2.aerohive.pool.ntp.org Open in urlscan Pro
2.56.247.37 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://2.aerohive.pool.ntp.org/
Submission: On October 27 via api (October 27th 2024, 1:09:55 am UTC) from NL — Scanned from NL

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2.56.247.37, located in Nanterre, France and belongs to THREATOFF, DE. The main domain is 2.aerohive.pool.ntp.org. The Cisco Umbrella rank of the primary domain is 96246.

This is the only time 2.aerohive.pool.ntp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	2.56.247.37 2.56.247.37		215365 (THREATOFF) (THREATOFF)
11	1

11 2.56.247.37 (Nanterre, France)

ASN215365 (THREATOFF, DE)
PTR: threatoff.eu

2.aerohive.pool.ntp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ntp.org 2.aerohive.pool.ntp.org — Cisco Umbrella Rank: 96246	3 MB
11	1

	Domain	Requested by
11	2.aerohive.pool.ntp.org	2.aerohive.pool.ntp.org
11	1

This site contains links to these domains. Also see Links.

Domain
www.ntppool.org
github.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://2.aerohive.pool.ntp.org/
Frame ID: 25B26EFEEF5EECD717D13676B573B327
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NTP Run run1 - berlinholdings.pl

Page URL History Show full URLs

http://2.aerohive.pool.ntp.org/ HTTP 307
https://2.aerohive.pool.ntp.org/ HTTP 307
http://2.aerohive.pool.ntp.org/ Page URL

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2805 kB
Transfer

45977 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ntppool.org/
Title: ntppool.org

Search URL Search Domain Scan URL

URL: https://github.com/ddrown/chrony-graph
Title: https://github.com/ddrown/chrony-graph

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2.aerohive.pool.ntp.org/ HTTP 307
https://2.aerohive.pool.ntp.org/ HTTP 307
http://2.aerohive.pool.ntp.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 2.aerohive.pool.ntp.org/ Redirect Chain http://2.aerohive.pool.ntp.org/ https://2.aerohive.pool.ntp.org/ http://2.aerohive.pool.ntp.org/	1 KB 759 B	17ms 17ms	Document text/html	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Full URL http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `a1c2b277424b4c4d02ff23f3a120e44dedbaca7cc9c87a4a156cec0015718ddc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 27 Oct 2024 01:09:38 GMT ETag W/"671d90ac-438" Last-Modified Sun, 27 Oct 2024 01:00:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Location http://2.aerohive.pool.ntp.org/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	local-clock.svg 2.aerohive.pool.ntp.org/	15 MB 787 KB	17ms 16ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/local-clock.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `61a1e6bfddf024e57ff0a93ed29903045a88005e77b3709ff6e6ef5a3fc66f30` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a1-c4a63" Connection keep-alive Accept-Ranges bytes Content-Length 805475 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:17 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	percentiles.svg 2.aerohive.pool.ntp.org/	7 MB 311 KB	34ms 17ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/percentiles.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `16b6265da242e9a03f780ea37ad14aae2cc492512eaf6267e2b2107da0ec7aa3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a7-4d9ef" Connection keep-alive Accept-Ranges bytes Content-Length 317935 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:23 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	percentiles-offset.svg 2.aerohive.pool.ntp.org/	7 MB 482 KB	34ms 17ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/percentiles-offset.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `c70cd2913292f45b10a7229914896a5492b8abb28f6d47109a0efae11ed9605e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a9-787a8" Connection keep-alive Accept-Ranges bytes Content-Length 493480 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:25 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	offset-histogram.svg 2.aerohive.pool.ntp.org/	22 KB 2 KB	44ms 18ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/offset-histogram.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `31b31ad138b1db7ebcf8759807a6d869bcd929a8b48295aab10e8462b211b89d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a9-8db" Connection keep-alive Accept-Ranges bytes Content-Length 2267 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:25 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	local-clock-skew.svg 2.aerohive.pool.ntp.org/	7 MB 341 KB	61ms 16ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/local-clock-skew.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `30490c2271210aeb5d205bf435d4756de2a8e5263c234e8126dfc99ac80bb02a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a3-553cd" Connection keep-alive Accept-Ranges bytes Content-Length 349133 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:19 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	local-clock-stddev.svg 2.aerohive.pool.ntp.org/	5 MB 268 KB	158ms 16ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/local-clock-stddev.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `a8c9783b92470752e5c5d9045a4afdc3b5958e18279122efb619c1d046e0fd53` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a2-43054" Connection keep-alive Accept-Ranges bytes Content-Length 274516 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:18 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	all-diff-freq.svg 2.aerohive.pool.ntp.org/	987 KB 185 KB	28ms 15ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/all-diff-freq.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `547d7de7a6e4c5f48570a4a19056eddef666aef1145f3cf7934c6404ee3a917d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a5-2e4d7" Connection keep-alive Accept-Ranges bytes Content-Length 189655 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:21 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	all-offset.svg 2.aerohive.pool.ntp.org/	1 MB 241 KB	29ms 16ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/all-offset.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `8309af41cca80720e536385564a960e5a3629b80158929bca0ae78f546d79af3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a4-3c420" Connection keep-alive Accept-Ranges bytes Content-Length 246816 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:20 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	all-skew.svg 2.aerohive.pool.ntp.org/	987 KB 185 KB	30ms 16ms	Image image/svg+xml	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Show image Full URL http://2.aerohive.pool.ntp.org/all-skew.svg Requested by Host: 2.aerohive.pool.ntp.org URL: http://2.aerohive.pool.ntp.org/ Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `bc41583ea98ff6f2a4788b4ae0149a80f2862a291d8a746082c4ba57541574e1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Content-Encoding gzip ETag "671d90a5-2e3bd" Connection keep-alive Accept-Ranges bytes Content-Length 189373 Date Sun, 27 Oct 2024 01:09:38 GMT Content-Type image/svg+xml Last-Modified Sun, 27 Oct 2024 01:00:21 GMT Server nginx Vary Accept-Encoding
GET H/1.1	404 Not Found	favicon.ico 2.aerohive.pool.ntp.org/	548 B 380 B	18ms 17ms	Other text/html	2.56.247.37 THREATOFF
General Check archive.org Show headers Download Go to Full URL http://2.aerohive.pool.ntp.org/favicon.ico Protocol HTTP/1.1 Server 2.56.247.37 Nanterre, France, ASN215365 (THREATOFF, DE), Reverse DNS threatoff.eu Software nginx / Resource Hash `d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer http://2.aerohive.pool.ntp.org/ Response headers Transfer-Encoding chunked Content-Encoding gzip Date Sun, 27 Oct 2024 01:09:49 GMT Content-Type text/html Vary Accept-Encoding Server nginx Connection keep-alive

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://2.aerohive.pool.ntp.org/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.aerohive.pool.ntp.org
2.56.247.37
16b6265da242e9a03f780ea37ad14aae2cc492512eaf6267e2b2107da0ec7aa3
30490c2271210aeb5d205bf435d4756de2a8e5263c234e8126dfc99ac80bb02a
31b31ad138b1db7ebcf8759807a6d869bcd929a8b48295aab10e8462b211b89d
547d7de7a6e4c5f48570a4a19056eddef666aef1145f3cf7934c6404ee3a917d
61a1e6bfddf024e57ff0a93ed29903045a88005e77b3709ff6e6ef5a3fc66f30
8309af41cca80720e536385564a960e5a3629b80158929bca0ae78f546d79af3
a1c2b277424b4c4d02ff23f3a120e44dedbaca7cc9c87a4a156cec0015718ddc
a8c9783b92470752e5c5d9045a4afdc3b5958e18279122efb619c1d046e0fd53
bc41583ea98ff6f2a4788b4ae0149a80f2862a291d8a746082c4ba57541574e1
c70cd2913292f45b10a7229914896a5492b8abb28f6d47109a0efae11ed9605e
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

2.aerohive.pool.ntp.org Open in urlscan Pro 2.56.247.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2805 kBTransfer

45977 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

2.aerohive.pool.ntp.org Open in urlscan Pro
2.56.247.37 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2805 kB
Transfer

45977 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions