Report - 194.44.64.8

Report Overview

Visited public
2024-09-21 04:38:34
Tags
Submit Tags
URL
194.44.64.8
Finishing URL
194.44.64.8/
IP / ASN
194.44.64.8
#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Title
Invalid URL

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-21 01:59:55	1.3 kB	3.6 kB	23.36.77.32
194.44.64.8	unknown	unknown	No data	No data	715 B	1.1 kB	194.44.64.8
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-21 01:59:55	654 B	1.8 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-21	medium	194.44.64.8	Sinkholed
2024-09-21	medium	194.44.64.8	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (8)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d53da2de4fc4634a067495f858d15c81
be0d08371e49c3ff6bb6eb6760b0142bb5e49181
a4dfb633c3d6c80962fe436220800f7f6fac707a55806bfc1757d4fa49af8cdc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A4DFB633C3D6C80962FE436220800F7F6FAC707A55806BFC1757D4FA49AF8CDC"
Last-Modified: Fri, 20 Sep 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15245
Expires: Sat, 21 Sep 2024 08:52:14 GMT
Date: Sat, 21 Sep 2024 04:38:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
338f5ba0324f3a6619bb47d052dcba71
9b4e7ac09e9f21c66c6321957e3e1d5da2701d95
8b25dad3bc97c928b97cee86bb8c0a526d623d4d610058eab4b743af0045f107

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8B25DAD3BC97C928B97CEE86BB8C0A526D623D4D610058EAB4B743AF0045F107"
Last-Modified: Fri, 20 Sep 2024 18:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5399
Expires: Sat, 21 Sep 2024 06:08:08 GMT
Date: Sat, 21 Sep 2024 04:38:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
81c5a77a040440a9394b2bada97c3fc3
83315d75851202154b276ecea5fdf7410a8b44f8
331d889a1604cf5e388cec6315c3d72ecaa48adfdc90d8bbfb15bfc0529eb022

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "331D889A1604CF5E388CEC6315C3D72ECAA48ADFDC90D8BBFB15BFC0529EB022"
Last-Modified: Fri, 20 Sep 2024 19:45:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20228
Expires: Sat, 21 Sep 2024 10:15:17 GMT
Date: Sat, 21 Sep 2024 04:38:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
54381a64dd82b643053eb5594028c096
a1c4314ce5e40b2656a681dea7ebb12584c120f4
895194550ad64a6db957e7082fd82a827b83ae36ad1f603c45f3a52dddf1ced5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "895194550AD64A6DB957E7082FD82A827B83AE36AD1F603C45F3A52DDDF1CED5"
Last-Modified: Fri, 20 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13729
Expires: Sat, 21 Sep 2024 08:26:58 GMT
Date: Sat, 21 Sep 2024 04:38:09 GMT
Connection: keep-alive

GET 194.44.64.8/

194.44.64.8

400 Bad Request

308 B

URL User Request GET HTTP/1.0
194.44.64.8/
IP
194.44.64.8:80
ASN
#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw

File type
HTML document, ASCII text
Size
308 B (308 bytes)
Hash
892bf2b04eadde7a762ca47065d7165f
55b50ac48c63bdc89e64a4598f48405917d4029c
211e0a60bb91318487ea53e14463e19eb73b0d816f133dbbb179cdc00adb65f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 194.44.64.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 308
Expires: Sat, 21 Sep 2024 04:38:09 GMT
Date: Sat, 21 Sep 2024 04:38:09 GMT
Connection: close

GET 194.44.64.8/favicon.ico

194.44.64.8

400 Bad Request

354 B

URL GET HTTP/1.0
194.44.64.8/favicon.ico
IP
194.44.64.8:80
ASN
#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw

Requested by
http://194.44.64.8/

File type
HTML document, ASCII text
Size
354 B (354 bytes)
Hash
f572468ec404bdfbb7994e3dacec989b
6fbec6c3dc1fbbc9690125fbd4f447e2a2605e9c
c1a18ae91312ed1c257b46a08868dbd8f9df7f3442fdba75dff311b7136fcd05

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 194.44.64.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.64.8/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 354
Expires: Sat, 21 Sep 2024 04:38:10 GMT
Date: Sat, 21 Sep 2024 04:38:10 GMT
Connection: close

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d94ce84db5a773ffc1fb41453b6dc6f6
08f9a2a272103a7966deec3bb9d5c0efc2ce496a
16b0639221c1788b53eb790976e9ab3e89721299e2f67cad704a0e09bdc85314

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "16B0639221C1788B53EB790976E9AB3E89721299E2F67CAD704A0E09BDC85314"
Last-Modified: Fri, 20 Sep 2024 12:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19551
Expires: Sat, 21 Sep 2024 10:04:02 GMT
Date: Sat, 21 Sep 2024 04:38:11 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d94ce84db5a773ffc1fb41453b6dc6f6
08f9a2a272103a7966deec3bb9d5c0efc2ce496a
16b0639221c1788b53eb790976e9ab3e89721299e2f67cad704a0e09bdc85314

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "16B0639221C1788B53EB790976E9AB3E89721299E2F67CAD704A0E09BDC85314"
Last-Modified: Fri, 20 Sep 2024 12:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19551
Expires: Sat, 21 Sep 2024 10:04:02 GMT
Date: Sat, 21 Sep 2024 04:38:11 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (8)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.0

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.0

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers