| zab2.za.com/cgi-bin/GlobalSources/?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO | 72.14.178.174 | | 660 B |
URL zab2.za.com/cgi-bin/GlobalSources/?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO IP72.14.178.174:0 ASN#63949 Akamai Connected Cloud
File typeHTML document, ASCII text, with very long lines (459) Hash94e567ca2adeb4bc2a41296a2588fb65 67eb590f3d7401bdcd39594e12137e15aeb6ad6d 37330a6c70517e31a4cdad1623ecf193fb5e927f52e8331efc5b6b9ef4d7a287
GET /cgi-bin/GlobalSources/?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO HTTP/1.1
Host: zab2.za.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Thu, 28 Mar 2024 23:38:25 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
|
| zab2.za.com/cgi-bin/GlobalSources?gp=1&js=1&uuid=1711669105.0012067333&other_args=eyJ1cmkiOiAiL2NnaS1iaW4vR2xvYmFsU291cmNlcyIsICJhcmdzIjogImVtYWlsPVtbLUVtYWlsLV1dJnNvdXJjZT1nbWFpbCZ1c3Q9MTY5MzgyMTkxOTY1NDAwMCZ1c2c9QU92VmF3M1NheHBaUm5VaWM2MTNuUWg0X29ETyIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 | 45.33.30.197 | 302 Found | 0 B |
URL User Request GET HTTP/1.1zab2.za.com/cgi-bin/GlobalSources?gp=1&js=1&uuid=1711669105.0012067333&other_args=eyJ1cmkiOiAiL2NnaS1iaW4vR2xvYmFsU291cmNlcyIsICJhcmdzIjogImVtYWlsPVtbLUVtYWlsLV1dJnNvdXJjZT1nbWFpbCZ1c3Q9MTY5MzgyMTkxOTY1NDAwMCZ1c2c9QU92VmF3M1NheHBaUm5VaWM2MTNuUWg0X29ETyIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 IP45.33.30.197:80 ASN#63949 Akamai Connected Cloud
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/GlobalSources?gp=1&js=1&uuid=1711669105.0012067333&other_args=eyJ1cmkiOiAiL2NnaS1iaW4vR2xvYmFsU291cmNlcyIsICJhcmdzIjogImVtYWlsPVtbLUVtYWlsLV1dJnNvdXJjZT1nbWFpbCZ1c3Q9MTY5MzgyMTkxOTY1NDAwMCZ1c2c9QU92VmF3M1NheHBaUm5VaWM2MTNuUWg0X29ETyIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: zab2.za.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://zab2.za.com/cgi-bin/GlobalSources/?email=[[-Email-]]&source=gmail&ust=1693821919654000&usg=AOvVaw3SaxpZRnUic613nQh4_oDO
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Thu, 28 Mar 2024 23:38:26 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.za.com/?tm=1&subid4=1711669106.0130110000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 7
x-mtm-prov: 78:0.00;445:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ6YWIyLnphLmNvbSIsImh0dHA6Ly93d3cxLnphLmNvbS8_dG09MSZzdWJpZDQ9MTcxMTY2OTEwNi4wMTMwMTEwMDAwJktXMT1QZXJzb25hbCUyMExvYW5zJktXMj1DcmVkaXQlMjBDYXJkcyZLVzM9Q2FyJTIwSW5zdXJhbmNlJnNlYXJjaGJveD0wJmRvbWFpbm5hbWU9MCZiYWNrZmlsbD0wIiwxLCIyMDI0LTAzLTI4IDIzOjM4OjI2IiwxLCIxNzExNjY5MTA2LjAxMzAxMTAwMDAiLDQ0NSxudWxsLG51bGxd:1rpzKE:UUowKQeM17YBvln5yP-PmonXc9o; expires=Fri, 29-Mar-2024 00:38:26 GMT; Max-Age=3600; Path=/
connection: close
|
| www1.za.com/?tm=1&subid4=1711669106.0130110000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0 | 0.0.0.0 | | 0 B |
URL User Request GET www1.za.com/?tm=1&subid4=1711669106.0130110000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?tm=1&subid4=1711669106.0130110000&KW1=Personal%20Loans&KW2=Credit%20Cards&KW3=Car%20Insurance&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.za.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|