78.153.130.157
78.153.130.157 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
http://78.153.130.157/
Submission Tags: c2 malware spy-agent Search All
Submission: On July 24 via api (July 24th 2024, 2:24:59 pm UTC) from US — Scanned from AT

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 12 HTTP transactions. The main IP is 78.153.130.157, located in Vienna, Austria and belongs to AEZA-AS, GB. The main domain is 78.153.130.157.

This is the only time 78.153.130.157 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	78.153.130.157 78.153.130.157	210644 (AEZA-AS) (AEZA-AS)
1	178.154.131.217 178.154.131.217	13238 (YANDEX) (YANDEX)
12	2

11 78.153.130.157 (Vienna, Austria)

ASN210644 (AEZA-AS, GB)
PTR: selective-cast.aeza.network

78.153.130.157	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 4613 12yr old	29 KB
12	1

	Domain	Requested by
1	yastatic.net	78.153.130.157
12	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://78.153.130.157/
Frame ID: D6926FB255537CB17416CBF3A978DCBF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SpY-Agent v1.2

Page URL History Show full URLs

http://78.153.130.157/ HTTP 307
https://78.153.130.157/ HTTP 307
http://78.153.130.157/ Page URL

Detected technologies

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

335 kB
Transfer

626 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://78.153.130.157/ HTTP 307
https://78.153.130.157/ HTTP 307
http://78.153.130.157/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
78.153.130.157/
Redirect Chain

http://78.153.130.157/
https://78.153.130.157/
http://78.153.130.157/

2 KB
1 KB

32ms
31ms

Document
text/html

78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 95b414d75e8f4a267effa6e2e32d553eb144f8260ada4513c7989f6a75d62e0f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 877
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Jul 2024 14:25:02 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Location: http://78.153.130.157/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK j.js Show response
78.153.130.157/js/ 71 KB
24 KB 36ms
33ms Script
application/javascript 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/js/j.js
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Dec 2015 16:38:55 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "11a88-527e3d30605c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24693

GET
H/1.1 200
OK jc.js Show response
78.153.130.157/js/ 204 KB
51 KB 68ms
56ms Script
application/javascript 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/js/jc.js
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e407728304226ab23a2efccdda79f7b1e84284c404cef2c52f55f5127b6f10e1

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Dec 2015 16:38:56 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "32f83-527e3d3154800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51826

GET
H/1.1 200
OK js.js Show response
78.153.130.157/js/ 4 KB
2 KB 61ms
50ms Script
application/javascript 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/js/js.js
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: dfc2e3c8e9af791114b37b05a909e2a08eba3fae3e7e07b5d7a18c5761269287

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Dec 2015 16:38:56 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "10f5-527e3d3154800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1449

GET
H/1.1 200
OK popup.js Show response
78.153.130.157/js/ 7 KB
2 KB 61ms
49ms Script
application/javascript 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/js/popup.js
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0069afb2165e604b28241b98497ffe950233a54180e50584531fb9c631558a91

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Dec 2015 16:38:57 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1c3f-527e3d3248a40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1434

GET
H/1.1 200
OK jquery.min.js Show response
yastatic.net/jquery/2.1.3/ 82 KB
29 KB 129ms
105ms Script
application/x-javascript 178.154.131.217
YANDEX

General

Check archive.org

Download Go to

Full URL

http://yastatic.net/jquery/2.1.3/jquery.min.js

Requested by

Host: 78.153.130.157
URL: http://78.153.130.157/

Protocol

HTTP/1.1

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=43200000; includeSubDomains;
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection: keep-alive
Content-Length: 28503
Last-Modified: Mon, 12 Nov 2018 13:13:40 GMT
Server: nginx/1.17.9
Etag: "213bdc962014862f92d5b07b14456e06"
Vary: Accept-Encoding
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31556952
X-Nginx-Request-Id: 33cddcd8a5af10c4
Accept-Ranges: bytes
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Sat, 05 Jul 2025 17:53:25 GMT

GET
H/1.1 200
OK c.css
78.153.130.157/css/ 38 KB
7 KB 59ms
50ms Stylesheet
text/css 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/css/c.css
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9801f0cc7f2fb6647c46cb00397683c25f049696a2e1ede5f15bf181196ee629

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Dec 2015 16:39:29 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "98f3-527e3d50cd240-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7234

GET
H/1.1 200
OK en-us.png
78.153.130.157/img/ 4 KB
4 KB 64ms
52ms Image
image/png 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to Show image

Full URL: http://78.153.130.157/img/en-us.png
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5263ebc5e21115394025e2d263386ab981b9905cdeff10d4484073252fc798f9

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Last-Modified: Sat, 01 Aug 2015 17:47:16 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "f38-51c4386f2d100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3896

GET
H/1.1 200
OK ru-ru.png
78.153.130.157/img/ 1 KB
2 KB 30ms
29ms Image
image/png 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to Show image

Full URL: http://78.153.130.157/img/ru-ru.png
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e6ab5cff4ffb04dcff62fabb3b3393a738e04d21929bcb9a3fe7dbaafeed01a4

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Last-Modified: Sat, 01 Aug 2015 17:48:16 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5df-51c438a865800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1503

GET
H/1.1 200
OK logout.png
78.153.130.157/img/ 18 KB
19 KB 34ms
34ms Image
image/png 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to Show image

Full URL: http://78.153.130.157/img/logout.png
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2311f709b31f7bb7cc24aed10bdaed9b021d3cc93bf926d0c11ddafd8f5ef35c

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Last-Modified: Fri, 25 Dec 2015 00:33:49 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "496f-527ae1bdfd540"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18799

GET
H/1.1 200
OK background.jpg
78.153.130.157/img/ 193 KB
193 KB 33ms
33ms Image
image/jpeg 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to Show image

Full URL: http://78.153.130.157/img/background.jpg
Requested by: Host: 78.153.130.157
URL: http://78.153.130.157/css/c.css
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b1944d2d1dcf7711ba39013a53d08a9e35be42f4e35334d3f0ad77ac39a2cf40

Request headers

Referer: http://78.153.130.157/css/c.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:02 GMT
Last-Modified: Sat, 11 May 2013 15:36:19 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "30374-4dc730b7e02c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 197492

GET
H/1.1 200
OK favicon.ico
78.153.130.157/ 1 KB
2 KB 34ms
33ms Other
image/vnd.microsoft.icon 78.153.130.157
AEZA-AS

General

Check archive.org

Download Go to

Full URL: http://78.153.130.157/favicon.ico
Protocol: HTTP/1.1
Server: 78.153.130.157 Vienna, Austria, ASN210644 (AEZA-AS, GB),
Reverse DNS: selective-cast.aeza.network
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 532fbf2c92cbf8faea53e73b379a3f24406e07721ff50ac4c6bbc9f7fcc3753d

Request headers

Referer: http://78.153.130.157/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 14:25:03 GMT
Last-Modified: Mon, 21 Jan 2013 01:13:16 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "57e-4d3c22a70e300"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1406

Verdicts & Comments Add Verdict or Comment

11 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://78.153.130.157/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

yastatic.net
178.154.131.217
78.153.130.157
0069afb2165e604b28241b98497ffe950233a54180e50584531fb9c631558a91
2311f709b31f7bb7cc24aed10bdaed9b021d3cc93bf926d0c11ddafd8f5ef35c
5263ebc5e21115394025e2d263386ab981b9905cdeff10d4484073252fc798f9
532fbf2c92cbf8faea53e73b379a3f24406e07721ff50ac4c6bbc9f7fcc3753d
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
95b414d75e8f4a267effa6e2e32d553eb144f8260ada4513c7989f6a75d62e0f
9801f0cc7f2fb6647c46cb00397683c25f049696a2e1ede5f15bf181196ee629
b1944d2d1dcf7711ba39013a53d08a9e35be42f4e35334d3f0ad77ac39a2cf40
dfc2e3c8e9af791114b37b05a909e2a08eba3fae3e7e07b5d7a18c5761269287
e407728304226ab23a2efccdda79f7b1e84284c404cef2c52f55f5127b6f10e1
e6ab5cff4ffb04dcff62fabb3b3393a738e04d21929bcb9a3fe7dbaafeed01a4

78.153.130.157 78.153.130.157 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

2 Countries

335 kBTransfer

626 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Window variables

0 Cookies

1 Console Messages

Indicators

78.153.130.157
78.153.130.157 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

335 kB
Transfer

626 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions