Overview

URL www.academyicct.com.eg/livesupport/office/secure/
IP5.189.149.67
ASNAS51167 Contabo GmbH
Location Germany
Report completed2017-12-05 02:52:36 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish
Added / Verified Severity Host Comment
2017-12-04 2 www.academyicct.com.eg/livesupport/office/secure/ Office365
2017-12-04 2 www.academyicct.com.eg/livesupport/office/secure/ Office365
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-12-05 2 www.academyicct.com.eg/livesupport/office/secure/ Phishing
2017-12-05 2 www.academyicct.com.eg/livesupport/office/secure/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 5.189.149.67

Date UQ / IDS / BL URL IP
2018-09-21 11:13:00 +0200
0 - 0 - 2 bwabtnews.com/blackjacks.php 5.189.149.67
2018-01-29 06:50:50 +0100
1 - 0 - 94 www.mostafakamel.net/au/ 5.189.149.67
2017-12-05 00:28:30 +0100
0 - 0 - 4 www.academyicct.com.eg/livesupport/office/secure 5.189.149.67
2017-12-04 23:00:27 +0100
0 - 0 - 2 www.academyicct.com.eg/livesupport/office/secure/ 5.189.149.67
2017-08-27 07:08:22 +0200
0 - 0 - 1 bwabtnews.com/gratify.php 5.189.149.67
2017-08-23 22:19:43 +0200
0 - 0 - 3 bwabtnews.com/blackjacks.php 5.189.149.67

Last 10 reports on ASN: AS51167 Contabo GmbH

Date UQ / IDS / BL URL IP
2019-02-19 00:29:33 +0100
0 - 0 - 1 https://www.oneclickandgo.co.uk/product-categ (...) 5.189.141.199
2019-02-19 00:20:26 +0100
0 - 0 - 5 regaliscrapbooking.it/ 79.143.185.202
2019-02-18 23:12:15 +0100
0 - 1 - 0 vd.telema.xyz/ 5.189.138.91
2019-02-18 22:52:22 +0100
0 - 2 - 0 vai.instampa.in/ 5.189.139.193
2019-02-18 20:32:23 +0100
0 - 0 - 1 www.rgtmk.in/op/kk.exe 91.194.90.36
2019-02-18 18:33:47 +0100
0 - 0 - 30 cnvmtspoas.ed.cr/ 213.136.66.216
2019-02-18 17:45:13 +0100
0 - 0 - 4 aur.bid/ 91.205.174.26
2019-02-18 17:16:14 +0100
0 - 1 - 0 sweeps-kw.pw/lp/swpskw/p1/index.html?city=Mou (...) 5.189.175.136
2019-02-18 15:29:00 +0100
0 - 0 - 2 aulamagna.online/ 5.189.148.10
2019-02-18 15:13:27 +0100
0 - 1 - 0 gorenotomotiv.com/ 213.136.83.231

No other reports on domain: academyicct.com.eg



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (12)


Request Response
                                        
                                            GET /livesupport/office/secure/ HTTP/1.1 
Host: www.academyicct.com.eg
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.189.149.67
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 05 Dec 2017 01:58:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Dec 2017 07:33:54 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10407
Md5:    e54a7f33fff8df104cfadb0e0ebca7c1
Sha1:   1152e43bf4e294c96f1fc128d51fd7da7859d654
Sha256: 04b58b35f7fa802f45dc98a69edf2ada6a9b0b70ae1522bdef5e0552db7af421

Alerts:
  Blacklists:
    - openphish: Office365
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.academyicct.com.eg
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.189.149.67
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Tue, 05 Dec 2017 01:58:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Sat, 03 Feb 2018 01:58:37 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Pragma: public


--- Additional Info ---
                                        
                                            GET /livesupport/office/secure/ HTTP/1.1 
Host: www.academyicct.com.eg
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.189.149.67
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 05 Dec 2017 01:58:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Dec 2017 07:33:54 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10407
Md5:    e54a7f33fff8df104cfadb0e0ebca7c1
Sha1:   1152e43bf4e294c96f1fc128d51fd7da7859d654
Sha256: 04b58b35f7fa802f45dc98a69edf2ada6a9b0b70ae1522bdef5e0552db7af421

Alerts:
  Blacklists:
    - openphish: Office365
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         104.17.179.200
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 01:58:38 GMT
Content-Length: 1831
Connection: keep-alive
Set-Cookie: __cfduid=dd988d5c0c595b0e518c287ef5f9578091512439118; expires=Wed, 05-Dec-18 01:58:38 GMT; path=/; domain=.msocsp.com; HttpOnly
Last-Modified: Mon, 04 Dec 2017 23:06:49 GMT
Expires: Fri, 08 Dec 2017 23:06:49 GMT
Etag: "bd1d0dcad10a5443cee317c8c285c868858e9860"
Cache-Control: max-age=10800,public,no-transform,must-revalidate
X-Cache: HIT
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c8366cb23084273-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    9388d020d6b61131dd4dda6cd983a65d
Sha1:   bd1d0dcad10a5443cee317c8c285c868858e9860
Sha256: 7e2c1d8743de41bd14b42242552e8712cb43f97cf8959430a078a3b4e1faeacd
                                        
                                            GET /ests/2.1.4146.1/content/cdnbundles/login.min.css HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 4690
Content-Encoding: gzip
Content-MD5: jOTXAmJHR5b52qUKbVa8og==
Last-Modified: Fri, 13 May 2016 21:56:08 GMT
Cache-Control: public, max-age=594685
Date: Tue, 05 Dec 2017 01:58:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   4690
Md5:    8ce4d70262474796f9daa50a6d56bca2
Sha1:   9aaa4c72865c03385f9884cfab457f418fa65841
Sha256: 9ad63100446aba8b928907235d449e88d038d7824b67ddfe6caf01c86873983b
                                        
                                            GET /ests/2.1.4146.1/content/images/favicon_a.ico HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Content-Length: 17174
Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
Last-Modified: Fri, 13 May 2016 21:56:45 GMT
Cache-Control: public, max-age=596153
Date: Tue, 05 Dec 2017 01:58:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  MS Windows icon resource - 6 icons, 16-colors
Size:   17174
Md5:    12e3dac858061d088023b2bd48e2fa96
Sha1:   e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
Sha256: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
                                        
                                            GET /ests/2.1.4146.1/content/cdnbundles/jquery.1.11.min.js HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 38134
Content-Encoding: gzip
Content-MD5: S8r/2IwpghzT1FfxQLzvdw==
Last-Modified: Fri, 13 May 2016 21:56:06 GMT
Cache-Control: public, max-age=591940
Date: Tue, 05 Dec 2017 01:58:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   38134
Md5:    4bcaffd88c29821cd3d457f140bcef77
Sha1:   edde357ad18bbacb8f5c01df19c8c1bebc7892f5
Sha256: 05a7a58d21afb949f1ddd7fa85f8a1080ed4ef09767965a0376bd8372ec2f3c0
                                        
                                            GET /ests/2.1.4146.1/content/images/microsoft_logo.png HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1040
Content-MD5: 5LZ1AH3GSS7lkBMdH337sw==
Last-Modified: Fri, 13 May 2016 21:56:51 GMT
Cache-Control: public, max-age=171029
Date: Tue, 05 Dec 2017 01:58:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image, 100 x 22, 8-bit/color RGBA, non-interlaced
Size:   1040
Md5:    e4b675007dc6492ee590131d1f7dfbb3
Sha1:   9397e98e13074c09072f6a50e7267c612738c455
Sha256: 988e349f2bf4e87154738c7b2c1fa86618713a8cfa0cef60a046f5add89bd9de
                                        
                                            GET /ests/2.1.4146.1/content/cdnbundles/login_hover.min.css HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 82
Content-Encoding: gzip
Content-MD5: k+LdzPr5J17LuCAOBMVTBQ==
Last-Modified: Fri, 13 May 2016 21:56:11 GMT
Cache-Control: public, max-age=596153
Date: Tue, 05 Dec 2017 01:58:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   82
Md5:    93e2ddccfaf9275ecbb8200e04c55305
Sha1:   70ed7422a6192e7b08c5ebcbc17641e7505bb681
Sha256: 66bf047108e0232578aa82c9dfe32bdc359acd10a19634b1e6da0a78e750f715
                                        
                                            GET /ests/2.1.4146.1/content/cdnbundles/aad.login.min.js HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 37332
Content-Encoding: gzip
Content-MD5: C1EIo6Lq2DGEvfnndQ8ZhQ==
Last-Modified: Fri, 13 May 2016 21:56:01 GMT
Cache-Control: public, max-age=591940
Date: Tue, 05 Dec 2017 01:58:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   37332
Md5:    0b5108a3a2ead83184bdf9e7750f1985
Sha1:   6501d730d2e23fb2e9a322b2e408908b8b5bcdc7
Sha256: b01e8fcc9727b5dc1a28cb87daba093887cfa7872e4e890dda57d0edd25dfaaf
                                        
                                            GET /dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/bannerlogo?ts=635538653042733860 HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: image\jpeg
                                        
Content-Length: 4585
Content-MD5: nwmifU9ps1V8dDNXSinXJg==
Last-Modified: Thu, 11 Dec 2014 03:28:24 GMT
Date: Tue, 05 Dec 2017 01:58:39 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image, 159 x 35, 8-bit/color RGBA, non-interlaced
Size:   4585
Md5:    9f09a27d4f69b3557c7433574a29d726
Sha1:   a3097972d16e6d5768086f3f126e8d07edcc5976
Sha256: fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603
                                        
                                            GET /dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/heroillustration?ts=635538653045233940 HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.academyicct.com.eg/livesupport/office/secure/

                                         
                                         104.66.117.208
HTTP/1.1 200 OK
Content-Type: image\jpeg
                                        
Last-Modified: Thu, 11 Dec 2014 03:28:24 GMT
Content-Length: 203294
Content-MD5: ZSg7Ej6yNeYXaumMAqxbHA==
Date: Tue, 05 Dec 2017 01:58:39 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   203294
Md5:    65283b123eb235e6176ae98c02ac5b1c
Sha1:   c50ca32b13a2dcbde0cb6eb2d4f72c252f14ac3f
Sha256: 7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b