Report - joinupthegroup.xyz/

Report Overview

Submitted URL
joinupthegroup.xyz/
IP
45.32.80.111
ASN
#20473 AS-CHOOPA
Submitted
2024-04-24 04:20:27
Access
public
Website Title
Telegram: Join Group Chat
Final URL
joinupthegroup.xyz/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
joinupthegroup.xyz	unknown	unknown	No data	No data	8.4 kB	62 kB	45.32.80.111
userstatics.com	unknown	2020-11-05	2020-11-06	2024-04-18	445 B	826 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram
2024-04-23	medium	joinupthegroup.xyz/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	joinupthegroup.xyz/lander/real/js/tgwallpaper.min.js	3.4 kB	2023-12-25	2024-04-30
Pretty URL joinupthegroup.xyz/lander/real/js/tgwallpaper.min.js IP 45.32.80.111 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-25 04:25:08 Last Seen2024-04-30 06:43:18 Times Seen33 Hash 8da1d20d6422b5d3c4df8e303bf4dd4c b371df6ea243358b07d7145852589510105bdc22 1d724dbc182d52d1b7b367fcf6fa14a9ffac4a63c1de1d52648cf123f6c50593 Loading...

	joinupthegroup.xyz/	212 B	2024-03-14	2024-04-28
Pretty URL joinupthegroup.xyz/ IP 45.32.80.111 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-14 05:31:13 Last Seen2024-04-28 07:15:25 Times Seen4 Hash c45f9a74d74e2edd99dc2c4b26f58efb 30ab8573e487b4a49b210696349b3b281b2cb297 622c6625597ea7e6e600f46cd204bd9462f00ae4f93895014a8ea550249a89a6 Loading...

	joinupthegroup.xyz/	193 B	2023-03-07	2024-05-05
Pretty URL joinupthegroup.xyz/ IP 45.32.80.111 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:31:07 Last Seen2024-05-05 18:33:27 Times Seen3369 Hash 9c629a0c52a2afad699d260f673481fd a4fd0ed3e5daa31480eb6de0faa5d442f015cbf6 ea0d804370930ee958af535ce56cddf1dda419bdc676315ae8af0fbb4c733471 Loading...

	userstatics.com/get/script.js?referrer=https://joinupthegroup.xyz/	133 B	2023-11-04	2024-05-05
Pretty URL userstatics.com/get/script.js?referrer=https://joinupthegroup.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 00:48:23 Last Seen2024-05-05 20:57:57 Times Seen884 Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Loading...

	joinupthegroup.xyz/	1.3 kB	2024-03-14	2024-04-28
Pretty URL joinupthegroup.xyz/ IP 45.32.80.111 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-14 05:31:13 Last Seen2024-04-28 07:15:25 Times Seen4 Hash 1b3963b7a23f3a7dabb27e3fd1735b71 aebcdf0dfe408b5f21962f93a16e6a891531360d 69da0c4a5984d7049014defed1e9b0d5267528853386dc44a276b6514d80ac73 Loading...

HTTP Transactions (13)

URL IP Response Size

joinupthegroup.xyz/

45.32.80.111

200 OK

4.2 kB

URL User Request GET HTTP/1.1
joinupthegroup.xyz/
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3580)
Size
4.2 kB (4223 bytes)
Hash
e9a855eebf1a0c55097a59bc5251cb67
3f5cd5fdda844298c04d06cfefbcb55276d3e624
98a4be9a76623246bd4d5dc8bbde6480022788d92cf366a12caa356858a8f486

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET / HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: Wed, 24 Apr 2024 04:20:01 GMT
Set-Cookie: _subid=376l60jgtjr; expires=Sat, 25 May 2024 04:20:01 GMT; path=/
61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo; expires=Wed, 17 Aug 2078 08:40:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

joinupthegroup.xyz/lander/real/css/font-roboto.css

45.32.80.111

200 OK

641 B

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/css/font-roboto.css
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
ASCII text
Size
641 B (641 bytes)
Hash
c706681409217a14a24c7e2deb8cf423
08b443fe5bc6a223a9de08fb56282365b1d13857
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/css/font-roboto.css HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:02 GMT
Content-Type: text/css
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65e2402d-1816"
Expires: Sat, 04 May 2024 04:20:02 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

joinupthegroup.xyz/lander/real/css/bootstrap.min.css

45.32.80.111

200 OK

8.0 kB

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/css/bootstrap.min.css
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
ASCII text, with very long lines (42164)
Size
8.0 kB (8012 bytes)
Hash
c2656e265ef58a9cc9f4b70b15da5fb9
85c5ebdb89d4574d72688c2650d4b84b9b09770a
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/css/bootstrap.min.css HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:02 GMT
Content-Type: text/css
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65e2402d-a61b"
Expires: Sat, 04 May 2024 04:20:02 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

joinupthegroup.xyz/lander/real/js/tgwallpaper.min.js

45.32.80.111

200 OK

3.4 kB

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/js/tgwallpaper.min.js
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
JavaScript source, ASCII text, with very long lines (3386), with no line terminators
Size
3.4 kB (3386 bytes)
Hash
8da1d20d6422b5d3c4df8e303bf4dd4c
b371df6ea243358b07d7145852589510105bdc22
1d724dbc182d52d1b7b367fcf6fa14a9ffac4a63c1de1d52648cf123f6c50593

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/js/tgwallpaper.min.js HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:02 GMT
Content-Type: application/javascript
Content-Length: 3386
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Connection: keep-alive
ETag: "65e2402d-d3a"
Expires: Sat, 04 May 2024 04:20:02 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

joinupthegroup.xyz/lander/real/css/telegram.css

45.32.80.111

200 OK

22 kB

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/css/telegram.css
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
ASCII text, with very long lines (1267)
Size
22 kB (22424 bytes)
Hash
9828d719b220797e2946bbd81228dbbc
d47cf8bbea41e9a4b5de386b9874b0afee23d7b4
b3030073b7a27e6aa71567ddf670613ed83a63dde64c2ab6f537975bfd88e71a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/css/telegram.css HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:02 GMT
Content-Type: text/css
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65e2402d-1c07b"
Expires: Sat, 04 May 2024 04:20:02 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

joinupthegroup.xyz/img/tgme/pattern.svg?1

45.32.80.111

404 Not Found

146 B

URL GET HTTP/1.1
joinupthegroup.xyz/img/tgme/pattern.svg?1
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/lander/real/css/telegram.css
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

joinupthegroup.xyz/lander/real/images/fnCgD3XlHnT8bN-rLYVuyN-Ae5PZWWDQjYpZ7XaPY_kMVthi9hSHhR3hc1ru.jpg

45.32.80.111

200 OK

11 kB

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/images/fnCgD3XlHnT8bN-rLYVuyN-Ae5PZWWDQjYpZ7XaPY_kMVthi9hSHhR3hc1ru.jpg
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
Size
11 kB (11304 bytes)
Hash
7672e63e1d9b7d219961c5212b84f158
9dd7e3d2be78d1bed070030898ee3aacec994017
e8b9189a061de9f5c1fedd49acb17b5033907b935cb479f38467e92a4d8016b5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/images/fnCgD3XlHnT8bN-rLYVuyN-Ae5PZWWDQjYpZ7XaPY_kMVthi9hSHhR3hc1ru.jpg HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: image/jpeg
Content-Length: 11304
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Connection: keep-alive
ETag: "65e2402d-2c28"
Expires: Sat, 04 May 2024 04:20:03 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

joinupthegroup.xyz/lander/real/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

45.32.80.111

404 Not Found

146 B

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/lander/real/css/font-roboto.css
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo; PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

joinupthegroup.xyz/lander/real/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

45.32.80.111

404 Not Found

146 B

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/lander/real/css/font-roboto.css
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo; PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

joinupthegroup.xyz/img/tgme/pattern.svg?1

45.32.80.111

404 Not Found

146 B

URL GET HTTP/1.1
joinupthegroup.xyz/img/tgme/pattern.svg?1
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /img/tgme/pattern.svg?1 HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/lander/real/css/telegram.css
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo; PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

joinupthegroup.xyz/lander/real/images/website_icon.svg

45.32.80.111

200 OK

1.9 kB

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/images/website_icon.svg
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1896 bytes)
Hash
02f7553e1ac3129cd1c4d0442b5a0f81
0dd8634450681fe1a2d0c1e5b02d6d0954e2772d
0019255c610cb0843c524d7995905fa5201651fcc393846bee8414f0610097f5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/images/website_icon.svg HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo; PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: image/svg+xml
Content-Length: 1896
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Connection: keep-alive
ETag: "65e2402d-768"
Expires: Sat, 04 May 2024 04:20:03 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

joinupthegroup.xyz/lander/real/images/apple-touch-icon.png

45.32.80.111

200 OK

5.6 kB

URL GET HTTP/1.1
joinupthegroup.xyz/lander/real/images/apple-touch-icon.png
IP
45.32.80.111:443
ASN
#20473 AS-CHOOPA

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectjoinupthegroup.xyz
FingerprintF3:4F:3D:18:D6:85:40:54:84:39:F2:55:8F:96:0F:E7:FC:CA:F3:8D
ValidityTue, 23 Apr 2024 20:05:46 GMT - Mon, 22 Jul 2024 20:05:45 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
5.6 kB (5644 bytes)
Hash
295ccdb03006b8dfef45090dafbd46ac
491ab660270e47cbac6a5731c51cca71c1c1b2b1
a51d667d4262047c23e3a2a8aac3b46dc8a58c686cc013f2354011c07bf22cf3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lander/real/images/apple-touch-icon.png HTTP/1.1
Host: joinupthegroup.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Cookie: _subid=376l60jgtjr; 61775=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1XCI6MTcxMzkzMjQwMX0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MTM5MzI0MDF9LFwidGltZVwiOjE3MTM5MzI0MDF9In0.yV-ICDczjovxamZEDfxFj1Ne_QKNd6ve0umcMyBBSzo; PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:20:03 GMT
Content-Type: image/png
Content-Length: 5644
Last-Modified: Fri, 01 Mar 2024 20:53:01 GMT
Connection: keep-alive
ETag: "65e2402d-160c"
Expires: Sat, 04 May 2024 04:20:03 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

userstatics.com/get/script.js?referrer=https://joinupthegroup.xyz/

0.0.0.0

0 B

URL GET
userstatics.com/get/script.js?referrer=https://joinupthegroup.xyz/
IP
0.0.0.0:0
ASN
#0

Requested by
https://joinupthegroup.xyz/
Certificate
IssuerLet's Encrypt
Subjectuserstatics.com
FingerprintAB:62:24:6D:5D:BB:D9:D8:00:B7:CB:47:DD:7C:74:69:C8:48:16:49
ValidityThu, 28 Mar 2024 13:34:23 GMT - Wed, 26 Jun 2024 13:34:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /get/script.js?referrer=https://joinupthegroup.xyz/ HTTP/1.1
Host: userstatics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joinupthegroup.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:20:04 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.2.1
access-control-allow-origin: https://joinupthegroup.xyz
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y42EwsNw5boMIGCWI5IdFGtX%2BExstsm%2FXPmO1Qkxv4m%2F%2BQpKm7zqlVE2jPSB6fLh9UVSwiIZFy%2BnYFJAE%2BWQt4c5%2Bxz41Np%2FyGaKtxuiiFCUjli%2FwFqYQbQ6fRwoPypBmfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87934c756fcf56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections