| zepwk111.uk/assets/modules/select2/select2.min.css | 172.67.133.145 | 200 OK | 23 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/select2/select2.min.css IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeASCII text, with very long lines (14965), with CRLF line terminators Hashba5948c0bda0f5f26bd3068ce565deaa 6d28595693ce13f1a79db7d5c73bd82b13cf63b5 c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/select2/select2.min.css HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/css
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
vary: Accept-Encoding
etag: W/"626d9d40-3a77"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGW3s%2FDqx6vvn4tx5BgzlGPYozEidqQSl85MTjoFTZR%2B8bzIys8r4tIMEIvTOcVluTdCevhv5KJzX%2FSkCTq5eh%2FFl8OG0ITKAWJAisJJRp%2FlE6d2iZen%2BnjXcVzauw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9ceb745693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/css/adminlte.min.css | 172.67.133.145 | 200 OK | 205 kB |
URL GET HTTP/3zepwk111.uk/assets/css/adminlte.min.css IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeASCII text, with very long lines (65148), with CRLF line terminators Size205 kB (204685 bytes) Hashefd25adb317155ad5b5e3ab8a9a692dd db0afb70249f3787a94bd4e97ebda0878191d394 8777aaf5d50b19f517d03349f82ac8634fac8d2d4ef71a715fead6a43435ee25
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/adminlte.min.css HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/css
last-modified: Tue, 20 Dec 2022 16:52:50 GMT
vary: Accept-Encoding
etag: W/"63a1e862-151a4a"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAtc5M9C6P8dDzAekZdn%2B7w3sEGBim%2B1Cih5dYSHu%2BkTVX8BocmTY4Db%2F9GHAnVnXIqb5o8aRfpplQCr4VCXa2K7SKQQ%2By%2FZOxO%2FOq2SVA6LQ8FmW%2FHPwIhLUfCMAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9cfb7c5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/css/custom.css | 172.67.133.145 | 200 OK | 3.3 kB |
URL GET HTTP/3zepwk111.uk/assets/css/custom.css IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash1123383213092643b28c31c521a184ef 5a584dd8aa499f0f0d97734b5f1c6a20444d77a4 19567504a2faa9db6515f2323aeb58f0892db85b0fca2a3cb7ffea243369d43f
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/custom.css HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/css
last-modified: Mon, 05 Feb 2024 04:50:22 GMT
vary: Accept-Encoding
etag: W/"65c0690e-14ce"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPWwT%2FRk9LsSPuIsSVzEmcnDIkksBPeAPHVPgm3naag0bILtmctzim4xOVCpoffp7xS1TciGF3VaLIDMoOCPGau59fZrhhEA0ANGtfocOivNouvPlCVMGYKXkEzSGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9cfb7d5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/modules/jquery/jquery-3.7.1.min.js | 172.67.133.145 | 200 OK | 88 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/jquery/jquery-3.7.1.min.js IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/jquery/jquery-3.7.1.min.js HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: application/javascript
last-modified: Sun, 14 Jan 2024 23:26:30 GMT
vary: Accept-Encoding
etag: W/"65a46da6-155ed"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0DDBeYw%2Fgo5breUVBBcK%2FqUIcOKT9MmJMR1Ls49IvrN45g0NLnevSBLLrx8tLe9yZmJ5Rmvv673FeS%2FBkIqpKITthFR8QbgNVs7NLyDC0PvfdgeWvV6Q%2Fh6w7WDUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9cfb7e5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/modules/select2/select2.min.js | 172.67.133.145 | 200 OK | 71 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/select2/select2.min.js IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/select2/select2.min.js HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: application/javascript
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
vary: Accept-Encoding
etag: W/"626d9d40-114c4"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5qL3S6sSgw1IbLj%2B6hjYLu7nazQbjECRaLqWj1aD9mpeQHBa4fTnTkTwTj50kRgnbCu1l5MWoIVY6%2FuHl4xB5%2Bo4GBLQLiIGLC%2FHl%2FIjjUrmf5AG3pdL2Vl5Dp2Dpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9cfb805693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/fonts/sourcesanspro-regular-webfont.woff2 | 172.67.133.145 | 200 OK | 20 kB |
URL GET HTTP/3zepwk111.uk/assets/fonts/sourcesanspro-regular-webfont.woff2 IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20540, version 2.2949 Hashd67b548b833d70dda3779916f5415e7e f1d3b0c478384a35f0766d9d1839aea81a164b3f 8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/sourcesanspro-regular-webfont.woff2 HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://zepwk111.uk/assets/css/custom.css
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:05 GMT
content-type: font/woff2
content-length: 20540
last-modified: Sat, 03 Feb 2024 03:44:44 GMT
etag: "65bdb6ac-503c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHWWxUAARF4bYcOsZfpD3B%2BLlL6r4CsrMj9%2B5H2RsdTJj33a4rsravUkc%2BtbRDYFMDNEedTh5jHMtHGXD0pkLkCxsjgcZfpeBIc66zgYdiB9qa0MJWaOwRA6uQBzXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe9d9faceb5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 | 172.67.133.145 | 200 OK | 78 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://zepwk111.uk/assets/modules/fontawesome-free/css/solid.min.css
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:05 GMT
content-type: font/woff2
content-length: 78196
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
etag: "626d9d40-13174"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MtdsKMa3Kn7dTm9VXSs0i3vyklA5QpvkYNQFRierKEWG7NG7jdGaBdDvpYS0W49yJiyQ5%2F1drlBObysSxg%2B2kdMNeE2hkNw856MICRubxVOtQ95DsTzQ1G%2BAzbd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe9d9fbcf15693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.133.145 | 302 Found | 3.5 kB |
URL User Request GET HTTP/2IP172.67.133.145:443
CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/html; charset=UTF-8
location: pages/login.php
set-cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv; path=/; HttpOnly; SameSite=Strict
content-security-policy: default-src 'self'; script-src 'self' 'nonce-F63lDkg1G7ZGLOojVoZlEg=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';
feature-policy: geolocation 'none'; microphone 'none'; camera 'none'
permissions-policy: geolocation=(), microphone=(), camera=()
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex, nofollow
cross-origin-resource-policy: same-origin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YiY4mYcc23XTvzMd1eY%2F75TWkvPMxNuoHNTYGX2vvVW%2BBewro5YLYEJ344zHYdfk%2BvFL%2B3hyhcx2owdttUXIeIYX5kN3rRinwUfB1vcXlkpEUxpi3VxJu4b28s1ywg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d990dabb4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zepwk111.uk/assets/modules/fontawesome-free/css/fontawesome.min.css | 172.67.133.145 | 200 OK | 58 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/fontawesome-free/css/fontawesome.min.css IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeASCII text, with very long lines (57726), with CRLF line terminators Hashbb747d04bc4c8aa452bb9bd91ae47935 9039d9584b2e8f55f9da771dcf1b4854b6633e14 e0351876703417eb2a9985cb15ecf9910966d2941e7c61c8f3907a2834c38383
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/fontawesome-free/css/fontawesome.min.css HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/css
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
vary: Accept-Encoding
etag: W/"626d9d40-e23c"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YwoWVe4VOOHS0OxZ0IezbdEK9WCfptJuV5wErhdeQFeFjpPbku46DpHv7nYUTc%2BPKGZlzu652dfPGux%2FUD29WEJhcbT7fGuSbg%2FHBNP%2FvEHwO1d%2BoLjn4TYI8rp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9ceb715693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/modules/izitoast/iziToast.min.css | 172.67.133.145 | 200 OK | 42 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/izitoast/iziToast.min.css IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeASCII text, with very long lines (41419), with CRLF line terminators Hashb2f7bdc3ed47f5956551ce0333925792 d2c6cd54cf8a6c040c28844b306543b76eeab8b8 7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/izitoast/iziToast.min.css HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/css
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
vary: Accept-Encoding
etag: W/"626d9d40-a221"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRgCcHU5LyrqFoFjg%2FY1%2BWIrq6cx5zFTeZ8n7F2j3EWB6RUGCzK7WnByGfl9pYTDfgNNgJcugU8GjqHrbz1Q38ay1sszeIggPUvX6I7mMvcp401waTu54jaoh0fAZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9ceb735693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/modules/izitoast/iziToast.min.js | 172.67.133.145 | 200 OK | 18 kB |
URL GET HTTP/3zepwk111.uk/assets/modules/izitoast/iziToast.min.js IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/izitoast/iziToast.min.js HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: application/javascript
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
vary: Accept-Encoding
etag: W/"626d9d40-4836"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLlRL9bd9svJGWBEuywYN64N7ahwaXDR57hVcdE7SYdthg2AoxLFij7dp%2FCpcGFtCY7geVwUmjphHO9SYKdqyP7cs4yuxdaFwfDSQctjusUrpCAwxSUXwevWzT1dkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9cfb7f5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/img/favicon.png | 172.67.133.145 | 200 OK | 1.8 kB |
URL GET HTTP/3zepwk111.uk/assets/img/favicon.png IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typePNG image data, 120 x 120, 8-bit colormap, non-interlaced Hash596af1ae4b10854e334121133691325b ccbaa5ee0def372ae2d791e7c0666e5777c75198 576d5210ef7bd676fff12be80fd61b793c5acdc618b4734f2da4cd638966e496
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/favicon.png HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:05 GMT
content-type: image/png
content-length: 1846
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
etag: "626d9d40-736"
expires: Wed, 05 Jun 2024 15:29:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 48307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=354mD81NLZXa9Jm0bQGJGVSa3fGm49Ot8x7rBxCwhdRCMCdXyDGovosmgEvyXNInCcQlVKcUKCPkjomJny%2BBoS3wI0vGVfpoyxuu5HmHVvil3B8wNHX0GZURAmLehA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe9da14df35693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/assets/modules/fontawesome-free/css/solid.min.css | 172.67.133.145 | 200 OK | 673 B |
URL GET HTTP/3zepwk111.uk/assets/modules/fontawesome-free/css/solid.min.css IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeASCII text, with very long lines (695), with no line terminators Hash36295b061518f2023c8375ce9884bd2c 2508f93168d435ed6e3c2bc2fb238ec391717aae c0dabf60094ed0ecccbc0570a5ca5d74fb361d7e578e9bcf27de0e099feec14c
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/fontawesome-free/css/solid.min.css HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/css
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
etag: W/"626d9d40-2a1"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFZ520uP06nRoW2hQ9nytHDLpQuCr7n6Sixjrcd2PSDR%2Bq%2FIVr17sHqy7Q%2FphPj7qqi2gpBqW65hP27JUvGvyBXtPZ5jTfDQoCr9Y3w3VlzMdobXyeeBfQgJMFSpvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe9d9ceb725693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zepwk111.uk/pages/login.php | 172.67.133.145 | 200 OK | 3.5 kB |
URL User Request GET HTTP/2zepwk111.uk/pages/login.php IP172.67.133.145:443
CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeHTML document, ASCII text, with very long lines (3752), with no line terminators Hash2e076cee7676856c9885878589586d35 ef90df73f62940447976fc74a59dcd8aef89351b 2a71d31552ec9f3b7b6b2bba772c4771ff7f943a178214545aa306172702b17f
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /pages/login.php HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src 'self'; script-src 'self' 'nonce-M4qldGe+oAr54w6IzhVipw=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';
feature-policy: geolocation 'none'; microphone 'none'; camera 'none'
permissions-policy: geolocation=(), microphone=(), camera=()
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex, nofollow
cross-origin-resource-policy: same-origin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i84sf4mR9m%2Bk9cAPY4MrXxhqRzf51n32emphpox8H0xIO%2BUQdi3zq130C6dvyK928K7uUJ4xDmqI1CZ8x5VMlJn6x9viG5bKhgBy9ETPtJMW%2B%2FFhj1xHQUGkp9bfxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe9d9aaea3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zepwk111.uk/__UNAM_LIB/unam_lib.js | 172.67.133.145 | 200 OK | 952 B |
URL GET HTTP/3zepwk111.uk/__UNAM_LIB/unam_lib.js IP172.67.133.145:443
Requested byhttps://zepwk111.uk/pages/login.php CertificateIssuerLet's Encrypt Subjectzepwk111.uk FingerprintD6:57:FA:61:23:3B:C8:C1:C7:DB:EF:DC:A4:05:9E:C5:77:1D:67:E4 ValidityMon, 25 Mar 2024 09:40:27 GMT - Sun, 23 Jun 2024 09:40:26 GMT
File typeASCII text, with very long lines (1004), with no line terminators Hash2baa7a481fce9b6be0d25dd1c6d62ea3 e6a14ac00e37f25d763d487bea244268d825b20f 7c3ddfd285664e60f92bf29e93b0a1f79fff367e448b7de230cdc48c11400293
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /__UNAM_LIB/unam_lib.js HTTP/1.1
Host: zepwk111.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=5c6eb68eb43323e60ab558f7851dcb3e; PHPSESSID=vkhn5sso5b86otepiq0uvr7cfv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:55:04 GMT
content-type: application/javascript
last-modified: Sat, 30 Apr 2022 20:34:08 GMT
etag: W/"626d9d40-3b8"
expires: Tue, 07 May 2024 16:55:04 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7ZHPduMlppSqfHy4W6Gqv989UjavTmqVVYHFT%2B4BkCIJNYDetObR%2F17kjiq6FArEL7GSIVTUJ7sFhJw5k443cYE6zW9vxMAV%2FQ0yCvSE%2BVVpl9xwojSvJ12iKcb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe9d9cfb825693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|