| zab2.za.com/cgi-bin/GlobalSources?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO | 45.56.79.23 | | 661 B |
URL zab2.za.com/cgi-bin/GlobalSources?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO IP45.56.79.23:0 ASN#63949 Akamai Connected Cloud
File typeHTML document, ASCII text, with very long lines (459) Hash26f2cd0bb14bc77bab4c91fbda3aeae5 f78e848d01a00967f940adb8051ef35ee537d8d2 457c6430372290bfbf12d44d450d4befe26bb004ff61151a58b89712886151e8
GET /cgi-bin/GlobalSources?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO HTTP/1.1
Host: zab2.za.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Fri, 29 Mar 2024 00:50:09 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
|
| zab2.za.com/cgi-bin/GlobalSources?gp=1&js=1&uuid=1711673409.0032416474&other_args=eyJ1cmkiOiAiL2NnaS1iaW4vR2xvYmFsU291cmNlcyIsICJhcmdzIjogImVtYWlsPVtbLUVtYWlsLV1dJnNvdXJjZT1nbWFpbCZ1c3Q9MTY5MzgyMTkxOTY1NDAwMCZ1c2c9QU92VmF3M1NheHBaUm5VaWM2MTNuUWg0X29ETyIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 | 198.58.118.167 | 302 Found | 0 B |
URL User Request GET HTTP/1.1zab2.za.com/cgi-bin/GlobalSources?gp=1&js=1&uuid=1711673409.0032416474&other_args=eyJ1cmkiOiAiL2NnaS1iaW4vR2xvYmFsU291cmNlcyIsICJhcmdzIjogImVtYWlsPVtbLUVtYWlsLV1dJnNvdXJjZT1nbWFpbCZ1c3Q9MTY5MzgyMTkxOTY1NDAwMCZ1c2c9QU92VmF3M1NheHBaUm5VaWM2MTNuUWg0X29ETyIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 IP198.58.118.167:80 ASN#63949 Akamai Connected Cloud
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/GlobalSources?gp=1&js=1&uuid=1711673409.0032416474&other_args=eyJ1cmkiOiAiL2NnaS1iaW4vR2xvYmFsU291cmNlcyIsICJhcmdzIjogImVtYWlsPVtbLUVtYWlsLV1dJnNvdXJjZT1nbWFpbCZ1c3Q9MTY5MzgyMTkxOTY1NDAwMCZ1c2c9QU92VmF3M1NheHBaUm5VaWM2MTNuUWg0X29ETyIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: zab2.za.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zab2.za.com/cgi-bin/GlobalSources?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Fri, 29 Mar 2024 00:50:10 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.za.com/?tm=1&subid4=1711673410.0454060000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 7
x-mtm-prov: 78:0.00;445:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ6YWIyLnphLmNvbSIsImh0dHA6Ly93d3cxLnphLmNvbS8_dG09MSZzdWJpZDQ9MTcxMTY3MzQxMC4wNDU0MDYwMDAwJktXMT1QZXJzb25hbCUyMExvYW5zJktXMj1DcmVkaXQlMjBDYXJkcyZLVzM9Q2FyJTIwSW5zdXJhbmNlJnNlYXJjaGJveD0wJmRvbWFpbm5hbWU9MCZiYWNrZmlsbD0wIiwxLCIyMDI0LTAzLTI5IDAwOjUwOjEwIiwxLCIxNzExNjczNDEwLjA0NTQwNjAwMDAiLDQ0NSxudWxsLG51bGxd:1rq0Re:ubwiTeJAa70wE7PeHVXtSGbtVBM; expires=Fri, 29-Mar-2024 01:50:10 GMT; Max-Age=3600; Path=/
connection: close
|
| www1.za.com/?tm=1&subid4=1711673410.0454060000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0 | 0.0.0.0 | | 0 B |
URL User Request GET www1.za.com/?tm=1&subid4=1711673410.0454060000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?tm=1&subid4=1711673410.0454060000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.za.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|