Report - dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1

Report Overview

Submitted URL
dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1
IP
104.21.5.211
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-18 10:27:56
Access
public
Website Title
403 Forbidden
Final URL
dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dashboard-loginweb.com	unknown	unknown	No data	No data	2.6 kB	2.5 kB	172.67.133.218

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-18	medium	dashboard-loginweb.com	Sinkholed
2024-05-18	medium	dashboard-loginweb.com	Sinkholed
2024-05-18	medium	dashboard-loginweb.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1	1.1 kB	2024-05-18	2024-05-18
Pretty URL dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1 IP 172.67.133.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-18 12:28:02 Last Seen2024-05-18 12:28:02 Times Seen1 Hash ad60e666c6c1b0060d9a2c85c352813d 66257433b53519bd8a4a273892e0ac30a486cee0 6a2ca43c8d565b2aa8a2cf0c02eca26d1879efe9e82707b14f54f359cff7d8df Loading...

	unknown	247 B	2024-05-18	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-18 12:28:02 Last Seen2024-05-18 12:28:02 Times Seen1 Hash 8fd9b6ceaf2978522255cacf4b595c60 f428143f55188cf5d75d9638c92e07a5b000d097 e09feb3820f12b263405821e9a538869fed9a061951025cdcec4ee40552e5d73 Loading...

	dashboard-loginweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-18	2024-05-18
Pretty URL dashboard-loginweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.133.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-18 12:25:01 Last Seen2024-05-18 12:28:02 Times Seen3 Hash 8d102d5663b299320d6fb345967f958a e9ab589c4e8fe49eb8150d4c382a86e3c54f9bf3 ddfd403fbf2e4550027a22a84b5e976ad5d60bb1acf0b0520a83edc7db29ecbb Loading...

HTTP Transactions (3)

URL IP Response Size

dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1

172.67.133.218

167 B

URL
dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1
IP
172.67.133.218:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1 HTTP/1.1
Host: dashboard-loginweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: I7sGmxxJQ6bCWZ2vf3Ey23bUWck=xGvcNAUiktZj2YWAIWEVXrdZ9fc; JaGieGiBhbptvAr3XIOY84kM8_s=1716028043; ExwjJ78AvAp1ugmoiC5J8W0YHVo=1716114443; fiL2YFmlf_uVotoKmqYlhHll1b0=EvpKBDia9TNeE-VMQnqK0KKDZIc; 4eUb6hNWOLMaS4rCsGkhGdYbVE8=FCff_w9zEi-ldZz02fDj0jySEuw
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 18 May 2024 10:27:31 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 18 May 2024 11:27:31 GMT
Location: https://dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBDhUzvhLJgohS1qBsZkB4QLYfYQD4JAcCTQaGbfrIXoy4aVduni0L2lmndXQfvgtJ6oEmjSpvGw2go9tRDCXp7mOYKZ86bGmT0vKTR3Ck23vqW%2BXde8moklPoF69SEZvGzFvNW58M9y"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 885b27b8ecf556ae-OSL
alt-svc: h2=":443"; ma=60

dashboard-loginweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.133.218

0 B

URL
dashboard-loginweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.133.218:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dashboard-loginweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: I7sGmxxJQ6bCWZ2vf3Ey23bUWck=xGvcNAUiktZj2YWAIWEVXrdZ9fc; JaGieGiBhbptvAr3XIOY84kM8_s=1716028043; ExwjJ78AvAp1ugmoiC5J8W0YHVo=1716114443; fiL2YFmlf_uVotoKmqYlhHll1b0=EvpKBDia9TNeE-VMQnqK0KKDZIc; 4eUb6hNWOLMaS4rCsGkhGdYbVE8=FCff_w9zEi-ldZz02fDj0jySEuw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 18 May 2024 10:27:31 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FuzdpNdv32yaCWMdjnnT1wd2X6QN9ussw7%2B4dN83PWkhzqKiUsSBlZuD7W7lvgEUfq7Xsos%2BL1gJCQgP%2Bb6SQjt4J7vxkXJEiKkkJKgMJW3PSR6OrvtOVNNQjeKfA%2F0npP76Xj8NMUG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b27b9ee4556bd-OSL
alt-svc: h3=":443"; ma=86400

dashboard-loginweb.com/cdn-cgi/challenge-platform/h/b/jsd/r/885b27b90db9b518

172.67.133.218

0 B

URL
dashboard-loginweb.com/cdn-cgi/challenge-platform/h/b/jsd/r/885b27b90db9b518
IP
172.67.133.218:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/885b27b90db9b518 HTTP/1.1
Host: dashboard-loginweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12399
Origin: https://dashboard-loginweb.com
DNT: 1
Connection: keep-alive
Referer: https://dashboard-loginweb.com/truist/login.php?online_id=377e29a27c4e8d2c3915129b8login_id=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1&session=c9603482bbdb0c4bdf4b6000005d04a1c9603482bbdb0c4bdf4b6000005d04a1
Cookie: I7sGmxxJQ6bCWZ2vf3Ey23bUWck=xGvcNAUiktZj2YWAIWEVXrdZ9fc; JaGieGiBhbptvAr3XIOY84kM8_s=1716028043; ExwjJ78AvAp1ugmoiC5J8W0YHVo=1716114443; fiL2YFmlf_uVotoKmqYlhHll1b0=EvpKBDia9TNeE-VMQnqK0KKDZIc; 4eUb6hNWOLMaS4rCsGkhGdYbVE8=FCff_w9zEi-ldZz02fDj0jySEuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 18 May 2024 10:27:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=pmeiUOc.0qWHqvCBBgOseJM_52XvqobkdvN0CZWMz1o-1716028051-1.0.1.1-gaNpE3W5Tm1_PDuwXJ22LXoXEMk89JVLlppSbIOAJFHvkoF6GMjWBbDQ2tRVnerztXgqSBusNJFAybJZmT6k.g; Path=/; Expires=Sun, 18-May-25 10:27:31 GMT; Domain=.dashboard-loginweb.com; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJhgS%2BmposPZoG9LVenCTdsru5nqNz%2F8%2FPTQu2MV3psHYl2bSS9xP83x4eoiNGWeTCBUyRLKxAux2lMWX1oVfbaUKuX9bapPGJJlznZhURf1ZU2rapPD6%2B%2B3VVvUVOpRgMKOpEzCLevh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 885b27baffe256bd-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (3)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers