urlscan.io logo urlscan.io
SecurityTrails logo

179.49.112.238 Open in urlscan Pro
179.49.112.238  Public Scan

Go To Rescan Add Verdict Report
URL: http://179.49.112.238:7070/payload/exploit.html
Submission Tags: falconsandbox
Submission: On June 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 1 HTTP transactions. The main IP is 179.49.112.238, located in San Pedro Sula, Honduras and belongs to ASOCIACION DE SERVICIO DE INTERNET S. DE RL., HN. The main domain is 179.49.112.238.
This is the only time 179.49.112.238 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 179.49.112.238 262234 (ASOCIACIO...)
1 1
Apex Domain
Subdomains		 Transfer
1 0
Domain Requested by
1 0

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://179.49.112.238:7070/payload/exploit.html
Frame ID: CE86E6B58DF59D73F5362052395825DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

105 kB
Transfer

105 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request exploit.html
179.49.112.238/payload/ 		105 KB
105 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://179.49.112.238:7070/payload/exploit.html
Protocol
HTTP/1.1
Server
179.49.112.238 San Pedro Sula, Honduras, ASN262234 (ASOCIACION DE SERVICIO DE INTERNET S. DE RL., HN),
Reverse DNS
block1-112-static-238.asinetwork.hn
Software
Apache/2.4.29 (Win32) OpenSSL/1.0.2n PHP/5.6.33 /
Resource Hash
0f0fe0750dddbc4e19eeda8fbf244fab8b1e5f536ef97015616e53d7e58ad45d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
107084
Content-Type
text/html
Date
Wed, 29 Jun 2022 03:00:33 GMT
ETag
"1a24c-556ecfffb15ba"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 17 Aug 2017 06:19:50 GMT
Server
Apache/2.4.29 (Win32) OpenSSL/1.0.2n PHP/5.6.33

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| UaF number| ROP_POPJUMPLR_STACK12 number| ROP_POPJUMPLR_STACK20 number| ROP_CALLFUNC number| ROP_CALLR28_POP_R28_TO_R31 number| ROP_POP_R28R29R30R31 number| ROP_POP_R27 number| ROP_POP_R24_TO_R31 number| ROP_CALLFUNCPTR_WITHARGS_FROM_R3MEM number| ROP_SETR3TOR31_POP_R31 number| ROP_memcpy number| ROP_DCFlushRange number| ROP_ICInvalidateRange number| ROP_OSSwitchSecCodeGenMode number| ROP_OSCodegenCopy number| ROP_OSGetCodegenVirtAddrRange number| ROP_OSGetCoreId number| ROP_OSGetCurrentThread number| ROP_OSSetThreadAffinity number| ROP_OSYieldThread number| ROP_OSFatal number| ROP_Exit number| ROP_OSScreenFlipBuffersEx number| ROP_OSScreenClearBufferEx number| ROP_OSDynLoad_Acquire number| ROP_OSDynLoad_FindExport number| ROP_os_snprintf number| payload_srcaddr number| ROPHEAP

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

179.49.112.238
0f0fe0750dddbc4e19eeda8fbf244fab8b1e5f536ef97015616e53d7e58ad45d