-Modified: Wed, 24 Apr 2013 01:37:50 GMT

36.89.206.234/doc/css/login.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT)

36.89.206.234

200 OK

1.1 kB

URL GET HTTP/1.1
36.89.206.234/doc/css/login.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT)
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1061 bytes)
Hash
a281d9679dadb2f8221fc706ec4bcaf8
38c04e6ddf2f5e41592e228ac67f0011c2cb7315
7bd211529495cbf1aead5b0b9389bc3033540e062a627c58b31b96a926715b72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/css/login.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT) HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:28 GMT
Server: DNVRS-Webs
ETag: "248-3ed-425"
Content-Length: 1061
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=60, max=99
Last-Modified: Wed, 20 Feb 2013 02:13:14 GMT

36.89.206.234/doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:30%20GMT+0000%20(GMT)

36.89.206.234

200 OK

84 B

URL GET HTTP/1.1
36.89.206.234/doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:30%20GMT+0000%20(GMT)
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
ASCII text, with CRLF line terminators
Size
84 B (84 bytes)
Hash
99eb76125bb68e8421b5f595502b7ac2
32c6b4e00782a8d56b5e399f28d1e8cc1270c055
0bc6ed582a041c26994e3a8af3b5f1de85939cd1cad07d86ccfeea98b5823f63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/global_config.js?version=Wed%20May%2001%202024%2021:33:30%20GMT+0000%20(GMT) HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-3db-54"
Content-Length: 84
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=97
Last-Modified: Fri, 08 Nov 2013 01:25:06 GMT

36.89.206.234/doc/images/login/input_normal.png

36.89.206.234

200 OK

4.0 kB

URL GET HTTP/1.1
36.89.206.234/doc/images/login/input_normal.png
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
PNG image data, 200 x 28, 8-bit/color RGBA, interlaced
Size
4.0 kB (4046 bytes)
Hash
18e83d6645bb1e382735a508569e8057
6d329d4cdcf26e505be0fd5ec25fedf396012d42
5babca8a7b2041dae3d2a575bfef57aa22f520b27cc11531f1494d8f54cd0c99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/images/login/input_normal.png HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/css/login.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT)
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-4bb-fce"
Content-Length: 4046
Content-Type: image/png
Connection: keep-alive
Keep-Alive: timeout=60, max=98
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/script/jquery.cookie.js

36.89.206.234

200 OK

3.8 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/jquery.cookie.js
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.8 kB (3752 bytes)
Hash
a479f46b2a66d5772f839cdf20c24898
dfc20a0ffcf24df1fdb6d2b15dabde27a3956eb1
087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/jquery.cookie.js HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-3d8-ea8"
Content-Length: 3752
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=99
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/script/login.js?version=3.0.4.131106

36.89.206.234

200 OK

4.8 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/login.js?version=3.0.4.131106
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
4.8 kB (4843 bytes)
Hash
03d26908efdfdaba7c34f352bcf08954
af48805679a9be88fe24ccb3716baeb8967e0262
5b8a7f1e34359810fbef8010775fe43f9a512244682db384dfc1d98000a8b73b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/login.js?version=3.0.4.131106 HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:31 GMT
Server: DNVRS-Webs
ETag: "248-3d4-12eb"
Content-Length: 4843
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=97
Last-Modified: Wed, 20 Feb 2013 02:13:14 GMT

36.89.206.234/doc/script/Translator.js?version=3.0.4.131106

36.89.206.234

200 OK

15 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/Translator.js?version=3.0.4.131106
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
15 kB (15112 bytes)
Hash
52896b72e6da9c6749c9dce8fba42bf1
b9486b6441ca40480ea45a58ca715e293087c9ae
b16fc02075f58197b888d5cb84397f47733aeb8a5963029233ba4e90367fd56a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/Translator.js?version=3.0.4.131106 HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-3cc-3b08"
Content-Length: 15112
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=99
Last-Modified: Thu, 12 Sep 2013 08:34:19 GMT

36.89.206.234/doc/script/common.js?version=3.0.4.131106

36.89.206.234

200 OK

38 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/common.js?version=3.0.4.131106
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1131), with CRLF line terminators
Size
38 kB (37555 bytes)
Hash
28c907fff616528fddb765f0a2be79e9
ae8b082ca15268c86923d9647bb5b50f078a5b05
33073421f479f2d2f5e38b95c511688d6a7c776310d4e73ff86b9f102a3eb5b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/common.js?version=3.0.4.131106 HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-3de-92b3"
Content-Length: 37555
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=96
Last-Modified: Thu, 12 Sep 2013 08:34:19 GMT

36.89.206.234/favicon.ico

36.89.206.234

200 OK

1.2 kB

URL GET HTTP/1.1
36.89.206.234/favicon.ico
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
89b932fcc47cf4ca3faadb0cfdef89cf
bbe285bc080460c8d71e80965e993852e62d438f
7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:32 GMT
Server: DNVRS-Webs
ETag: "248-3c6-47e"
Content-Length: 1150
Content-Type: image/x-icon
Connection: keep-alive
Keep-Alive: timeout=60, max=98
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/images/login/login_14.png

36.89.206.234

200 OK

80 kB

URL GET HTTP/1.1
36.89.206.234/doc/images/login/login_14.png
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
PNG image data, 716 x 344, 8-bit/color RGBA, non-interlaced
Size
80 kB (80144 bytes)
Hash
afb32f6ebaf4ec9a882513fc400e5d87
a139d8d20f5d419ce179b01fc822512696d81fcb
4aaf51bad5e225e09a8eb8835dcf005820ffa2c7c5f907214efbe1fd5067c3bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/images/login/login_14.png HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/css/login.css?version=Wed%20May%2001%202024%2021:33:28%20GMT+0000%20(GMT)
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-4ba-13910"
Content-Length: 80144
Content-Type: image/png
Connection: keep-alive
Keep-Alive: timeout=60, max=95
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/script/jquery-1.7.1.min.js

36.89.206.234

200 OK

94 kB

URL GET HTTP/1.1
36.89.206.234/doc/script/jquery-1.7.1.min.js
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
94 kB (93868 bytes)
Hash
ddb84c1587287b2df08966081ef063bf
9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/script/jquery-1.7.1.min.js HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:30 GMT
Server: DNVRS-Webs
ETag: "248-3d9-16eac"
Content-Length: 93868
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60, max=96
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/xml/Languages.xml?version=3.0.4.131106

36.89.206.234

200 OK

228 B

URL GET HTTP/1.1
36.89.206.234/doc/xml/Languages.xml?version=3.0.4.131106
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
228 B (228 bytes)
Hash
cb78fc5d4cdca485ccd4590c2da88fce
973cd2d933f74d31dd9008c960de4ea4f2797b22
c105229d12ed19789222c3936ed150a9bd63304ecaec6c78fa7c99fef789466d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/xml/Languages.xml?version=3.0.4.131106 HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:34 GMT
Server: DNVRS-Webs
ETag: "248-3ca-e4"
Content-Length: 228
Content-Type: text/xml
Connection: keep-alive
Keep-Alive: timeout=60, max=95
Last-Modified: Fri, 28 Sep 2012 09:53:28 GMT

36.89.206.234/doc/xml/en/Login.xml?version=3.0.4.131106

36.89.206.234

200 OK

854 B

URL GET HTTP/1.1
36.89.206.234/doc/xml/en/Login.xml?version=3.0.4.131106
IP
36.89.206.234:80
ASN
#7713 PT Telekomunikasi Indonesia

Requested by
http://36.89.206.234/doc/page/login.asp

File type
XML 1.0 document, ASCII text, with CRLF line terminators
Size
854 B (854 bytes)
Hash
1491dea09bb7fb0897823065a959bc54
8bd6134910e17a107b9a0671ce25fdaa906ddca2
5d8c60ebea2c4a3e3f5c9ae2fe395496a67c56674aa27d9ebd69ab0295b7d308

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /doc/xml/en/Login.xml?version=3.0.4.131106 HTTP/1.1
Host: 36.89.206.234
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://36.89.206.234/doc/page/login.asp
Cookie: language=en; updateTips=true
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 04:33:34 GMT
Server: DNVRS-Webs
ETag: "248-410-356"
Content-Length: 854
Content-Type: text/xml
Connection: keep-alive
Keep-Alive: timeout=60, max=94
Last-Modified: Wed, 10 Oct 2012 08:43:14 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML