Report - c12v2.net/admin.php?a=users&action=&d=0&form_id=17160260176133&form_token=23deb205f678b40f7c35a16236c89db2&o=&onpage=20&order=username-0&p=&q=Eng888&status=index.phpindex.phpindex.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid

Report Overview

Submitted URL
c12v2.net/admin.php?a=users&action=&d=0&form_id=17160260176133&form_token=23deb205f678b40f7c35a16236c89db2&o=&onpage=20&order=username-0&p=&q=Eng888&status=index.phpindex.phpindex.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=
IP
186.2.162.188
ASN
#59692 IQWeb FZ-LLC
Submitted
2024-05-18 09:57:39
Access
public
Website Title
c12v2.net
Final URL
c12v2.net/index.php?a=login&say=invalid_login&username=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
c12v2.net	unknown	unknown	No data	No data	16 kB	873 kB	186.2.162.188
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-17	430 B	751 B	151.101.129.229
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-18	876 B	58 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed
2024-05-18	medium	c12v2.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js	60 kB	2023-03-07	2024-06-01
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-06-01 18:36:00 Times Seen9442 Hash 61f338f870fcd0ff46362ef109d28533 b3c116c65e6f053aaab45e5619a78ec00271a50f 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Loading...

	c12v2.net/assets/js/formstyler55f5.js?r=89i8	18 kB	2023-11-21	2024-05-20
Pretty URL c12v2.net/assets/js/formstyler55f5.js?r=89i8 IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 07:32:55 Last Seen2024-05-20 22:42:39 Times Seen158 Hash 0a01df8d632279fd5cc53a02c5f4ef9f 83052236bab177ea292c032186ac21381d33f02d 11edf579c0208c871237a3363b423693e82028301796b861947a77d8a9b9ec13 Loading...

	c12v2.net/assets/js/clipboard.js	11 kB	2023-04-05	2024-05-22
Pretty URL c12v2.net/assets/js/clipboard.js IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 11:06:31 Last Seen2024-05-22 06:34:31 Times Seen118 Hash a6becb7b96fd335518795833c720e192 5a411183e83195bd2c7bd91aebf319836a19a145 2b190e04d5d5e3d432fef26de33fe30ec671cb9d5b3ee10b17fb54ee2ba9d6d5 Loading...

	c12v2.net/assets/js/liba676.js?r=Q6YB	13 kB	2024-05-16	2024-05-20
Pretty URL c12v2.net/assets/js/liba676.js?r=Q6YB IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-16 18:37:41 Last Seen2024-05-20 22:42:39 Times Seen154 Hash 6baefa226470667c49fd93a9ce92fd01 420c6c0618fec5bf82d9c1b3a02f70c15e7e20ff 2b0e3084cbfadcdd25d376da7c3f441a31333ee521b61914bfc386b6b1cb6cc1 Loading...

	c12v2.net/assets/js/global4418.js?r=2R0J	14 kB	2024-05-16	2024-05-20
Pretty URL c12v2.net/assets/js/global4418.js?r=2R0J IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-16 18:37:41 Last Seen2024-05-20 22:42:39 Times Seen154 Hash b5e7bb7998baa1855d23068c95bef03e 0c77f9946a7540e1a87776e2fa2bd8ba0222e2e4 18ed0f859074e47984aa47caf8b5385897ba24405ddd80f33c3acf8f6931883d Loading...

	c12v2.net/assets/js/template/authenticatee985.js?r=np03	123 B	2024-05-16	2024-05-18
Pretty URL c12v2.net/assets/js/template/authenticatee985.js?r=np03 IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-16 18:37:41 Last Seen2024-05-18 11:57:49 Times Seen102 Hash 0cc747bca02bfe9b0e4b5f9fc99d6d5f 256e061202c3a0ca0dd627a50595cd667fb36e5d dd8be6af30cc51046ad5182df5efa4dc4203a7af385503ef696c3e7a3f3c13a6 Loading...

	c12v2.net/index.php?a=login&say=invalid_login&username=	0 B	2023-03-07	2024-06-02
Pretty URL c12v2.net/index.php?a=login&say=invalid_login&username= IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-06-02 02:40:08 Times Seen38795917 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	c12v2.net/assets/js/jquery.js	90 kB	2024-05-16	2024-05-20
Pretty URL c12v2.net/assets/js/jquery.js IP 186.2.162.188 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-16 18:37:41 Last Seen2024-05-20 22:42:39 Times Seen154 Hash 03de77fdbc4b0c36b6ab7dc0dd1b7761 b5136ddf13fa64785abda1be362d098f8f947cd8 eb902d8b05b575f8491b7946d27e5599c4a820d3d1ab83d710731656ada919c8 Loading...

HTTP Transactions (31)

URL IP Response Size

c12v2.net/assets/css/formstyler.css

186.2.162.188

200 OK

636 B

URL GET HTTP/2
c12v2.net/assets/css/formstyler.css
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
636 B (636 bytes)
Hash
83ba63a4b688deb5bd6a15bb5b0ac9c4
624e5fe316dbb5eb5d316d49d9b706069e9fbcc0
b6cbf0f8613947a7707aec0be174ce1c9cfd16b75e330f1aac4a33b71edeada2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/formstyler.css HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 23:15:40 GMT
last-modified: Sat, 12 Nov 2022 23:48:46 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: gzip
vary: Accept-Encoding
age: 384092
content-length: 636
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/css/formstyler.theme.css

186.2.162.188

200 OK

2.1 kB

URL GET HTTP/2
c12v2.net/assets/css/formstyler.theme.css
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (506)
Size
2.1 kB (2137 bytes)
Hash
45929b37d5051372234ca4d603fcbb11
5d464702ffbce8f73139379568394689732ad549
8ddb060965730ddb8fd83e8a3897f129847f9a85cfde5cded2afd0bcbf5edd2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/formstyler.theme.css HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 15 May 2024 14:08:51 GMT
last-modified: Sat, 12 Nov 2022 23:48:46 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 244101
content-length: 2137
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/css/fonts664a.css?r=R9X6

186.2.162.188

200 OK

337 B

URL GET HTTP/2
c12v2.net/assets/css/fonts664a.css?r=R9X6
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
337 B (337 bytes)
Hash
8be0394221856d64bcff49b72464dd1d
f864e4d987d74f7a5b7322ca76ff63bceac4c2fb
62ff08969684a0ef22fa215f868e74c43ff2d240b0be149dc5f67deb62985caa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/fonts664a.css?r=R9X6 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 03:48:36 GMT
last-modified: Sat, 12 Nov 2022 23:48:44 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: gzip
vary: Accept-Encoding
age: 194916
content-length: 337
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/css/globale7ef.css?r=95aY

186.2.162.188

200 OK

907 B

URL GET HTTP/2
c12v2.net/assets/css/globale7ef.css?r=95aY
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
907 B (907 bytes)
Hash
75ea37f77fef886ee40bc3657a09e169
04eb0a462478f2b030c9978a93b5b2d9e5f50b52
12add4cdc6fa3812cbb37bafb011e9598d599bb28bdd3cd1639b52c6e313af0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/globale7ef.css?r=95aY HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 03:48:36 GMT
last-modified: Fri, 03 Feb 2023 13:26:00 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: gzip
vary: Accept-Encoding
age: 194916
content-length: 907
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/css/template/authenticate897a.css?r=e7028ad3ddf11de2c83f960a51ecabb5?r=O41P

186.2.162.188

200 OK

4.2 kB

URL GET HTTP/2
c12v2.net/assets/css/template/authenticate897a.css?r=e7028ad3ddf11de2c83f960a51ecabb5?r=O41P
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
4.2 kB (4223 bytes)
Hash
d1cfb2c2a6e38dd5c3f9c330e9f0cd87
25d51145264ae4d486fca958bb97c85302ee7602
858fae6edec7574208299642acab1b80ae8cc4c339c4aae334b96724460ae7e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/template/authenticate897a.css?r=e7028ad3ddf11de2c83f960a51ecabb5?r=O41P HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 18 May 2024 06:54:45 GMT
last-modified: Mon, 13 May 2024 19:46:54 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 10947
content-length: 4223
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/css/stylec15a.css?r=6M97

186.2.162.188

200 OK

2.2 kB

URL GET HTTP/2
c12v2.net/assets/css/stylec15a.css?r=6M97
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.2 kB (2166 bytes)
Hash
32381b96ed4b5371116f8dc2d5f47bcd
bdc27b3d817b3da4997b6251d4844bb978d6debd
e365d7bcaf39b0d65ca3a6f2c0a3e2e52c6954bde3c5d161a24abe605161c8b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/stylec15a.css?r=6M97 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 19:27:19 GMT
last-modified: Sun, 04 Dec 2022 19:07:36 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 138593
content-length: 2166
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/css/modals5ad7.css?r=8427

186.2.162.188

200 OK

1.9 kB

URL GET HTTP/2
c12v2.net/assets/css/modals5ad7.css?r=8427
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1941 bytes)
Hash
db17ce571f64d41f9291b65332a002dd
917e6c83d8d5e3e58e33e191fb60f58a6cc65e8d
0ffae74e93eb953e766d85f4b6a47223b943ff27cade51c8f6d5bd7e65513c83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/modals5ad7.css?r=8427 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 03:48:36 GMT
last-modified: Sun, 29 Jan 2023 18:31:52 GMT
accept-ranges: bytes
content-type: text/css
content-encoding: gzip
vary: Accept-Encoding
age: 194916
content-length: 1941
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/account/open-nav-icon.svg

186.2.162.188

200 OK

113 B

URL GET HTTP/2
c12v2.net/assets/img/template/account/open-nav-icon.svg
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
113 B (113 bytes)
Hash
67598b3b454464f21b042bc7e06ed7e4
393e9a8ac27339af5e50ac8d62911b390cb8fdd5
dd4653f5a1d40bfd6cae60787497e40704d16430b48cb97a2e4a049c7481cf50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/account/open-nav-icon.svg HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:48:56 GMT
last-modified: Sat, 12 Nov 2022 23:49:28 GMT
accept-ranges: bytes
content-type: image/svg+xml
content-encoding: br
vary: Accept-Encoding
age: 392896
content-length: 113
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/js/template/authenticatee985.js?r=np03

186.2.162.188

200 OK

82 B

URL GET HTTP/2
c12v2.net/assets/js/template/authenticatee985.js?r=np03
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
82 B (82 bytes)
Hash
0cc747bca02bfe9b0e4b5f9fc99d6d5f
256e061202c3a0ca0dd627a50595cd667fb36e5d
dd8be6af30cc51046ad5182df5efa4dc4203a7af385503ef696c3e7a3f3c13a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/template/authenticatee985.js?r=np03 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 00:17:26 GMT
last-modified: Sat, 11 Feb 2023 03:22:48 GMT
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 207586
content-length: 82
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/images/logo.png

186.2.162.188

200 OK

8.8 kB

URL GET HTTP/2
c12v2.net/images/logo.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 357 x 80, 8-bit/color RGBA, non-interlaced
Size
8.8 kB (8805 bytes)
Hash
32e50b27b7eb88a4e5cd2e429fb5bb24
dc6f8d7a112f95c1d61978a3baa417a7d9070eca
dc0547e0fa1ee579a6cb55df0d6376234c2d140ec858dd8070224ff95c0729b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 17 May 2024 23:11:03 GMT
last-modified: Fri, 10 May 2024 15:47:14 GMT
accept-ranges: bytes
content-length: 8805
content-type: image/png
age: 38769
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/sign-icon.png

186.2.162.188

200 OK

838 B

URL GET HTTP/2
c12v2.net/assets/img/template/sign-icon.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 33 x 34, 8-bit/color RGBA, non-interlaced
Size
838 B (838 bytes)
Hash
1d757c5327886eceaf68f9f314b7b43d
590ca8be512ec6a8b4546d960ceff262d2050482
4224b385d6b3798b612eb6def675f101fc02d8eb6cbdb0d8f85b27ad4e994bc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/sign-icon.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:48:57 GMT
last-modified: Wed, 11 Jan 2023 02:11:30 GMT
accept-ranges: bytes
content-length: 838
content-type: image/png
age: 392895
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/account/close-nav-icon.svg

186.2.162.188

200 OK

163 B

URL GET HTTP/2
c12v2.net/assets/img/template/account/close-nav-icon.svg
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
163 B (163 bytes)
Hash
4b638dab19f7243548f9102055ca5c28
75a400e47c989e3637c586c5387d026610585032
449880ba44623d7f9828eaf9532e0165916426c9ce329ba8c2803984ee59c324

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/account/close-nav-icon.svg HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 18:36:44 GMT
last-modified: Sat, 12 Nov 2022 23:49:28 GMT
accept-ranges: bytes
content-type: image/svg+xml
content-encoding: br
vary: Accept-Encoding
age: 141628
content-length: 163
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/authenticate/btn-yellow-arrow-right.png

186.2.162.188

200 OK

320 B

URL GET HTTP/2
c12v2.net/assets/img/template/authenticate/btn-yellow-arrow-right.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 34 x 18, 8-bit/color RGBA, non-interlaced
Size
320 B (320 bytes)
Hash
6cd71b717c56f021f08511dc94497b99
efc417feaae2089ef6ea18533b11d4f1b3bf716f
d35bc60a0e5a5afdb3c8ced1d8304a4873f0ccafdd9929896c7bc54f2de05662

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/authenticate/btn-yellow-arrow-right.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:49:35 GMT
last-modified: Sat, 11 Feb 2023 03:24:08 GMT
accept-ranges: bytes
content-length: 320
content-type: image/png
age: 392857
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/js/jquery.js

186.2.162.188

200 OK

30 kB

URL GET HTTP/2
c12v2.net/assets/js/jquery.js
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators
Size
30 kB (30457 bytes)
Hash
03de77fdbc4b0c36b6ab7dc0dd1b7761
b5136ddf13fa64785abda1be362d098f8f947cd8
eb902d8b05b575f8491b7946d27e5599c4a820d3d1ab83d710731656ada919c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.js HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:48:58 GMT
last-modified: Sat, 12 Nov 2022 23:49:42 GMT
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 392894
content-length: 30457
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/js/formstyler55f5.js?r=89i8

186.2.162.188

200 OK

4.7 kB

URL GET HTTP/2
c12v2.net/assets/js/formstyler55f5.js?r=89i8
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17590), with no line terminators
Size
4.7 kB (4682 bytes)
Hash
0a01df8d632279fd5cc53a02c5f4ef9f
83052236bab177ea292c032186ac21381d33f02d
11edf579c0208c871237a3363b423693e82028301796b861947a77d8a9b9ec13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/formstyler55f5.js?r=89i8 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 00:09:24 GMT
last-modified: Sat, 21 Jan 2023 20:27:32 GMT
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 208068
content-length: 4682
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/js/clipboard.js

186.2.162.188

200 OK

3.3 kB

URL GET HTTP/2
c12v2.net/assets/js/clipboard.js
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10809), with CRLF line terminators
Size
3.3 kB (3288 bytes)
Hash
1fc7e10d5a16956aafbeeb412d42761b
80c21b7caaa4876e6df3acbb4b2829357fa43212
c228a8e12e33827977851a6b9dde862feba61ac34c5ad5bc675e55603754d770

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/clipboard.js HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:48:58 GMT
last-modified: Sat, 12 Nov 2022 23:49:38 GMT
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 392894
content-length: 3288
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/js/liba676.js?r=Q6YB

186.2.162.188

200 OK

3.6 kB

URL GET HTTP/2
c12v2.net/assets/js/liba676.js?r=Q6YB
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.6 kB (3559 bytes)
Hash
6baefa226470667c49fd93a9ce92fd01
420c6c0618fec5bf82d9c1b3a02f70c15e7e20ff
2b0e3084cbfadcdd25d376da7c3f441a31333ee521b61914bfc386b6b1cb6cc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/liba676.js?r=Q6YB HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 00:09:24 GMT
last-modified: Fri, 03 Feb 2023 13:27:52 GMT
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 208068
content-length: 3559
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/js/global4418.js?r=2R0J

186.2.162.188

200 OK

3.3 kB

URL GET HTTP/2
c12v2.net/assets/js/global4418.js?r=2R0J
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.3 kB (3338 bytes)
Hash
b5e7bb7998baa1855d23068c95bef03e
0c77f9946a7540e1a87776e2fa2bd8ba0222e2e4
18ed0f859074e47984aa47caf8b5385897ba24405ddd80f33c3acf8f6931883d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/global4418.js?r=2R0J HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 15 May 2024 00:52:14 GMT
last-modified: Fri, 03 Feb 2023 13:27:50 GMT
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 291898
content-length: 3338
ddg-cache-status: HIT
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/popper.js%401.16.0/dist/umd/popper.min.js

151.101.129.229

400 Bad Request

62 B

URL GET HTTP/2
cdn.jsdelivr.net/npm/popper.js%401.16.0/dist/umd/popper.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
95c836cb803d6ee214a339a2e0f10a24
ad54d96843ff21db9c0deacc2c85d7f5ca9321fd
2a7c3f7bd05bac2b7f2dfd13729c5ea58966323e164d800a42a52bec2e48cc56

HTTP Headers

GET /npm/popper.js%401.16.0/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"3e-rVTZaEP/IducDerMLIXX9cqTIf0"
accept-ranges: bytes
date: Sat, 18 May 2024 09:57:12 GMT
age: 24486
x-served-by: cache-fra-etou8220111-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62
X-Firefox-Spdy: h2

c12v2.net/assets/fonts/bicubik-webfont.woff2

186.2.162.188

200 OK

9.8 kB

URL GET HTTP/2
c12v2.net/assets/fonts/bicubik-webfont.woff2
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9752, version 1.0
Size
9.8 kB (9752 bytes)
Hash
4ed9f4df90347f2aacc66f6a01f0fe5e
28ff79e8abf428074775dfdf637767cff5ff86d0
011a4e0b0ef63e6dafb399c73aecdfaa96c241fee4c9db38d8a5188c9b4e3552

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/bicubik-webfont.woff2 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/assets/css/fonts664a.css?r=R9X6
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 17 May 2024 22:37:57 GMT
last-modified: Sat, 12 Nov 2022 23:49:00 GMT
accept-ranges: bytes
content-length: 9752
content-type: font/woff2
age: 40755
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/fonts/magistralc-bold-webfont.woff2

186.2.162.188

200 OK

22 kB

URL GET HTTP/2
c12v2.net/assets/fonts/magistralc-bold-webfont.woff2
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21700, version 1.0
Size
22 kB (21700 bytes)
Hash
0cbf3e2a1dd60198292b81f94e3958cc
fb741fe4eae12f55b9d1f35dc279abfaafa8b9b7
7f25c525ef5f21568c2f2ab484ffdedd3762ad9696b37b2b1d7b926f58ae78ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/magistralc-bold-webfont.woff2 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/assets/css/fonts664a.css?r=R9X6
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:53:58 GMT
last-modified: Sat, 12 Nov 2022 23:49:02 GMT
accept-ranges: bytes
content-length: 21700
content-type: font/woff2
age: 392594
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/fonts/arkitech_bold-webfont.woff2

186.2.162.188

200 OK

19 kB

URL GET HTTP/2
c12v2.net/assets/fonts/arkitech_bold-webfont.woff2
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19152, version 1.0
Size
19 kB (19152 bytes)
Hash
f2204d24c0e20db42ea94240f2a1fcb7
af247c8d79c0061339f6ee1414b29d6e0f330fcc
00766c1f7aee39765858beb54f912bd3bcb6476c134c809834c57b6e067e25c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/arkitech_bold-webfont.woff2 HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/assets/css/fonts664a.css?r=R9X6
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 16 May 2024 11:02:19 GMT
last-modified: Sat, 12 Nov 2022 23:48:58 GMT
accept-ranges: bytes
content-length: 19152
content-type: font/woff2
age: 168893
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/public/fr-pages-bg.jpg

186.2.162.188

200 OK

586 kB

URL GET HTTP/2
c12v2.net/assets/img/template/public/fr-pages-bg.jpg
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 2880x2794, components 3
Size
586 kB (586191 bytes)
Hash
81d1d7f40eff924fae6499005b11325c
6625a3d2229b1a01c678e42ff632cfefd78029b5
32771e3d97166376a125c8fce172bae613dc7d0a606b2103dc1497f97e154dd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/public/fr-pages-bg.jpg HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/assets/css/template/authenticate897a.css?r=e7028ad3ddf11de2c83f960a51ecabb5?r=O41P
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:49:35 GMT
last-modified: Sat, 11 Feb 2023 03:24:20 GMT
accept-ranges: bytes
content-length: 586191
content-type: image/jpeg
age: 392857
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/authenticate/globe-img.png

186.2.162.188

200 OK

115 kB

URL GET HTTP/2
c12v2.net/assets/img/template/authenticate/globe-img.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 607 x 623, 8-bit/color RGBA, non-interlaced
Size
115 kB (114985 bytes)
Hash
9e8e15bf6ed2ff190b080abb3b2d9e4e
31f2d6e80a113ebccefd431279d59c36bf5be2be
f83a525028f031ba50043ab9243bbcbe2f18c0554c8c19a45acfa00438853722

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/authenticate/globe-img.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/assets/css/template/authenticate897a.css?r=e7028ad3ddf11de2c83f960a51ecabb5?r=O41P
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:49:35 GMT
last-modified: Sat, 11 Feb 2023 03:24:08 GMT
accept-ranges: bytes
content-length: 114985
content-type: image/png
age: 392857
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/template/select-arrow.png

186.2.162.188

200 OK

3.0 kB

URL GET HTTP/2
c12v2.net/assets/img/template/select-arrow.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 16 x 9, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2954 bytes)
Hash
6b03cda1d9aa4c4c5265f6a71f72f60b
3fd6b9975444b382f78e4407a765a23ffa1e8809
0a0991443d084124e72c16edc351e59477d87f612ca39d186dce71bb302b2d69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/template/select-arrow.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/assets/css/template/authenticate897a.css?r=e7028ad3ddf11de2c83f960a51ecabb5?r=O41P
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 May 2024 20:48:59 GMT
last-modified: Sat, 12 Nov 2022 23:49:06 GMT
accept-ranges: bytes
content-length: 2954
content-type: image/png
age: 392894
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/favicon/128x128.png

186.2.162.188

200 OK

19 kB

URL GET HTTP/2
c12v2.net/assets/img/favicon/128x128.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
19 kB (19415 bytes)
Hash
1cadbb1b430e2efdc45446b430001473
51e4d914e860c03dd3c83910db6c55541b0e4718
48755bf2c5aacaa0a774ffd90e3a55c90c75a6b6ed9b6486cfa2254652960c00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/favicon/128x128.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 17 May 2024 17:34:43 GMT
last-modified: Fri, 10 May 2024 16:13:42 GMT
accept-ranges: bytes
content-length: 19415
content-type: image/png
age: 58950
ddg-cache-status: HIT
X-Firefox-Spdy: h2

c12v2.net/assets/img/favicon/16x16.png

186.2.162.188

200 OK

791 B

URL GET HTTP/2
c12v2.net/assets/img/favicon/16x16.png
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
791 B (791 bytes)
Hash
35932a2a552a6c48dfd473a05a52f726
2bed0cb0dcd96e5382e8d98aad13ae0e533283c9
3627b0db07e2cdf894692501659f3ea2335079a95ea50fcc0442ff733b9245f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/favicon/16x16.png HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/index.php?a=login&say=invalid_login&username=
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 18 May 2024 05:33:18 GMT
last-modified: Fri, 10 May 2024 16:13:34 GMT
accept-ranges: bytes
content-length: 791
content-type: image/png
age: 15835
ddg-cache-status: HIT
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
31 kB (30952 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 09:57:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 10/31/2023 19:00:00
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4cfc9bfb6c056c31a4ee9b65db48c62b
cdn-cache: HIT
cf-cache-status: HIT
age: 1532370
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 885afb527d04b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

104.18.11.207

200 OK

25 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c12v2.net/index.php?a=login&say=invalid_login&username=
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (59729)
Size
25 kB (24746 bytes)
Hash
61f338f870fcd0ff46362ef109d28533
b3c116c65e6f053aaab45e5619a78ec00271a50f
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

HTTP Headers

GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c12v2.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 09:57:12 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"61f338f870fcd0ff46362ef109d28533"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 01/04/2023 07:40:19
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1075
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d54c889a2f06fc94f79048ab57eb8249
cdn-cache: HIT
cf-cache-status: HIT
age: 1523869
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 885afb52ed98b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

c12v2.net/admin.php?a=users&action=&d=0&form_id=17160260176133&form_token=23deb205f678b40f7c35a16236c89db2&o=&onpage=20&order=username-0&p=&q=Eng888&status=index.phpindex.phpindex.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=

186.2.162.188

302 Found

9.8 kB

URL User Request GET HTTP/2
c12v2.net/admin.php?a=users&action=&d=0&form_id=17160260176133&form_token=23deb205f678b40f7c35a16236c89db2&o=&onpage=20&order=username-0&p=&q=Eng888&status=index.phpindex.phpindex.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type

Size
9.8 kB (9783 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /admin.php?a=users&action=&d=0&form_id=17160260176133&form_token=23deb205f678b40f7c35a16236c89db2&o=&onpage=20&order=username-0&p=&q=Eng888&status=index.phpindex.phpindex.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username=index.php?a=login&say=invalid_login&username= HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
date: Sat, 18 May 2024 09:57:11 GMT
x-powered-by: PHP/7.4.33
content-security-policy: upgrade-insecure-requests;, default-src 'self' goldcoders.com *.goldcoders.com https://*.goldcoders.com https://goldcoders.com https://*.googleapis.com https://cdn.ckeditor.com https://ajax.cloudflare.com https://cdnjs.cloudflare.com https://translate.google.com https://www.gstatic.com https://www.google.com http://151.80.26.74 'unsafe-inline'; form-action 'self' https://perfectmoney.is https://perfectmoney.com https://*.paypal.com; report-uri https://www.goldcoders.com/csp.php
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
x-frame-options: DENY
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; Domain=.c12v2.net; HttpOnly; Path=/; Expires=Sun, 18-May-2025 09:57:11 GMT
CameFrom=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
PHPSESSID=3d1918d2fe1de4deb7806d7940312392; path=/; domain=c12v2.net; HttpOnly
location: index.php?a=login&say=invalid_login&username=
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

c12v2.net/index.php?a=login&say=invalid_login&username=

186.2.162.188

200 OK

9.8 kB

URL User Request GET HTTP/2
c12v2.net/index.php?a=login&say=invalid_login&username=
IP
186.2.162.188:443
ASN
#59692 IQWeb FZ-LLC

Certificate
IssuerSectigo Limited
Subjectc12v2.net
Fingerprint11:03:57:66:A7:40:F8:42:08:17:89:99:25:63:F1:21:7A:5A:63:CB
ValidityFri, 10 May 2024 00:00:00 GMT - Sat, 10 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (10379), with no line terminators
Size
9.8 kB (9783 bytes)
Hash
9a91fb63dae975e9af2dc101c1ccdc41
ea2be6c3bf286c4bcad2f20369834999a0b96843
d2acba1789b2768098ef2275b4aa313235a22c83c71581a65e27ca31abc3f7af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.php?a=login&say=invalid_login&username= HTTP/1.1
Host: c12v2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=RJNpMOhS0j2kxFDnPZM0; PHPSESSID=3d1918d2fe1de4deb7806d7940312392
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 18 May 2024 09:57:11 GMT
x-powered-by: PHP/7.4.33
access-control-allow-origin: *;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: CameFrom=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML