test-bh-prod-automation-malware.com Threat Intelligence and Information

Nov 17, 2022 domainpage

Host Location

Dig Results

  • Got answer:
  • -»HEADER«- opcode: QUERY, status: NOERROR, id: 29074
  • flags: qr rd ra QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  • OPT PSEUDOSECTION:
  • EDNS: version: 0, flags: udp: 1232
  • QUESTION SECTION:
  • test-bh-prod-automation-malware.com. IN A
  • ANSWER SECTION:
  • test-bh-prod-automation-malware.com. 14387 IN A 162.241.216.194
  • Query time: 16 msec
  • SERVER: 192.168.1.153(192.168.1.1) (UDP)
  • WHEN: Thu Nov 17 21:31:03 UTC 2022
  • MSG SIZE rcvd: 80

DNS Records

Whois Data

  • Domain Name: TEST-BH-PROD-AUTOMATION-MALWARE.COM
  • Registry Domain ID: 2737003156_DOMAIN_COM-VRSN
  • Registrar URL: http://www.fastdomain.com
  • Updated Date: 2022-11-07T12:23:23Z
  • Creation Date: 2022-11-07T12:23:23Z
  • Registry Expiry Date: 2023-11-07T12:23:23Z
  • Registrar: FastDomain Inc.
  • Registrar IANA ID: 1154
  • Registrar Abuse Contact Email:
  • Registrar Abuse Contact Phone:
  • Name Server: NS1.BLUEHOST.COM
  • Name Server: NS2.BLUEHOST.COM
  • DNSSEC: unsigned
  • Domain Name: TEST-BH-PROD-AUTOMATION-MALWARE.COM
  • Registry Domain ID: 10153763
  • Registrar URL: http://www.bluehost.com/
  • Updated Date: 2022-11-07T12:23:25Z
  • Creation Date: 2022-11-07T12:23:21Z
  • Registrar Registration Expiration Date: 2023-11-07T12:23:21Z
  • Registrar: FastDomain Inc.
  • Registrar IANA ID: 1154
  • Registrar Abuse Contact Email: tos@fastdomain.com
  • Registrar Abuse Contact Phone: 888-210-3278
  • Reseller: BlueHost.Com
  • Registry Registrant ID: FAST-111369499
  • Registrant Name: DOMAIN ADMIN
  • Registrant Organization: DOMAIN PRIVACY SERVICE FBO REGISTRANT
  • Registrant Street: 5335 GATE PKWY.
  • Registrant City: JACKSONVILLE
  • Registrant State/Province: FLORIDA
  • Registrant Postal Code: 32256
  • Registrant Country: US
  • Registrant Phone: +1.8017659400
  • Registrant Phone Ext:
  • Registrant Fax:
  • Registrant Fax Ext:
  • Registry Admin ID: FAST-111369499
  • Admin Name: DOMAIN ADMIN
  • Admin Organization: DOMAIN PRIVACY SERVICE FBO REGISTRANT
  • Admin Street: 5335 GATE PKWY.
  • Admin City: JACKSONVILLE
  • Admin State/Province: FLORIDA
  • Admin Postal Code: 32256
  • Admin Country: US
  • Admin Phone: +1.8017659400
  • Admin Phone Ext:
  • Admin Fax:
  • Admin Fax Ext:
  • Registry Tech ID: FAST-111369499
  • Tech Name: DOMAIN ADMIN
  • Tech Organization: DOMAIN PRIVACY SERVICE FBO REGISTRANT
  • Tech Street: 5335 GATE PKWY.
  • Tech City: JACKSONVILLE
  • Tech State/Province: FLORIDA
  • Tech Postal Code: 32256
  • Tech Country: US
  • Tech Phone: +1.8017659400
  • Tech Phone Ext:
  • Tech Fax:
  • Tech Fax Ext:
  • Name Server: NS1.BLUEHOST.COM
  • Name Server: NS2.BLUEHOST.COM
  • DNSSEC: unsigned

SSL Certificate Information

  • Certificate:
  • Data:
  • Version: 3 (0x2)
  • Serial Number:
  • 04:ee:a0:a4:fe:07:3c:90:a3:c8:3a:9c:1f:ae:4a:6e:71:09
  • Signature Algorithm: sha256WithRSAEncryption
  • Issuer: C = US, O = Let’s Encrypt, CN = R3
  • Validity
  • Not Before: Nov 7 13:02:39 2022 GMT
  • Not After : Feb 5 13:02:38 2023 GMT
  • Subject: CN = autodiscover.test-bh-prod-automation-malware.com
  • Subject Public Key Info:
  • Public Key Algorithm: rsaEncryption
  • Public-Key: (2048 bit)
  • Modulus:
  • 00:c4:47:2b:ff:7f:bb:50:74:b3:46:21:f2:63:03:
  • 41:40:ad:6a:2b:69:60:9a:22:3a:32:d7:ac:17:30:
  • 90:a2:49:a4:4c:9d:84:3d:1b:4e:2f:63:c6:0a:71:
  • 08:62:fe:e0:ca:c4:23:cd:d0:fa:54:de:5a:8b:72:
  • ac:a3:1d:e0:4c:54:51:1e:81:b0:a1:6e:0c:03:d6:
  • 75:d8:31:78:81:b0:3a:2c:2b:76:ae:fd:9d:77:4b:
  • 49:d3:2f:a6:f5:7a:27:f6:5d:c1:f7:1d:1e:72:12:
  • 73:a6:43:85:91:42:e3:6e:b9:72:5b:d3:5a:cb:c9:
  • 29:72:74:c9:02:4d:57:0b:af:28:46:3c:a0:93:c7:
  • 03:2b:4a:04:0e:fd:78:10:86:06:df:93:c0:4b:06:
  • 9a:28:3a:8f:ae:dd:f7:78:44:76:32:06:95:0d:26:
  • a5:61:0e:71:77:6b:fd:3c:d8:8d:10:39:e8:0e:2c:
  • ef:a8:79:98:f6:d9:1c:11:85:70:4f:96:bf:9d:29:
  • e4:58:02:4b:69:67:ea:4b:4c:26:cf:b6:55:8a:56:
  • b7:58:74:c0:72:5b:29:10:46:71:a1:85:68:e9:6c:
  • af:d8:d7:2c:2e:5f:4e:62:a3:cc:95:98:8e:53:cb:
  • 62:31:40:f1:b2:bf:7b:50:62:b2:90:d2:b3:c6:30:
  • 0f:7d
  • Exponent: 65537 (0x10001)
  • X509v3 extensions:
  • X509v3 Key Usage: critical
  • Digital Signature, Key Encipherment
  • X509v3 Extended Key Usage:
  • TLS Web Server Authentication, TLS Web Client Authentication
  • X509v3 Basic Constraints: critical
  • CA:FALSE
  • X509v3 Subject Key Identifier:
  • D7:55:01:27:36:2F:85:42:23:BD:C6:31:30:11:7D:80:6C:E7:FE:AD
  • X509v3 Authority Key Identifier:
  • 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
  • Authority Information Access:
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
  • X509v3 Subject Alternative Name:
  • DNS:autodiscover.test-bh-prod-automation-malware.com, DNS:cpanel.test-bh-prod-automation-malware.com, DNS:cpcalendars.test-bh-prod-automation-malware.com, DNS:cpcontacts.test-bh-prod-automation-malware.com, DNS:mail.test-bh-prod-automation-malware.com, DNS:test-bh-prod-automation-malware.com, DNS:webdisk.test-bh-prod-automation-malware.com, DNS:webmail.test-bh-prod-automation-malware.com, DNS:www.test-bh-prod-automation-malware.com
  • X509v3 Certificate Policies:
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
  • CT Precertificate SCTs:
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : B7:3E:FB:24:DF:9C:4D:BA:75:F2:39:C5:BA:58:F4:6C:
  • 5D:FC:42:CF:7A:9F:35:C4:9E:1D:09:81:25:ED:B4:99
  • Timestamp : Nov 7 14:02:39.495 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:87:1C:FC:83:4D:9B:A4:9D:34:8F:4F:
  • B8:2E:8E:32:1C:25:70:6E:AE:EE:C5:A9:1D:BE:51:FB:
  • 27:6F:89:6C:57:02:20:49:A1:C7:BD:85:D3:B8:4F:33:
  • BC:16:09:0A:5B:CB:F0:D5:41:B4:A3:79:54:FE:27:B6:
  • 09:B9:5D:E3:29:4D:9B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
  • 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
  • Timestamp : Nov 7 14:02:40.011 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:AF:D1:F8:ED:B3:3A:24:3C:A1:23:CC:
  • 5D:1F:FF:F7:B1:3E:9D:1B:60:C0:4B:7B:76:31:A0:34:
  • 1F:E3:DD:0F:AE:02:21:00:C8:8C:86:04:2C:DC:54:7D:
  • 8F:97:92:24:40:81:76:E2:DB:C2:AC:9E:68:76:02:F0:
  • 3A:ED:84:F7:8B:A2:B6:2D
  • Signature Algorithm: sha256WithRSAEncryption
  • Signature Value:
  • 83:3a:c9:aa:31:d7:0c:5c:08:46:76:49:c2:9d:21:34:26:d1:
  • 0d:f1:5a:17:1b:d0:18:6a:72:06:3c:6c:b5:fd:65:54:5b:02:
  • 5c:20:ee:dd:a6:02:49:98:c7:b1:d5:d4:61:7a:e7:8e:9b:36:
  • e0:4c:4a:c3:2f:53:37:57:f3:f3:4f:70:a3:ba:94:a2:b7:c6:
  • 02:72:3d:1f:a9:a9:22:06:0b:e6:75:ad:ba:c0:11:c5:a2:11:
  • 3c:bf:10:a8:e6:d6:72:e7:dd:bd:26:56:55:4d:5e:fb:61:a6:
  • 55:22:40:bb:2a:c4:29:48:f9:23:50:93:ef:8f:11:32:67:3c:
  • 01:d5:75:33:63:05:cc:44:e9:e2:b7:03:c7:e3:77:46:7c:08:
  • 78:67:92:8f:8a:5f:d6:e5:90:7e:ca:a4:a6:f9:a6:ce:64:6f:
  • 9c:2a:89:02:4f:b0:f8:52:df:ba:10:b5:c7:d4:50:e6:f0:6f:
  • 83:55:b9:8e:24:2d:74:23:b3:83:01:cd:9d:03:27:e7:30:77:
  • e5:27:1f:46:ef:de:37:c9:23:81:e8:1d:22:5a:f2:43:de:e8:
  • 00:f4:7b:7d:53:b2:9b:28:47:bf:37:7b:5f:85:cd:4a:9a:c4:
  • ee:eb:ff:15:66:97:a5:8d:63:09:91:e6:10:94:0a:e6:60:07:
  • 7f:fd:95:09

Sitemap

Technologies

Pure-FTPd OpenSSH Exim smtpd Apache httpd Apache httpd Exim smtpd Exim smtpd OpenSSH MySQL PostgreSQL

*** Virustotal ***

*** WayBackMachine ***

Share on: