| temp.sh/qbDHw/jettransemp20.xlsx | 51.91.79.17 | 301 Moved Permanently | 14 B |
URL User Request GET HTTP/1.1temp.sh/qbDHw/jettransemp20.xlsx IP51.91.79.17:80
File typeASCII text, with no line terminators Hash5251010ec9e364492c236bf8b9983928 a22e9c3b6a9f5c70de4f76a464810ecba1fb97c3 3521021a2e875fbc52ae82e2a3fea5024d507bbc919f504ca8521292c3fe14d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qbDHw/jettransemp20.xlsx HTTP/1.1
Host: temp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 NOT FOUND
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 19:06:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14
Connection: keep-alive
|
| temp.sh/qbDHw/jettransemp20.xlsx | 51.91.79.17 | 301 Moved Permanently | 178 B |
URL User Request GET HTTP/1.1temp.sh/qbDHw/jettransemp20.xlsx IP51.91.79.17:80
File typeHTML document, ASCII text, with CRLF line terminators Hashbd2695f4b079c71dbddde3436286fb9c 733c05da132193d6cf1d8e242d12e2525c03bab4 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qbDHw/jettransemp20.xlsx HTTP/1.1
Host: temp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 19:06:08 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://temp.sh/qbDHw/jettransemp20.xlsx
|
| temp.sh/qbDHw/jettransemp20.xlsx | 51.91.79.17 | 301 Moved Permanently | 14 B |
URL User Request GET HTTP/1.1temp.sh/qbDHw/jettransemp20.xlsx IP51.91.79.17:80
File typeASCII text, with no line terminators Hash5251010ec9e364492c236bf8b9983928 a22e9c3b6a9f5c70de4f76a464810ecba1fb97c3 3521021a2e875fbc52ae82e2a3fea5024d507bbc919f504ca8521292c3fe14d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qbDHw/jettransemp20.xlsx HTTP/1.1
Host: temp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 NOT FOUND
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 19:06:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14
Connection: keep-alive
|
IP51.91.79.17:443
Requested byhttps://temp.sh/qbDHw/jettransemp20.xlsx CertificateIssuerLet's Encrypt Subjecttemp.sh Fingerprint41:CB:B2:D7:55:C1:7B:F8:AC:BB:C2:78:14:C2:B4:03:73:FD:AF:19 ValiditySun, 25 Feb 2024 21:03:27 GMT - Sat, 25 May 2024 21:03:26 GMT
File typeHTML document, ASCII text Hash7dfb9a4219d20c6babc4877451844e3c 8b56a18d01c00f757df29faeb95b2711ecd3cd18 9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: temp.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://temp.sh/qbDHw/jettransemp20.xlsx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 NOT FOUND
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 19:06:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|