{"report_id":"c544649b-d5cc-4c60-8e2f-ed74be6dd1cf","version":6,"status":"done","tags":[],"date":"2026-04-09T01:09:31Z","url":{"schema":"http","addr":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","fqdn":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","domain":"authsharedepointsonline.top","tld":"top"},"ip":{"addr":"75.119.137.73","port":0,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top/","fqdn":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","domain":"authsharedepointsonline.top","tld":"top"},"title":"XMail Server - Enterprise Email Solutions","dom":{"size":3769,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"6770b9c4455c69c9e7f131a44265cb26","sha1":"0fad93503bc449fd6b619f6346836b5d4bafd8ea","sha256":"1cc2b1ae362b9a7d82ec8a51cf5ccd3c0b00c73cb383c28c7bebfe0285a0bb48","sha512":"c5da8b7bb6d24d3d64b89b83c51d4a93b129c65ff94de869d460dbb1586853308137ea392e948bf615d6b44103ed31e51d5906fb1a47867a04d7087024a18757","ssdeep":"","tlshash":"c971542a92e311067a47d4a42f625b1a3f60c843950bcab43bdc93a8cfc98c5d9b731c","dom_hash":"domhashc868fd27b36b4b4345951c53b3ab2917","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","fqdn":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","domain":"authsharedepointsonline.top","tld":"top"},"ip":{"addr":"75.119.137.73","port":0,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-14T01:09:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","ip":{"addr":"75.119.137.73","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2026-04-08","domain_rank":0,"first_seen":"2026-04-08T12:25:23.532564Z","last_seen":"2026-04-08T12:25:23.532564Z","alert_count":4,"request_count":2,"received_data":8054,"sent_data":1062,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.29.2.3","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top/","fqdn":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","domain":"authsharedepointsonline.top","tld":"top"},"ip":{"addr":"75.119.137.73","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T01:09:10.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.login.authsharedepointsonline.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 08:47:27 GMT","end":"Tue, 07 Jul 2026 08:47:26 GMT"},"fingerprint":{"sha1":"C6:A6:3F:C3:5E:36:F4:B0:F1:16:7E:77:85:27:FF:B4:AB:36:07:97","sha256":"D4:74:0F:F2:00:84:85:D8:3B:BB:D2:71:DE:80:14:D4:49:FE:CC:02:C3:23:88:67:F0:19:1B:20:A4:5D:7D:11"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.29.2.3\r\ndate: Thu, 09 Apr 2026 01:09:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 3788\r\nlast-modified: Mon, 30 Mar 2026 17:02:22 GMT\r\netag: \"69caac9e-ecc\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.29.2.3","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3788,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ba1e5e884a83b00f87fada2017c27c80","sha1":"f3841985f64eff3d0586a8d73796fdeb9f29ede9","sha256":"88b92770a6b3257592e333b8fb33f6011373deab4bf0cc81aaa5ac1eaffa396c","sha512":"0ec62d3ae4b72bfa5ae233847609dab2a5b18c892defe4174f56afe0a31cea6a6d8aa48b3049a8f195baf97e8bf8973b283010f57222db7e16c85c91c69ef7a1","ssdeep":"","tlshash":"3271556a92e311067647d4942f625b1a3b608943940bcab53bdc93e8cfc99c5ddb731c","first_seen":"2026-04-09T01:09:33.150059Z","last_seen":"2026-04-09T01:21:30.453452Z","times_seen":3,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":95,"dns":41,"connect":22,"send":0,"wait":23,"receive":1,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top/favicon.ico","fqdn":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","domain":"authsharedepointsonline.top","tld":"top"},"ip":{"addr":"75.119.137.73","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top/","date":"2026-04-09T01:09:10.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.login.authsharedepointsonline.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 08:47:27 GMT","end":"Tue, 07 Jul 2026 08:47:26 GMT"},"fingerprint":{"sha1":"C6:A6:3F:C3:5E:36:F4:B0:F1:16:7E:77:85:27:FF:B4:AB:36:07:97","sha256":"D4:74:0F:F2:00:84:85:D8:3B:BB:D2:71:DE:80:14:D4:49:FE:CC:02:C3:23:88:67:F0:19:1B:20:A4:5D:7D:11"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.29.2.3\r\ndate: Thu, 09 Apr 2026 01:09:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 3788\r\nlast-modified: Mon, 30 Mar 2026 17:02:22 GMT\r\netag: \"69caac9e-ecc\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.29.2.3","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3788,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ba1e5e884a83b00f87fada2017c27c80","sha1":"f3841985f64eff3d0586a8d73796fdeb9f29ede9","sha256":"88b92770a6b3257592e333b8fb33f6011373deab4bf0cc81aaa5ac1eaffa396c","sha512":"0ec62d3ae4b72bfa5ae233847609dab2a5b18c892defe4174f56afe0a31cea6a6d8aa48b3049a8f195baf97e8bf8973b283010f57222db7e16c85c91c69ef7a1","ssdeep":"","tlshash":"3271556a92e311067647d4942f625b1a3b608943940bcab53bdc93e8cfc99c5ddb731c","first_seen":"2026-04-09T01:09:33.150059Z","last_seen":"2026-04-09T01:21:30.453452Z","times_seen":3,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-09","alert":"Phishing Block","trigger":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"un5nu885wq5t1nyda79cugcxxttg.login.authsharedepointsonline.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}