| |  34.239.210.82 | 301 Moved Permanently | 166 B |
URL User Request GET HTTP/1.1IP34.239.210.82:80
File typeHTML document, ASCII text, with CRLF line terminators Hash3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 34.239.210.82
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 08:41:32 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://alerts-msteams-connector-test.dataminr.com/
X-Correlation-Id: 41fe16e445c96e9c4bf2160bf1294a41
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: DENY
|
|
| alerts-msteams-connector-test.dataminr.com/static/css/main.0123079b.css | 54.236.219.1 | 200 OK | 434 B |
URL GET HTTP/2alerts-msteams-connector-test.dataminr.com/static/css/main.0123079b.css IP54.236.219.1:443
Requested byhttps://alerts-msteams-connector-test.dataminr.com/ CertificateIssuerAmazon Subject*.dataminr.com FingerprintF6:E4:94:20:94:3B:F4:05:B1:72:44:C5:DF:CB:EC:6F:0D:09:EE:9A ValidityMon, 17 Jul 2023 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (389) Hash5542541ce75f74a27379732b537bf42f 366ab7ce6d19531d9b82520046986ee79eecbeff 098ec24682ab1f34c2f1d47fb0d21acb72e94afcd6ba59d51057abc505b8ba16
GET /static/css/main.0123079b.css HTTP/1.1
Host: alerts-msteams-connector-test.dataminr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alerts-msteams-connector-test.dataminr.com/
Cookie: DM_STICKY=0230d46731451d3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:41:33 GMT
content-type: text/css; charset=utf-8
content-length: 434
content-disposition: inline; filename="main.0123079b.css"
accept-ranges: bytes
etag: "20c133c85470796c9327efce3dffc926fa0fd6b9"
content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
x-content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
vary: Accept-Encoding
x-correlation-id: 36b35a163601727c8ca676b299830e6b
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOW-FROM https://teams.microsoft.com/, DENY
X-Firefox-Spdy: h2
|
|
| static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2 |  23.199.223.63 | 200 OK | 32 kB |
URL GET HTTP/2static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2 IP23.199.223.63:443
Requested byhttps://alerts-msteams-connector-test.dataminr.com/ CertificateIssuerDigiCert Inc Subjectprivatecdn.sharepointonline.com Fingerprint89:D8:A0:A8:A0:8B:9E:77:86:3D:9D:9F:80:07:D1:FA:7C:16:4D:6F ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 31824, version 0.0 Hash66d11e55b7a413ddf6a84e858697e7b6 fe2693ad426bd3dc173c870ca856478c7e20d43a 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
GET /files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2 HTTP/1.1
Host: static2.sharepointonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alerts-msteams-connector-test.dataminr.com
DNT: 1
Connection: keep-alive
Referer: https://alerts-msteams-connector-test.dataminr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 31824
content-type: application/font-woff2
content-md5: ZtEeVbekE932qE6Fhpfntg==
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
etag: 0x8D51CA4122953A7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1caabba9-601e-0091-4577-6ee39f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=23758079
date: Sat, 04 May 2024 08:41:34 GMT
X-Firefox-Spdy: h2
|
|
| alerts-msteams-connector-test.dataminr.com/favicon.ico | 54.236.219.1 | 404 Not Found | 11 kB |
URL GET HTTP/2alerts-msteams-connector-test.dataminr.com/favicon.ico IP54.236.219.1:443
Requested byhttps://alerts-msteams-connector-test.dataminr.com/ CertificateIssuerAmazon Subject*.dataminr.com FingerprintF6:E4:94:20:94:3B:F4:05:B1:72:44:C5:DF:CB:EC:6F:0D:09:EE:9A ValidityMon, 17 Jul 2023 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash9ba260a89f963f6198045604c00a9c62 8fdce570d3f98939245b03160b5c7ab2c06b4a2a b2c48a950f0b4fc40726c7fdd40d77d56801bf37b8c46d7a6473371cae80e2cc
GET /favicon.ico HTTP/1.1
Host: alerts-msteams-connector-test.dataminr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alerts-msteams-connector-test.dataminr.com/
Cookie: DM_STICKY=0230d46731451d3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 04 May 2024 08:41:34 GMT
content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| alerts-msteams-connector-test.dataminr.com/ | 54.236.219.1 | 200 OK | 582 B |
URL User Request GET HTTP/2alerts-msteams-connector-test.dataminr.com/ IP54.236.219.1:443
CertificateIssuerAmazon Subject*.dataminr.com FingerprintF6:E4:94:20:94:3B:F4:05:B1:72:44:C5:DF:CB:EC:6F:0D:09:EE:9A ValidityMon, 17 Jul 2023 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (614), with no line terminators Hash2352aed717e9aca4c506fa062cca5efa 8dfa489d8010c8a63946e9c79fca902ed3823969 1ff2a8f3e5e6507bb0fac97d7cb59fb06b2065d558f8900e215a6e04f8b301f4
GET / HTTP/1.1
Host: alerts-msteams-connector-test.dataminr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:41:33 GMT
content-type: text/html; charset=utf-8
content-disposition: inline; filename="index.html"
etag: W/"6ce75466207ac47ff346448edb489c0576d291b1"
content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
x-content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
vary: Accept-Encoding
set-cookie: DM_STICKY=0230d46731451d3e; path=/; HttpOnly; Secure; SameSite=Strict
cache-control: private
x-correlation-id: 30e7a5350ff70336343c17fa14f3bfe9
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOW-FROM https://teams.microsoft.com/, DENY
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alerts-msteams-connector-test.dataminr.com/static/js/main.6dbfb45b.js | 54.236.219.1 | 200 OK | 661 kB |
URL GET HTTP/2alerts-msteams-connector-test.dataminr.com/static/js/main.6dbfb45b.js IP54.236.219.1:443
Requested byhttps://alerts-msteams-connector-test.dataminr.com/ CertificateIssuerAmazon Subject*.dataminr.com FingerprintF6:E4:94:20:94:3B:F4:05:B1:72:44:C5:DF:CB:EC:6F:0D:09:EE:9A ValidityMon, 17 Jul 2023 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65465) Size661 kB (660859 bytes) Hash8056e91ebe7433e407d3a62f88c3b2d7 06d4cbcfe9ae8329832b541bbef636a35a3ecdcc d83dc4b4253dce0cc39664aa7e6af17b4221a873f28d40681ab19d9f1165f3bb
GET /static/js/main.6dbfb45b.js HTTP/1.1
Host: alerts-msteams-connector-test.dataminr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alerts-msteams-connector-test.dataminr.com/
Cookie: DM_STICKY=0230d46731451d3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:41:33 GMT
content-type: application/javascript; charset=utf-8
content-disposition: inline; filename="main.6dbfb45b.js"
accept-ranges: bytes
etag: "faf58450a925006b919ff4e14c8ef009e9f39181"
content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
x-content-security-policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
vary: Accept-Encoding
content-encoding: gzip
x-correlation-id: 6f883f6da859a61968654aee33e882ab
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOW-FROM https://teams.microsoft.com/, DENY
X-Firefox-Spdy: h2
|
|