| mekongcapital-login.microsoftonline.ojsiyspovtctkypr.click/Applicationview/1934b43d78fe6856ddfd17a6e7bdd3c0/6607ee7c575fa619d97c2caf | 146.190.168.156 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1mekongcapital-login.microsoftonline.ojsiyspovtctkypr.click/Applicationview/1934b43d78fe6856ddfd17a6e7bdd3c0/6607ee7c575fa619d97c2caf IP146.190.168.156:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectojsiyspovtctkypr.click FingerprintC7:B3:99:65:5E:AE:A5:A7:2C:04:3C:D4:25:71:9A:CF:12:EF:D9:03 ValiditySun, 14 Apr 2024 19:38:26 GMT - Sat, 13 Jul 2024 19:38:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed |
GET /Applicationview/1934b43d78fe6856ddfd17a6e7bdd3c0/6607ee7c575fa619d97c2caf HTTP/1.1
Host: mekongcapital-login.microsoftonline.ojsiyspovtctkypr.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://onedrive.live.com/le@mekongcapital.com
Vary: Origin
Date: Tue, 16 Apr 2024 17:44:35 GMT
Content-Length: 0
|
|
| onedrive.live.com/le@mekongcapital.com | 13.107.139.11 | 404 Not Found | 2.6 kB |
URL User Request GET HTTP/2onedrive.live.com/le@mekongcapital.com IP13.107.139.11:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectonedrive.com Fingerprint74:60:B4:06:AB:E1:E4:E4:BC:D5:29:ED:EC:F2:EC:D4:C3:67:DD:8A ValidityFri, 29 Mar 2024 05:42:16 GMT - Mon, 24 Mar 2025 05:42:16 GMT
File typeHTML document, ASCII text, with very long lines (560), with CRLF line terminators Hash418d9172b00b23336e7fed220ab678ac f48f594208b2ec3435cb3fa4ac6f95380c27176e 659d89ee1a9bcd94e7887d8c5c6227125a9f88b0e5d382712b87711b7ef9f2c4
GET /le@mekongcapital.com HTTP/1.1
Host: onedrive.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: no-cache, no-store
pragma: no-cache
content-length: 2614
content-type: text/html; charset=utf-8
expires: -1
set-cookie: E=P:xlGU4Txe3Ig=:rwkKtyJBFbauVoJFk/X/i2hf7tdpBpVxV5lNPBjyD9M=:F; domain=.live.com; path=/
xid=c4a451ac-03bf-4bd4-807b-d26e5b52af65&&ODSP-ODWEB-ODCF&144; domain=.live.com; path=/
xidseq=1; domain=.live.com; path=/
LD=; domain=.live.com; expires=Tue, 16-Apr-2024 16:04:35 GMT; path=/
wla42=; domain=live.com; expires=Tue, 23-Apr-2024 17:44:35 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: 7d7b586f58-jvdxr
x-odwebserver: eurwesteur002542-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8A69AF4B22814280AB6F58C14432FECC Ref B: SVG20EDGE0212 Ref C: 2024-04-16T17:44:35Z
date: Tue, 16 Apr 2024 17:44:35 GMT
X-Firefox-Spdy: h2
|
|
| onedrive.live.com/le@mekongcapital.com | 13.107.139.11 | 404 Not Found | 2.6 kB |
URL User Request GET HTTP/2onedrive.live.com/le@mekongcapital.com IP13.107.139.11:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectonedrive.com Fingerprint74:60:B4:06:AB:E1:E4:E4:BC:D5:29:ED:EC:F2:EC:D4:C3:67:DD:8A ValidityFri, 29 Mar 2024 05:42:16 GMT - Mon, 24 Mar 2025 05:42:16 GMT
File typeHTML document, ASCII text, with very long lines (560), with CRLF line terminators Hash418d9172b00b23336e7fed220ab678ac f48f594208b2ec3435cb3fa4ac6f95380c27176e 659d89ee1a9bcd94e7887d8c5c6227125a9f88b0e5d382712b87711b7ef9f2c4
GET /le@mekongcapital.com HTTP/1.1
Host: onedrive.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: E=P:xlGU4Txe3Ig=:rwkKtyJBFbauVoJFk/X/i2hf7tdpBpVxV5lNPBjyD9M=:F; xid=c4a451ac-03bf-4bd4-807b-d26e5b52af65&&ODSP-ODWEB-ODCF&144; xidseq=1; wla42=
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, no-store
pragma: no-cache
content-length: 2614
content-type: text/html; charset=utf-8
expires: -1
set-cookie: E=P:m3PG4Txe3Ig=:oqLrA493u6FZH0DYuvh+BkywSyX44C76zLujiZ7NaiM=:F; domain=.live.com; path=/
xidseq=2; domain=.live.com; path=/
LD=; domain=.live.com; expires=Tue, 16-Apr-2024 16:04:35 GMT; path=/
wla42=; domain=live.com; expires=Tue, 23-Apr-2024 17:44:35 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: 7d7b586f58-jvdxr
x-odwebserver: eurwesteur002542-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8B9BE387998F4526A67CBA08C3422165 Ref B: SVG20EDGE0212 Ref C: 2024-04-16T17:44:35Z
date: Tue, 16 Apr 2024 17:44:35 GMT
X-Firefox-Spdy: h2
|
|
| p.sfx.ms/images/favicon.ico | 20.101.246.164 | 200 OK | 7.9 kB |
URL GET HTTP/1.1p.sfx.ms/images/favicon.ico IP20.101.246.164:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://onedrive.live.com/le@mekongcapital.com CertificateIssuerMicrosoft Corporation Subjectonedrive.com FingerprintE9:FF:31:7F:0C:79:4E:6C:11:09:23:F9:09:E5:77:ED:06:E0:4D:ED ValiditySun, 11 Feb 2024 21:04:50 GMT - Wed, 05 Feb 2025 21:04:50 GMT
File typeMS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel Hash604adfb53677b5ca4f910ffb131b3e7c 5f1a0fb4e4ad3707e591ce16352158263488ed70 24638331466a52bb66f912090e7a9cc9e3df2236e39c187c9409104526b472b0
GET /images/favicon.ico HTTP/1.1
Host: p.sfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=86400
Content-Type: image/x-icon
Last-Modified: Fri, 19 Jan 2024 16:05:42 GMT
Accept-Ranges: bytes
ETag: "0cf185af14ada1:0"
Server: Microsoft-IIS/10.0
X-MSNServer: bfd6775f7-7ms6x
X-ODWebServer: eurwesteur107255-odwebp
Date: Tue, 16 Apr 2024 17:44:35 GMT
Content-Length: 7886
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=87FIVOCSAwkF14-dCC1JRDtBgv5WL5sBuuicRXrt-KRQJWhlq67d9XXK_wCajHVoY-uuovQsIn-DRfrAacal-ezu9LuOxzNWbws3mwF_PDRDkGMsbGU5nLIMjozu9no9
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 16 Apr 2024 17:43:43 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 70
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|