Help
RSS
API
Feed
Maltego
Contact
Domain > gusch.gibaroo.com
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2024-09-15
78.46.0.147
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyDate: Sun, 15 Sep 2024 19:08:30 GMTServer: ApacheLocation: https://gusch.gibaroo.com/Content-Length: 301Content-Type: text/html; charsetiso-8859-1 !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN>html>head>title>301 Moved Permanently/title>/head>body>h1>Moved Permanently/h1>p>The document has moved a hrefhttps://gusch.gibaroo.com/>here/a>./p>hr>address>Apache Server at gusch.gibaroo.com Port 80/address>/body>/html>
Port 443
HTTP/1.1 200 OKDate: Sun, 15 Sep 2024 19:08:30 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Thu, 05 Jul 2018 12:20:35 GMTETag: e2b-5703f93060484Accept-Ranges: bytesContent-Length: 3627Content-Type: text/html !DOCTYPE html>html> head> meta charsetutf-8/> title>gusch/title> script typetext/javascript srcinstascan.min.js>/script> /head> body> video idpreview>/video> script typetext/javascript> /* let scanner new Instascan.Scanner({ video: document.getElementById(preview), mirror: false }); scanner.addListener(scan, function (content) { content JSON.parse(content); go_webpush(content.pushSubscription.endpoint, content.pushSubscription.keys.p256dh, content.pushSubscription.keys.auth, gusch); }); Instascan.Camera.getCameras().then(function (cameras) { if (cameras.length > 0) { if(cameras.length > 1) { scanner.start(cameras1); } else { scanner.start(cameras0); } } else { console.error(No cameras found.); } }).catch(function (e) { console.error(e); }); */ /script> script srccommon.js>/script> script srcfetch.js>/script> script srcder_lite.js>/script> script srcbase64.js>/script> script srcwebpush.js>/script> script srcvapid.js>/script> script>use strict;function go_webpush(endpoint, rKey, authKey, data) { let salt crypto.getRandomValues(new Uint8Array(16)); //let data get(data); let claims { exp: Math.round((new Date()).getTime() / 1000) + 12 * 60, sub: gusch@gibaroo.com }; vapid.sign(claims).then(vheaders > { delete(vheaders.publicKey); let vapid_headers JSON.stringify(vheaders); webpush({endpoint: endpoint, receiverKey: mzcc.strToArray(mzcc.fromUrlBase64(rKey)), authKey: mzcc.strToArray(mzcc.fromUrlBase64(authKey)).buffer}, data, salt) .then(options > { vapid_headers JSON.parse(vapid_headers); // Populate the extra fieldsconsole.log(vapid_headers); if (vapid_headers) { options.headers.set(authorization, vapid_headersauthorization); options.headers.set(crypto-key, options.headers.get(crypto-key) + , + vapid_headerscrypto-key); } send(options); }) .catch(e > { console.error(Error:, e); }); }).catch(function(err) {console.log(err);});}var mzcc new MozCommon();var vapid new VapidToken(mzcc);vapid.import_public_raw(BBSsatWIB05Hx3sV6Opw__8Mf1P0d1_1a7251KoigaA4o1WCOnkhXNZoLole_crQfc8LF2glHv1DGtLDoXT4pSU).then(function() { vapid.import_private_raw(BBSsatWIB05Hx3sV6Opw__8Mf1P0d1_1a7251KoigaA4o1WCOnkhXNZoLole_crQfc8LF2glHv1DGtLDoXT4pSU, a1dpxktQ2DuGtDpGzYquHvsSfwcgyu5QaFx_01yvScI).then(function() { var tmp JSON.parse({guschUsername:rossi,pushSubscription:{endpoint:https://updates.push.services.mozilla.com/wpush/v2/gAAAAABbOk17rNHDIboe_IGbNXWCzk7gmfOuxad6vET2hwd1fGzddjkCJurIXxZAf1L56UzRhDwe7bh7aKEl2IRI5Kca8UJpXdhrWvO_xB9RrPvbXPD5uaxB1NKWsUBPa6BpC8XR14z_Pqe1ooERk411clNnaqG-fA-W02Ikqh8diWbLVXu0X78,keys:{auth:ZyZDNLOtRGmw02h4_pzgLA,p256dh:BCUry2p0x1VuEVsPE-pKwoCini8SOxLvW9dJHcPBCu9emUnpPcQm6453-yDD8isqPGHLwewoG9a3KT7hxTPVXfw}}}); go_webpush(tmp.pushSubscription.endpoint, tmp.pushSubscription.keys.p256dh, tmp.pushSubscription.keys.auth, gusch); });});function show_ok(state, msg) { alert(msg); return;}function show_err(errMsg) { alert(errMsg); return;} /script> /body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]