Report - spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/

Report Overview

Submitted URL
spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
IP
162.241.120.253
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-06-09 20:22:59
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
spcywfy.com	unknown	2023-01-27	2023-02-07	2023-06-09	2.9 kB	32 kB	162.241.120.253

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-09	medium	spcywfy.com
2023-06-09	medium	spcywfy.com
2023-06-09	medium	spcywfy.com
2023-06-09	medium	spcywfy.com
2023-06-09	medium	spcywfy.com

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/	0 B	2023-03-07	2024-04-25
Pretty URL spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/ IP 162.241.120.253 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 16:00:02 Times Seen37065903 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	spcywfy.com/.kok/89/s.js	620 B	2023-03-14	2024-02-21
Pretty URL spcywfy.com/.kok/89/s.js IP 162.241.120.253 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:27:29 Last Seen2024-02-21 04:03:12 Times Seen10 Hash 90a8b7e47c18f08848fea9dbcbc72c95 0be7a3e9187efcbb6d86d8801023756320838d7a 9ff7127a1fd1e52a3a803c0eae302ee3c8014291a39a564871ee2b6d3e4c0895 Loading...

	unknown	15 B	2023-04-11	2024-04-21
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 19:46:16 Last Seen2024-04-21 18:48:37 Times Seen45 Hash 445b6521b21c3776527bef5672864386 f09c0ae20249d7f643d0556c73094bfb92e10890 8db12f3c48ee6763cea3e2012b6f9781abfac9a7235492ec43c785ee1630fa91 Loading...

HTTP Transactions (5)

URL IP Response Size

spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/

162.241.120.253

200 OK

3.9 kB

URL User Request GET HTTP/1.1
spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
IP
162.241.120.253:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectcpcalendars.spcywfy.com
Fingerprint6B:33:43:3F:6E:EC:AA:8B:93:47:08:3C:2B:FA:C5:B5:5E:5C:65:A9
ValiditySat, 13 May 2023 23:32:43 GMT - Fri, 11 Aug 2023 23:32:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (494)
Size
3.9 kB (3862 bytes)
Hash
221a66241055f54eb4914d164385d7cc
7c150298fd32e3777145a16acd7d0c5e76f68019
4483eed61f087ff75cbb18a75009dd0d5ad27c4b86e99fb8be722468706d8855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/ HTTP/1.1
Host: spcywfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:22:41 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=b5b5684aae3a019f58d4c53d1a74635e; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

spcywfy.com/.kok/89/icon.png

162.241.120.253

200 OK

8.8 kB

URL GET HTTP/1.1
spcywfy.com/.kok/89/icon.png
IP
162.241.120.253:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Certificate
IssuerLet's Encrypt
Subjectcpcalendars.spcywfy.com
Fingerprint6B:33:43:3F:6E:EC:AA:8B:93:47:08:3C:2B:FA:C5:B5:5E:5C:65:A9
ValiditySat, 13 May 2023 23:32:43 GMT - Fri, 11 Aug 2023 23:32:42 GMT

File type
PNG image data, 407 x 407, 8-bit/color RGBA, non-interlaced\012- data
Size
8.8 kB (8828 bytes)
Hash
97cd35699bda7dd5846f881de5880364
b2212d7ed39c988a5bd94d42946b7dae0b8ae372
00f27431ff56e939647931adede84170819a57761205646da7a85ef7927fefea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /.kok/89/icon.png HTTP/1.1
Host: spcywfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Cookie: PHPSESSID=b5b5684aae3a019f58d4c53d1a74635e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:22:42 GMT
Server: Apache
Last-Modified: Sat, 02 Jul 2022 21:51:38 GMT
Accept-Ranges: bytes
Content-Length: 8828
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

spcywfy.com/.kok/89/s.css

162.241.120.253

200 OK

305 B

URL GET HTTP/1.1
spcywfy.com/.kok/89/s.css
IP
162.241.120.253:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Certificate
IssuerLet's Encrypt
Subjectcpcalendars.spcywfy.com
Fingerprint6B:33:43:3F:6E:EC:AA:8B:93:47:08:3C:2B:FA:C5:B5:5E:5C:65:A9
ValiditySat, 13 May 2023 23:32:43 GMT - Fri, 11 Aug 2023 23:32:42 GMT

File type
ASCII text
Size
305 B (305 bytes)
Hash
f0037f77e89283ee77c67fe8070ee802
c2418cbc77d8c3d96d1ed8e1d1734082aa2ba7a8
951453f7024a800eaed72803da4d1483929659033b41d00948261916a42ef598

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /.kok/89/s.css HTTP/1.1
Host: spcywfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Cookie: PHPSESSID=b5b5684aae3a019f58d4c53d1a74635e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:22:42 GMT
Server: Apache
Last-Modified: Sat, 02 Jul 2022 21:14:56 GMT
Accept-Ranges: bytes
Content-Length: 305
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

spcywfy.com/.kok/89/s.js

162.241.120.253

200 OK

620 B

URL GET HTTP/1.1
spcywfy.com/.kok/89/s.js
IP
162.241.120.253:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Certificate
IssuerLet's Encrypt
Subjectcpcalendars.spcywfy.com
Fingerprint6B:33:43:3F:6E:EC:AA:8B:93:47:08:3C:2B:FA:C5:B5:5E:5C:65:A9
ValiditySat, 13 May 2023 23:32:43 GMT - Fri, 11 Aug 2023 23:32:42 GMT

File type
ASCII text
Size
620 B (620 bytes)
Hash
90a8b7e47c18f08848fea9dbcbc72c95
0be7a3e9187efcbb6d86d8801023756320838d7a
9ff7127a1fd1e52a3a803c0eae302ee3c8014291a39a564871ee2b6d3e4c0895

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /.kok/89/s.js HTTP/1.1
Host: spcywfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Cookie: PHPSESSID=b5b5684aae3a019f58d4c53d1a74635e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:22:43 GMT
Server: Apache
Last-Modified: Sat, 02 Jul 2022 22:00:16 GMT
Accept-Ranges: bytes
Content-Length: 620
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

spcywfy.com/.kok/89/page_settings/files/img/favicon.ico

162.241.120.253

200 OK

17 kB

URL GET HTTP/1.1
spcywfy.com/.kok/89/page_settings/files/img/favicon.ico
IP
162.241.120.253:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Certificate
IssuerLet's Encrypt
Subjectcpcalendars.spcywfy.com
Fingerprint6B:33:43:3F:6E:EC:AA:8B:93:47:08:3C:2B:FA:C5:B5:5E:5C:65:A9
ValiditySat, 13 May 2023 23:32:43 GMT - Fri, 11 Aug 2023 23:32:42 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Size
17 kB (16958 bytes)
Hash
41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /.kok/89/page_settings/files/img/favicon.ico HTTP/1.1
Host: spcywfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spcywfy.com/.kok/89/load.php?home-US-userID887454686437748135480870230574184864-Email-8869711234348463541898645784-second/
Cookie: PHPSESSID=b5b5684aae3a019f58d4c53d1a74635e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:22:43 GMT
Server: Apache
Last-Modified: Sat, 02 Jul 2022 22:02:40 GMT
Accept-Ranges: bytes
Content-Length: 16958
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/x-icon

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type