| support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ | 176.34.253.188 | 200 OK | 1.2 kB |
URL User Request GET HTTP/2support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ IP176.34.253.188:443
CertificateIssuerZeroSSL Subject Fingerprint8F:8E:FC:25:09:53:B0:44:DB:4E:65:63:35:16:9E:58:77:D3:16:F2 ValidityThu, 25 Jan 2024 00:00:00 GMT - Wed, 24 Apr 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash28bf066ad39417ea30b74c80cafbae24 6836ecf89de20d9b8a0aad757d06894aa6f6e8cd ec1052f7cafdb5284292176afb0b48998643c26ea326d87f72df5fd6e3b5d4af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
alt-svc: h3=":443"; ma=2592000
cache-control: private, max-age=0, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 07:15:15 GMT
etag: "28bf066ad39417ea30b74c80cafbae24"
server: Caddy, konimbo
x-envoy-upstream-service-time: 8
x-runtime: 1
content-length: 1233
X-Firefox-Spdy: h2
|
| ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js | 142.250.74.10 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP142.250.74.10:443
Requested byhttps://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32030) Hashe071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 11:40:47 GMT
expires: Tue, 22 Apr 2025 11:40:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 156868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/favicon.ico | 176.34.253.188 | 200 OK | 0 B |
URL GET HTTP/2support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/favicon.ico IP176.34.253.188:443
Requested byhttps://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ CertificateIssuerZeroSSL Subject Fingerprint8F:8E:FC:25:09:53:B0:44:DB:4E:65:63:35:16:9E:58:77:D3:16:F2 ValidityThu, 25 Jan 2024 00:00:00 GMT - Wed, 24 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443"; ma=2592000
content-type: image/vnd.microsoft.icon
date: Wed, 24 Apr 2024 07:15:15 GMT
last-modified: Mon, 08 Apr 2024 19:10:26 GMT
server: Caddy, konimbo
x-envoy-upstream-service-time: 7
content-length: 0
X-Firefox-Spdy: h2
|
| s3-eu-west-1.amazonaws.com/konimbobackupfiles/support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ | 52.92.34.120 | 403 Forbidden | 243 B |
URL GET HTTP/1.1s3-eu-west-1.amazonaws.com/konimbobackupfiles/support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ IP52.92.34.120:443
Requested byhttps://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ CertificateIssuerAmazon Subject*.s3-eu-west-1.amazonaws.com Fingerprint49:42:4E:99:9B:99:CB:89:18:03:B0:67:44:1E:3F:5D:9A:CD:21:1C ValidityWed, 31 Jan 2024 00:00:00 GMT - Wed, 15 Jan 2025 23:59:59 GMT
File typeXML 1.0 document, ASCII text Hash80d87c5a7787f49c8cfddb29451f4c8c 793e58e0aeff16567156d256ad73361c66ffcf30 4d61960ae3db84b581535370d4dbad17133992b01e1bbfc6f5f31d40eca0daf3
GET /konimbobackupfiles/support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/ HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com
DNT: 1
Connection: keep-alive
Referer: https://support.test.support.lyncdiscover.docs.hostmaster.login.img.mail5.shishartech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 9SSZ33BJXVX2GABD
x-amz-id-2: d/DpWsWwMWPZZX2PzMAHTPPQwrmjCS4znAuIC/Yz4UKutms9yKY1EhJPjtKYIcFX9WiNlFTX3G4=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Wed, 24 Apr 2024 07:15:15 GMT
Server: AmazonS3
|