Report - apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbruh.ir%2Fwell%2Fbf3.php&data=05%7C02%7Cgrace.liang%40oocl.com%7Cab5856e2936148f75f6908dd34e2cd27%7C7851b4cc2c5c459f96d916731d6b4ca4%7C0%7C0%7C638724870923814978%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C60000%7C%7C%7C&sdata=na2CwOLuwuSsIvzVXJO24FJZJiVWvvbO2N5nVRAzI4c%3D&reserved=0

Report Overview

Visited public
2025-01-15 03:26:19
Tags
URL
apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbruh.ir%2Fwell%2Fbf3.php&data=05%7C02%7Cgrace.liang%40oocl.com%7Cab5856e2936148f75f6908dd34e2cd27%7C7851b4cc2c5c459f96d916731d6b4ca4%7C0%7C0%7C638724870923814978%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C60000%7C%7C%7C&sdata=na2CwOLuwuSsIvzVXJO24FJZJiVWvvbO2N5nVRAzI4c%3D&reserved=0
Finishing URL
bruh.ir/well/bf3.php
IP / ASN
104.47.26.92
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
403 Forbidden

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
apc01.safelinks.protection.outlook.com	62006	1994-08-18	2017-09-19	2025-01-10	871 B	798 B	104.47.26.92
bruh.ir	unknown	unknown	2023-08-07	2024-03-19	1.2 kB	6.4 kB	193.36.85.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

	URL	IP	Response	Size
	apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbruh.ir%2Fwell%2Fbf3.php&data=05%7C02%7Cgrace.liang%40oocl.com%7Cab5856e2936148f75f6908dd34e2cd27%7C7851b4cc2c5c459f96d916731d6b4ca4%7C0%7C0%7C638724870923814978%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C60000%7C%7C%7C&sdata=na2CwOLuwuSsIvzVXJO24FJZJiVWvvbO2N5nVRAzI4c%3D&reserved=0	104.47.26.92	302 Found	145 B
URL User Request GET HTTP/2 apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbruh.ir%2Fwell%2Fbf3.php&data=05%7C02%7Cgrace.liang%40oocl.com%7Cab5856e2936148f75f6908dd34e2cd27%7C7851b4cc2c5c459f96d916731d6b4ca4%7C0%7C0%7C638724870923814978%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C60000%7C%7C%7C&sdata=na2CwOLuwuSsIvzVXJO24FJZJiVWvvbO2N5nVRAzI4c%3D&reserved=0 IP 104.47.26.92:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subject.safelinks.protection.outlook.com FingerprintDC:A1:15:10:7E:EA:98:1B:4E:4B:4B:C4:62:56:08:B5:0E:D3:A5:89 ValiditySat, 02 Nov 2024 00:00:00 GMT - Sat, 01 Nov 2025 23:59:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 145 B (145 bytes) Hash 0cb8ef37104b63972baa735369cb90df 6eba7641965a986257f26ade46dc11802c8aecba 9252c683519d27c6360fc5c331627d78f4e711a3d48f44862ff15e85700affbb HTTP Headers GET /?url=https%3A%2F%2Fbruh.ir%2Fwell%2Fbf3.php&data=05%7C02%7Cgrace.liang%40oocl.com%7Cab5856e2936148f75f6908dd34e2cd27%7C7851b4cc2c5c459f96d916731d6b4ca4%7C0%7C0%7C638724870923814978%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C60000%7C%7C%7C&sdata=na2CwOLuwuSsIvzVXJO24FJZJiVWvvbO2N5nVRAzI4c%3D&reserved=0 HTTP/1.1 Host: apc01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found cache-control: private content-type: text/html; charset=utf-8 location: https://bruh.ir/well/bf3.php server: Microsoft-IIS/10.0 x-aspnetmvc-version: 5.2 x-sl-geturlreputation-verdict: Good x-robots-tag: noindex, nofollow x-aspnet-version: 4.0.30319 x-servername: SG2APC01WS0044 x-serverversion: 15.20.8356.010 x-serverlat: 1183 x-safelinks-tracking-id: 454fb77b-708a-430c-253b-08dd35145280 x-powered-by: ASP.NET x-content-type-options: nosniff x-ua-compatible: IE=Edge strict-transport-security: max-age=63072000; includeSubDomains; preload date: Wed, 15 Jan 2025 03:25:56 GMT content-length: 145 X-Firefox-Spdy: h2

	bruh.ir/well/bf3.php	193.36.85.11	403 Forbidden	1.2 kB
URL User Request GET HTTP/2 bruh.ir/well/bf3.php IP 193.36.85.11:443 ASN #212552 BitCommand LLC Certificate IssuerLet's Encrypt Subjectwww.bruh.ir FingerprintCB:AB:74:CD:59:B5:BE:4B:03:09:2B:18:42:A1:D9:21:11:8C:43:10 ValidityMon, 18 Nov 2024 11:40:07 GMT - Sun, 16 Feb 2025 11:40:06 GMT File type HTML document, ASCII text, with CRLF, LF line terminators Size 1.2 kB (1229 bytes) Hash 836004c8a38e0896f13e0e3684e7b042 a8b35765b1909aa611fee787e551eca2874310bc 1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7 HTTP Headers `GET /well/bf3.php HTTP/1.1 Host: bruh.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 403 Forbidden cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 1229 date: Wed, 15 Jan 2025 03:25:57 GMT server: LiteSpeed vary: User-Agent alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2`

	bruh.ir/well/bf3.php	193.36.85.11	403 Forbidden	1.2 kB
URL User Request GET HTTP/2 bruh.ir/well/bf3.php IP 193.36.85.11:443 ASN #212552 BitCommand LLC Certificate IssuerLet's Encrypt Subjectwww.bruh.ir FingerprintCB:AB:74:CD:59:B5:BE:4B:03:09:2B:18:42:A1:D9:21:11:8C:43:10 ValidityMon, 18 Nov 2024 11:40:07 GMT - Sun, 16 Feb 2025 11:40:06 GMT File type HTML document, ASCII text, with CRLF, LF line terminators Size 1.2 kB (1229 bytes) Hash 836004c8a38e0896f13e0e3684e7b042 a8b35765b1909aa611fee787e551eca2874310bc 1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7 HTTP Headers `GET /well/bf3.php HTTP/1.1 Host: bruh.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 1229 date: Wed, 15 Jan 2025 03:25:57 GMT server: LiteSpeed vary: User-Agent`

	bruh.ir/favicon.ico	193.36.85.11	200 OK	2.9 kB
URL GET HTTP/1.1 bruh.ir/favicon.ico IP 193.36.85.11:80 ASN #212552 BitCommand LLC Requested by http://bruh.ir/well/bf3.php File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Size 2.9 kB (2855 bytes) Hash b14064fb2573aba08ddd921af8fd9fa4 1bcfe8f7d43fd059485d6331949ab0363f5ee864 24c1174a80c7921e704ed2e3a490844f562b035d2eed985d9f0f3798c31f7d02 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: bruh.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://bruh.ir/well/bf3.php Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Wed, 22 Jan 2025 03:25:57 GMT content-type: image/x-icon last-modified: Thu, 30 Nov 2023 22:46:20 GMT accept-ranges: bytes content-length: 2855 date: Wed, 15 Jan 2025 03:25:57 GMT server: LiteSpeed vary: User-Agent`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers