Report - 139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill

Report Overview

Visited public
2024-02-04 05:08:02
Tags
URL
139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt
Finishing URL
139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt
IP / ASN
139.99.115.38
#16276 OVH SAS
Title
139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
139.99.115.38	unknown	unknown	2020-12-23 05:08:15	2021-11-22 15:09:32	1.4 kB	8.6 kB	139.99.115.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-02-04	medium	139.99.115.38	Sinkholed
2024-02-04	medium	139.99.115.38	Sinkholed
2024-02-04	medium	139.99.115.38	Sinkholed
2024-02-04	medium	139.99.115.38	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

139.99.115.38/

139.99.115.38

110 B

URL
139.99.115.38/
IP
139.99.115.38:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
110 B (110 bytes)
Hash
60f6a98416ba60c7a5c0f68afc194167
c53908b154cd07d81d86f9732beb4112754b15dc
c2f695433a1d150eb0e585d07dd14b1f0664357ca17cf9d5fbd672ace5cb9bcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 139.99.115.38
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sun, 04 Feb 2024 21:07:32 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23
X-Powered-By: PHP/5.6.23
Set-Cookie: PHPSESSID=vhmih4anjakeru5f7pths867p0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /registration
Content-Length: 110
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

139.99.115.38/registration

139.99.115.38

5.0 kB

URL
139.99.115.38/registration
IP
139.99.115.38:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text
Size
5.0 kB (5036 bytes)
Hash
057929cddc2c3a871b23982de562c987
f83f6890d702fbca579e904406fcbf322cbf50c1
2dcce32c2b475456fa633bbebbafee4b05a438b331802bf7304cd6f7b0a5a342

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /registration HTTP/1.1
Host: 139.99.115.38
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Feb 2024 21:07:33 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23
X-Powered-By: PHP/5.6.23
Content-Length: 5036
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt

139.99.115.38

200 OK

788 B

URL User Request GET HTTP/1.1
139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt
IP
139.99.115.38:80
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
788 B (788 bytes)
Hash
32ae32784fc739ebe8b5f65254306997
f13cce71de2f34b394e7afc8de93e96cf7391bf2
42c59b798481f1bf27f512807176915d35197434824e37db1badafb3ce3a9dd7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt HTTP/1.1
Host: 139.99.115.38
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Feb 2024 21:07:33 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23
Last-Modified: Mon, 14 Jan 2019 01:28:19 GMT
ETag: "314-57f60f5b94b1a"
Accept-Ranges: bytes
Content-Length: 788
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain

139.99.115.38/favicon.ico

139.99.115.38

404 Not Found

1.3 kB

URL GET HTTP/1.1
139.99.115.38/favicon.ico
IP
139.99.115.38:80
ASN
#16276 OVH SAS

Requested by
http://139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt

File type
XML 1.0 document, ASCII text, with CRLF line terminators
Size
1.3 kB (1342 bytes)
Hash
c8ce746f7b9b40908f2a5fb7a3367939
64420476bba88ad6db274fd6d6969e7af74f937a
41470fdb8057b685330bcc4f2e309a9a2580481e386c1c27dd2610621096fee6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 139.99.115.38
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://139.99.115.38/files/web/output/client/bitmaps/interface4/skillscript/av_skill_deathcall.txt
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sun, 04 Feb 2024 21:07:34 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers