Report - 188.222.45.134

Report Overview

Submitted URL
188.222.45.134
IP
188.222.45.134
ASN
#5607 Sky UK Limited
Submitted
2024-04-24 04:30:38
Access
public
Website Title
IVSWeb 2.0 - Welcome
Final URL
188.222.45.134/new/index.jsp
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
188.222.45.134	unknown	unknown	No data	No data	6.6 kB	575 kB	188.222.45.134

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed
2024-04-24	medium	188.222.45.134	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	188.222.45.134/new/index.jsp	0 B	2023-03-07	2024-05-06
Pretty URL 188.222.45.134/new/index.jsp IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 05:40:32 Times Seen37373256 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	10 B	2023-06-04	2024-04-28
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-06-04 23:13:36 Last Seen2024-04-28 13:31:39 Times Seen236 Hash 3bdba6405cd32cd8005b8c50648bcbfc eecb03d99ce47ea01362b29d8924e2333e90e4c2 b26bd6c3ccd6687f288f808c5888a95fce2710ca89d63eddefb371eee9bb05e2 Loading...

	188.222.45.134/js/json_sans_eval.js	8.3 kB	2023-03-07	2024-04-28
Pretty URL 188.222.45.134/js/json_sans_eval.js IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:35 Last Seen2024-04-28 13:31:39 Times Seen522 Hash 36ff5136abf4856e52e56b0034ee52de 31580de1b6c344cfd00694a78cc464a5a56c10c9 7c7580e4aac9951d8e16f34145d1a13b856ea7afa359818bfb3ea915e083f8b3 Loading...

	188.222.45.134/js/clientinfo.js	1.8 kB	2024-02-16	2024-04-24
Pretty URL 188.222.45.134/js/clientinfo.js IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-16 13:35:01 Last Seen2024-04-24 06:30:44 Times Seen9 Hash 8263b68f545a7fc66b3570b6adfa79cf 9561c20751f8742e03aed5a78c24623ace1a52de 5d54384ff7777533d14f311c546abdcce1277446d09148770d538e41c4d3c784 Loading...

	188.222.45.134/js/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-05-05
Pretty URL 188.222.45.134/js/jquery-1.7.2.min.js IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-05 15:56:31 Times Seen13942 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	188.222.45.134/js/httpconnect.js	3.7 kB	2023-03-07	2024-04-28
Pretty URL 188.222.45.134/js/httpconnect.js IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:35 Last Seen2024-04-28 13:31:39 Times Seen522 Hash 327725d66a1f6f69eaf77a0c4647db64 d919794aae170c761481571b6207089a3555c827 aec270310d0b4fdb103a491f16d56e0a6b90594861ee88c2197c0a446524258c Loading...

	188.222.45.134/js/command.js	105 kB	2023-06-06	2024-04-24
Pretty URL 188.222.45.134/js/command.js IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-06 22:48:15 Last Seen2024-04-24 06:30:44 Times Seen27 Hash c3937f95c325c2efdb58734cd10f995b 5a1628b37cc2bba778a7b217ba5cf128b16ece12 c7b03fff4c3edd60bdbaed66de7a8ef1e7cd8d9c568a5b2974ad4485752e405f Loading...

	188.222.45.134/js/pop.js	4.3 kB	2023-03-07	2024-04-26
Pretty URL 188.222.45.134/js/pop.js IP 188.222.45.134 ASN #5607 Sky UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:19 Last Seen2024-04-26 14:34:25 Times Seen98 Hash 901f8f77f0ea0e115b317270774ce473 e261cb39728f92b1552338a39d27548950f5e8d0 47f2ea0fbc95a3a872339099bc69d173333d1d1601963016ab188eaaa57d9e6c Loading...

HTTP Transactions (19)

URL IP Response Size

188.222.45.134/

188.222.45.134

2.3 kB

URL
188.222.45.134/
IP
188.222.45.134:0
ASN
#5607 Sky UK Limited

File type
HTML document, ASCII text
Size
2.3 kB (2263 bytes)
Hash
6aa754115ac5307c19094ab19558c95f
90d0466e636a3608b90edcf9fdbe7e138d88edc0
e3df04b6c63fbf3d3825518d82b8784b2e4aab6b6de384b3203313e6aa383c6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2263
Content-Type: text/html;charset=UTF-8
ETag: W/"1FE046C0527773E4-index"
Last-Modified: Wed, 24 Apr 2024 05:30:14 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/css/login.css

188.222.45.134

200 OK

2.1 kB

URL GET HTTP/1.1
188.222.45.134/css/login.css
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.1 kB (2072 bytes)
Hash
ee0851fb7aef840f2d49b735c92ee9f0
bc0f4c09f87951675f08a40023422ca42531ee06
3a74a9ff6c035cae6483e2f64b0e5875f89fc525f9bc9c40ecee4a40a51cf98a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/login.css HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2072
Content-Type: text/css
ETag: W/"1FE046C0527773E4-login"
Last-Modified: Wed, 24 Apr 2024 05:30:14 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/httpconnect.js

188.222.45.134

200 OK

3.7 kB

URL GET HTTP/1.1
188.222.45.134/js/httpconnect.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.7 kB (3677 bytes)
Hash
327725d66a1f6f69eaf77a0c4647db64
d919794aae170c761481571b6207089a3555c827
aec270310d0b4fdb103a491f16d56e0a6b90594861ee88c2197c0a446524258c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/httpconnect.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 3677
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-httpconnect"
Last-Modified: Wed, 24 Apr 2024 05:30:14 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/json_sans_eval.js

188.222.45.134

200 OK

8.3 kB

URL GET HTTP/1.1
188.222.45.134/js/json_sans_eval.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
JavaScript source, ASCII text
Size
8.3 kB (8277 bytes)
Hash
36ff5136abf4856e52e56b0034ee52de
31580de1b6c344cfd00694a78cc464a5a56c10c9
7c7580e4aac9951d8e16f34145d1a13b856ea7afa359818bfb3ea915e083f8b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/json_sans_eval.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 8277
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-json_sans_eval"
Last-Modified: Wed, 24 Apr 2024 05:30:14 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/clientinfo.js

188.222.45.134

200 OK

1.8 kB

URL GET HTTP/1.1
188.222.45.134/js/clientinfo.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.8 kB (1752 bytes)
Hash
8263b68f545a7fc66b3570b6adfa79cf
9561c20751f8742e03aed5a78c24623ace1a52de
5d54384ff7777533d14f311c546abdcce1277446d09148770d538e41c4d3c784

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/clientinfo.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1752
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-clientinfo"
Last-Modified: Wed, 24 Apr 2024 05:30:14 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/command.js

188.222.45.134

200 OK

105 kB

URL GET HTTP/1.1
188.222.45.134/js/command.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with very long lines (395), with CRLF line terminators
Size
105 kB (104625 bytes)
Hash
2980a66e4aa06e6aa4e5d94fe55ab1ff
a6ab9a3081099e0f2de170ef53ffc81d7357fb4a
40978a4a94562afb19cb265dce529f0790de6cafc107aae5081e12b1f704b44b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/command.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 104625
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-command"
Last-Modified: Wed, 24 Apr 2024 05:30:14 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/new/index.jsp

188.222.45.134

3.3 kB

URL User Request GET
188.222.45.134/new/index.jsp
IP
188.222.45.134:0
ASN
#5607 Sky UK Limited

File type
HTML document, ASCII text
Size
3.3 kB (3299 bytes)
Hash
58eb8617a41585d448b15756f3f22009
fd695f50456c10bc181fe096c0fc835a0cb83c16
ed6e3d87b451b0ec5d87fd1f0b3cb2fb00a3661ef7ed11f961655b93e680d5ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/index.jsp HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://188.222.45.134/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 3299
Content-Type: text/html;charset=UTF-8
ETag: W/"1FE046C0527773E4-index"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/json_sans_eval.js

188.222.45.134

200 OK

8.3 kB

URL GET HTTP/1.1
188.222.45.134/js/json_sans_eval.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
JavaScript source, ASCII text
Size
8.3 kB (8277 bytes)
Hash
36ff5136abf4856e52e56b0034ee52de
31580de1b6c344cfd00694a78cc464a5a56c10c9
7c7580e4aac9951d8e16f34145d1a13b856ea7afa359818bfb3ea915e083f8b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/json_sans_eval.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 8277
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-json_sans_eval"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/httpconnect.js

188.222.45.134

200 OK

3.7 kB

URL GET HTTP/1.1
188.222.45.134/js/httpconnect.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.7 kB (3677 bytes)
Hash
327725d66a1f6f69eaf77a0c4647db64
d919794aae170c761481571b6207089a3555c827
aec270310d0b4fdb103a491f16d56e0a6b90594861ee88c2197c0a446524258c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/httpconnect.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 3677
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-httpconnect"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/clientinfo.js

188.222.45.134

200 OK

1.8 kB

URL GET HTTP/1.1
188.222.45.134/js/clientinfo.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.8 kB (1752 bytes)
Hash
8263b68f545a7fc66b3570b6adfa79cf
9561c20751f8742e03aed5a78c24623ace1a52de
5d54384ff7777533d14f311c546abdcce1277446d09148770d538e41c4d3c784

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/clientinfo.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1752
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-clientinfo"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/pop.js

188.222.45.134

200 OK

4.3 kB

URL GET HTTP/1.1
188.222.45.134/js/pop.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
4.3 kB (4327 bytes)
Hash
901f8f77f0ea0e115b317270774ce473
e261cb39728f92b1552338a39d27548950f5e8d0
47f2ea0fbc95a3a872339099bc69d173333d1d1601963016ab188eaaa57d9e6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pop.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 4327
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-pop"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/css/login.css

188.222.45.134

200 OK

2.1 kB

URL GET HTTP/1.1
188.222.45.134/css/login.css
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.1 kB (2072 bytes)
Hash
ee0851fb7aef840f2d49b735c92ee9f0
bc0f4c09f87951675f08a40023422ca42531ee06
3a74a9ff6c035cae6483e2f64b0e5875f89fc525f9bc9c40ecee4a40a51cf98a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/login.css HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2072
Content-Type: text/css
ETag: W/"1FE046C0527773E4-login"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/command.js

188.222.45.134

200 OK

105 kB

URL GET HTTP/1.1
188.222.45.134/js/command.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
Unicode text, UTF-8 text, with very long lines (395), with CRLF line terminators
Size
105 kB (104625 bytes)
Hash
2980a66e4aa06e6aa4e5d94fe55ab1ff
a6ab9a3081099e0f2de170ef53ffc81d7357fb4a
40978a4a94562afb19cb265dce529f0790de6cafc107aae5081e12b1f704b44b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/command.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 104625
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-command"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/js/jquery-1.7.2.min.js

188.222.45.134

200 OK

95 kB

URL GET HTTP/1.1
188.222.45.134/js/jquery-1.7.2.min.js
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
95 kB (94840 bytes)
Hash
b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 94840
Content-Type: application/javascript
ETag: W/"1FE046C0527773E4-jquery-1.7.2.min"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/old/l_bt.png

188.222.45.134

200 OK

637 B

URL GET HTTP/1.1
188.222.45.134/old/l_bt.png
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
PNG image data, 72 x 23, 8-bit/color RGB, non-interlaced
Size
637 B (637 bytes)
Hash
6ec0a2fd1e9f11fe7d94b5ffa33ca93b
8536d9c9da491c2a4293d23bc0f84ae49f4ffe9f
845f4ebbe0d8b692261ffa4737b6513f6f281ca129bdb98f327207a8e70b6271

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /old/l_bt.png HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 637
Content-Type: image/png
ETag: W/"1FE046C0527773E4-l_bt"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/image/l_bgx.png

188.222.45.134

200 OK

25 kB

URL GET HTTP/1.1
188.222.45.134/image/l_bgx.png
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
PNG image data, 515 x 215, 8-bit/color RGBA, non-interlaced
Size
25 kB (24747 bytes)
Hash
ec8d60151f11beb52fa37c0e5d5b5682
7de23176398a2e836e888071e6e3447f33a2947e
f954d179d30434e73fb85bafa5103b384462957699ed1262f32b0a6b98ee6e98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/l_bgx.png HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 24747
Content-Type: image/png
ETag: W/"1FE046C0527773E4-l_bgx"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/image/l_bg.jpg

188.222.45.134

200 OK

35 kB

URL GET HTTP/1.1
188.222.45.134/image/l_bg.jpg
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1440x421, components 3
Size
35 kB (35023 bytes)
Hash
c4834bd9949d9eeb1a5be10d23f97585
d527651537712547fea5bbe14570903017075505
1178c30e273261d89ec1f261a89a1ed902e5831556dc7575f4ebc3c62da03607

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/l_bg.jpg HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 35023
Content-Type: image/jpeg
ETag: W/"1FE046C0527773E4-l_bg"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/image/loginmain.jpg

188.222.45.134

200 OK

165 kB

URL GET HTTP/1.1
188.222.45.134/image/loginmain.jpg
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1440], baseline, precision 8, 1440x900, components 3
Size
165 kB (165340 bytes)
Hash
6bc39cd6b127a1645e8b6db18eb8f1ab
6f51ddcb98a671f38796260a0aee660b56113d20
65ac6086cd1853c1efca176835cbc9b8ef88200c45866b0470f4264c8264f8c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/loginmain.jpg HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/css/login.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 165340
Content-Type: image/jpeg
ETag: W/"1FE046C0527773E4-loginmain"
Last-Modified: Wed, 24 Apr 2024 05:30:15 GMT
Server: WCY_WEBServer/2.0

188.222.45.134/favicon.ico

188.222.45.134

404 NOT FOUND

9 B

URL GET HTTP/1.1
188.222.45.134/favicon.ico
IP
188.222.45.134:80
ASN
#5607 Sky UK Limited

Requested by
http://188.222.45.134/new/index.jsp

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
ec65a3dc9c958c8350012207a7e11c7d
b18ee9a29706a8b7352fdcf012f02c77cbdd08e1
d262339346a267abf5207c549ae7a9c792fcbf1055be3dc5753dcda7176304e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 188.222.45.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://188.222.45.134/new/index.jsp
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 NOT FOUND
Content-Length: 9
Content-Type: text/html
Server: WCY_WEBServer/2.0

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)