Report - 139.45.192.3/

Report Overview

Visited public
2024-10-12 21:16:15
Tags
URL
139.45.192.3/
Finishing URL
139.45.192.3/
IP / ASN
139.45.192.3
#9002 RETN Limited
Title
403 Forbidden

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
139.45.192.3	unknown	unknown	2021-10-21 16:04:10	2024-02-06 18:06:43	718 B	960 B	139.45.192.3
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-11 18:12:06	981 B	2.7 kB	23.36.76.243
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-11 18:12:07	1.3 kB	3.6 kB	23.36.76.226
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-10-11 18:13:07	331 B	1.1 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-12	medium	139.45.192.3	Sinkholed
2024-10-12	medium	139.45.192.3	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (10)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
5173d2e4bb5191c60d56a91438a76ee1
62bc7900109792381aff2b94e78bad87d5ed88e3
d9801db6d85f1df03d3e8587b14ca7a7b5f7be19a10f3e99e3d6d497115cdee9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D9801DB6D85F1DF03D3E8587B14CA7A7B5F7BE19A10F3E99E3D6D497115CDEE9"
Last-Modified: Sat, 12 Oct 2024 16:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13306
Expires: Sun, 13 Oct 2024 00:57:35 GMT
Date: Sat, 12 Oct 2024 21:15:49 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
49d459d67cc355bc94b61374550e46e4
f33374c797ec2c4b41e64791a567840cda10020b
9e7cfd194040f99f45409a893e3e6028c1f58908844191e843ff0261a1b09530

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9E7CFD194040F99F45409A893E3E6028C1F58908844191E843FF0261A1B09530"
Last-Modified: Sat, 12 Oct 2024 18:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13441
Expires: Sun, 13 Oct 2024 00:59:51 GMT
Date: Sat, 12 Oct 2024 21:15:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0047c90c620c7ae5d6e899dbcd92d7f9
b40765060b59aa1231b7e4c552c7657c957a505e
8b02810ecc47d5f71219990370d9538bfff6e45c5ff895e7a3c60392423c5adb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8B02810ECC47D5F71219990370D9538BFFF6E45C5FF895E7A3C60392423C5ADB"
Last-Modified: Sat, 12 Oct 2024 08:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13574
Expires: Sun, 13 Oct 2024 01:02:04 GMT
Date: Sat, 12 Oct 2024 21:15:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
374cd62f7e2ef30aa12a90321ec28f07
6b13457ef66e3ff2f77848e56f69a1872261c24a
c911b66cd0725eef5fcfe41575902da1f6415506dd7aa4c0b41e457775344823

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C911B66CD0725EEF5FCFE41575902DA1F6415506DD7AA4C0B41E457775344823"
Last-Modified: Sat, 12 Oct 2024 05:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13309
Expires: Sun, 13 Oct 2024 00:57:39 GMT
Date: Sat, 12 Oct 2024 21:15:50 GMT
Connection: keep-alive

o.pki.goog/s/wr1/NM0

142.250.74.131

471 B

URL
o.pki.goog/s/wr1/NM0
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9efd368ccafbd732ff997ef47f5b272d
26b4692df7714fff5aff578935a57426e5b92e6c
7d4fdb9232d5a23b7de992fc7dace39b1c5cba561e0b2bcc77d8230e4c4d75e4

HTTP Headers

POST /s/wr1/NM0 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 21:15:50 GMT
Cache-Control: public, max-age=14400
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/sytroprc:52:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/sytroprc:52:0"}],}
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

139.45.192.3/

139.45.192.3

403 Forbidden

146 B

URL User Request GET HTTP/1.1
139.45.192.3/
IP
139.45.192.3:80
ASN
#9002 RETN Limited

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
9fe3cb2b7313dc79bb477bc8fde184a7
4d7b3cb41e90618358d0ee066c45c76227a13747
32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 139.45.192.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx
Date: Sat, 12 Oct 2024 21:15:50 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
Timing-Allow-Origin: *
Cache-Control: no-store
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-TCP-Info
X-TCP-Info: addr=91.90.42.154;port=19268;sc=

139.45.192.3/favicon.ico

139.45.192.3

403 Forbidden

146 B

URL GET HTTP/1.1
139.45.192.3/favicon.ico
IP
139.45.192.3:80
ASN
#9002 RETN Limited

Requested by
http://139.45.192.3/

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
9fe3cb2b7313dc79bb477bc8fde184a7
4d7b3cb41e90618358d0ee066c45c76227a13747
32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 139.45.192.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://139.45.192.3/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx
Date: Sat, 12 Oct 2024 21:15:50 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
Timing-Allow-Origin: *
Cache-Control: no-store
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-TCP-Info
X-TCP-Info: addr=91.90.42.154;port=19268;sc=

r11.o.lencr.org/

23.36.76.243

504 B

URL
r11.o.lencr.org/
IP
23.36.76.243:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
af0d1cea6aa0671f0271828695f79be4
ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3
33e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14841
Expires: Sun, 13 Oct 2024 01:23:13 GMT
Date: Sat, 12 Oct 2024 21:15:52 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.243

504 B

URL
r11.o.lencr.org/
IP
23.36.76.243:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
af0d1cea6aa0671f0271828695f79be4
ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3
33e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14841
Expires: Sun, 13 Oct 2024 01:23:13 GMT
Date: Sat, 12 Oct 2024 21:15:52 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.243

504 B

URL
r11.o.lencr.org/
IP
23.36.76.243:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
af0d1cea6aa0671f0271828695f79be4
ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3
33e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14841
Expires: Sun, 13 Oct 2024 01:23:13 GMT
Date: Sat, 12 Oct 2024 21:15:52 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (10)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers