| www009.prostaff.cloud/default.asp?end=1 | 52.168.88.135 | 200 OK | 18 kB |
URL User Request GET HTTP/2www009.prostaff.cloud/default.asp?end=1 IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeHTML document, ASCII text, with very long lines (353), with CRLF line terminators Hash84b1072ca8a8354b9c63b954c6001857 4eeb4bff14972d07b4e32a890c46bb600fffc214 4df4d0bca63972ecf8dba11e2f647468cd85dd339d7955c6885201ff91c8edf4
GET /default.asp?end=1 HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private
content-type: text/html
server: Microsoft-IIS/10.0
set-cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF; secure; path=/
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 18106
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/default.js | 52.168.88.135 | 200 OK | 20 kB |
URL GET HTTP/2www009.prostaff.cloud/default.js IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash92d2a9f9c7ee74e9185e3cd0e431b09b 65917c1482f2c3a2427d74a72fee2ee04f463799 dd1e094fe3b9d0870fb2e76bd57fe97aa789007b608f601ec0ee7a49169720c4
Analyzer | Verdict | Alert | Public InfoSec YARA rules | malware | Identifies tricks often seen in malicious scripts such as moving the window off-screen or resizing it to zero. |
GET /default.js HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 09 May 2023 21:18:24 GMT
accept-ranges: bytes
etag: "090c8c9bb82d91:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 19999
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/Scripts/jquery-3.6.3.min.js | 52.168.88.135 | 200 OK | 90 kB |
URL GET HTTP/2www009.prostaff.cloud/Scripts/jquery-3.6.3.min.js IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /Scripts/jquery-3.6.3.min.js HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 20:35:36 GMT
accept-ranges: bytes
etag: "0dcb2346b50d91:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 89947
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/AuthOptions/Common/Spinner.css | 52.168.88.135 | 200 OK | 7.0 kB |
URL GET HTTP/2www009.prostaff.cloud/AuthOptions/Common/Spinner.css IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeASCII text, with very long lines (356), with CRLF line terminators Hash3d393840359ebbb079a289c4335e8ea8 f73eae88a6f779a0702459bd10249fba946c0e9a 2097d33f8df3904f444ffb51df0ce528f2eed174210857ac9b088de770bf6af7
GET /AuthOptions/Common/Spinner.css HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 27 Feb 2020 00:03:46 GMT
accept-ranges: bytes
etag: "09d45611edd51:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 7021
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/images/ProStaff_Logo_RPS1.gif | 52.168.88.135 | 200 OK | 5.7 kB |
URL GET HTTP/2www009.prostaff.cloud/images/ProStaff_Logo_RPS1.gif IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeGIF image data, version 89a, 352 x 110 Hash9e78309d0b2b6518ab82eaf5ba05a78e 8cb83c72068224a25df64f1faa2ed0ddafd52739 162b380152a296042d7ca789a562d7be83eea2b534f89ea98d372b04f3d01120
GET /images/ProStaff_Logo_RPS1.gif HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Wed, 20 Jun 2012 01:11:24 GMT
accept-ranges: bytes
etag: "046159c814ecd1:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 5738
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/CSS/Login.css | 52.168.88.135 | 200 OK | 202 kB |
URL GET HTTP/2www009.prostaff.cloud/CSS/Login.css IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeASCII text, with very long lines (570), with CRLF line terminators Size202 kB (202478 bytes) Hasha0040e644bd8871d61c0c4774fd20a9e 7a1adc4acc0c7a8319b0c2f144601c7fd1e7ef0b 2d521c3e7cbf13cd3b5c48fa4e6dd8b664cb5e840e19cb338a014384356a5769
GET /CSS/Login.css HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 10 Jun 2021 04:20:48 GMT
accept-ranges: bytes
etag: "0d03cfdaf5dd71:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 202478
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/ControlTest.js | 52.168.88.135 | 200 OK | 3.5 kB |
URL GET HTTP/2www009.prostaff.cloud/ControlTest.js IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeASCII text, with CRLF line terminators Hashb31629963da91471252ba91128ff4a88 34c1cee695c563ec5e31318458e0dc7051ef3386 74c80f42413bc3a4d0e27fb0b81ca42d9298f3bbe0814247ed148ea569441251
GET /ControlTest.js HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Feb 2020 15:59:26 GMT
accept-ranges: bytes
etag: "0c3bf8df4ebd51:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 3505
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/CSS/Login.css | 52.168.88.135 | 200 OK | 26 kB |
URL GET HTTP/2www009.prostaff.cloud/CSS/Login.css IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeASCII text, with very long lines (570), with CRLF line terminators Hasha0040e644bd8871d61c0c4774fd20a9e 7a1adc4acc0c7a8319b0c2f144601c7fd1e7ef0b 2d521c3e7cbf13cd3b5c48fa4e6dd8b664cb5e840e19cb338a014384356a5769
GET /CSS/Login.css HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 04:20:48 GMT
accept-ranges: bytes
etag: "0d03cfdaf5dd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 25709
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/AuthOptions/Common/Spinner.css | 52.168.88.135 | 200 OK | 696 B |
URL GET HTTP/2www009.prostaff.cloud/AuthOptions/Common/Spinner.css IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeASCII text, with very long lines (356), with CRLF line terminators Hash3d393840359ebbb079a289c4335e8ea8 f73eae88a6f779a0702459bd10249fba946c0e9a 2097d33f8df3904f444ffb51df0ce528f2eed174210857ac9b088de770bf6af7
GET /AuthOptions/Common/Spinner.css HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF; SelSchIDs=; CkPstType=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 00:03:46 GMT
accept-ranges: bytes
etag: "09d45611edd51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 696
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/images/Logo/Right.jpg | 52.168.88.135 | 200 OK | 86 kB |
URL GET HTTP/2www009.prostaff.cloud/images/Logo/Right.jpg IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 637x945, components 3 Hash11d7ba0aaaab5baeaef9f452716bd0a1 c4efc22f13080ed275a0cd0457640a45ebff980e 57cb1ecf443c25562b910df25a263491c0052b2d65f5e54fef6293372c5572e6
GET /images/Logo/Right.jpg HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF; SelSchIDs=; CkPstType=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 04 Jun 2021 03:04:52 GMT
accept-ranges: bytes
etag: "0e22b63ee58d71:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:22 GMT
content-length: 85700
X-Firefox-Spdy: h2
|
|
| www009.prostaff.cloud/images/procon.ico | 52.168.88.135 | 200 OK | 18 kB |
URL GET HTTP/2www009.prostaff.cloud/images/procon.ico IP52.168.88.135:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www009.prostaff.cloud/default.asp?end=1 CertificateIssuerGoDaddy.com, Inc. Subject*.prostaff.cloud Fingerprint8B:23:8C:B2:27:F6:8D:00:03:54:4C:E6:76:45:96:F2:99:73:DE:49 ValidityTue, 03 Oct 2023 22:46:35 GMT - Sat, 02 Nov 2024 16:09:05 GMT
File typeMS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hashc36fea75dad920faaecd31a902ea096f f24e83edfc9ce4270844fc2bacbf201e85dbdf51 0a95ab5cea87e5772fe7a8dbc3c3e530dd56d9b4846ba9417bac0b7ba4c14007
GET /images/procon.ico HTTP/1.1
Host: www009.prostaff.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www009.prostaff.cloud/default.asp?end=1
Cookie: ASPSESSIONIDAECRBDDD=CMJLGBOCIPCOAIMINMNFACOF; SelSchIDs=; CkPstType=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Tue, 25 Feb 2020 15:59:56 GMT
accept-ranges: bytes
etag: "066a19ff4ebd51:0"
server: Microsoft-IIS/10.0
date: Fri, 10 May 2024 09:44:23 GMT
content-length: 17542
X-Firefox-Spdy: h2
|
|