| www.kimiagroups.pw/login.php |  162.213.251.25 | 200 OK | 619 B |
URL User Request GET HTTP/2www.kimiagroups.pw/login.php IP162.213.251.25:443
CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashfe63b1c5a4c1cef5831e1c53fea96819 85d83d158b35a42c8f02d75618d624ea9ae5e0d1 66570233b27c0c11c1bf1a393b51332ffc0d274fd514afbecda91dabe1750d59
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /login.php HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
set-cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-length: 619
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/bootstrap/dist/css/bootstrap.min.css | 162.213.251.25 | 200 OK | 18 kB |
URL GET HTTP/2www.kimiagroups.pw/bootstrap/dist/css/bootstrap.min.css IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65317) Hash7e923ad223e9f33e54d22e50cf2bcce5 8b7cb193d70bb476db06651c878dfcd1a7e1c0ee aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /bootstrap/dist/css/bootstrap.min.css HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 04:23:53 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2017 19:12:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18042
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css | 162.213.251.25 | 200 OK | 12 kB |
URL GET HTTP/2www.kimiagroups.pw/plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65511) Hash83f991966f4fe9b5e26dcb79c267a630 9810c2f654b171419de327c8048a7141b663a783 0ca13f118a0ac8dc77f0894b67dffe9861d52218cbbbaa2150ccf113665c6bfc
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /plugins/bower_components/bootstrap-extension/css/bootstrap-extension.css HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 04:23:53 GMT
content-type: text/css
last-modified: Thu, 13 Apr 2017 22:47:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11768
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/plugins/sweetalert/dist/sweetalert.css | 162.213.251.25 | 200 OK | 3.5 kB |
URL GET HTTP/2www.kimiagroups.pw/plugins/sweetalert/dist/sweetalert.css IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
Hashd8cc26070373f41241f37ce5a9c9d885 3ecb6f91187c0153724c950efcea0b0d944fd5aa 460df149ba9d2eb000637d9bfb2df51c5080a19e9071ff4ed5a4b7e21a0bd2f1
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /plugins/sweetalert/dist/sweetalert.css HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 04:23:53 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2016 06:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3487
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/plugins/bower_components/jquery/dist/jquery.min.js | 162.213.251.25 | 200 OK | 29 kB |
URL GET HTTP/2www.kimiagroups.pw/plugins/bower_components/jquery/dist/jquery.min.js IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash512d9517dac8bd35b30856de88170212 fcb6d93a78864e9068c597ac843b0c4724248337 70ea5c0fd61a431fef3e564d404e868b8017cdf8525f37ef2e1a64299246003b
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /plugins/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Sun, 09 Apr 2017 19:51:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 28814
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/bootstrap/dist/js/tether.min.js | 162.213.251.25 | 200 OK | 7.2 kB |
URL GET HTTP/2www.kimiagroups.pw/bootstrap/dist/js/tether.min.js IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (24900), with no line terminators Hash99d5eb445062f5f3b82d29aa2680e4a2 5c2a19c60f8ab7306c43bd68feebb3c9d3282c3c ff9a470d98767efd5e6489b27e24e1b41e408382ea0e3ca2b6d4fb7cb8dd4fff
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /bootstrap/dist/js/tether.min.js HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 15 Nov 2016 23:37:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7188
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/bootstrap/dist/js/bootstrap.min.js | 162.213.251.25 | 200 OK | 12 kB |
URL GET HTTP/2www.kimiagroups.pw/bootstrap/dist/js/bootstrap.min.js IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32075) Hash0827a0bdcd9a917990eee461a77dd33e 6107d146e54a67c9998230abf839301575d05702 fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 06 Jan 2017 19:12:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11465
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/plugins/bower_components/bootstrap-extension/js/bootstrap-extension.min.js | 162.213.251.25 | 200 OK | 6.9 kB |
URL GET HTTP/2www.kimiagroups.pw/plugins/bower_components/bootstrap-extension/js/bootstrap-extension.min.js IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26402) Hash0c241eb74c0986ffefa56dc8308dd0ee 26b62a6286256442b6be8ce4b51dd3a34ac6588d bb5e2d3039b4fddffc1e711897eaffc7ddcf7256fea855989d37c4b1aa8bed8d
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /plugins/bower_components/bootstrap-extension/js/bootstrap-extension.min.js HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Mon, 13 Mar 2017 15:12:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6928
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/plugins/sweetalert/dist/sweetalert.min.js | 162.213.251.25 | 200 OK | 5.1 kB |
URL GET HTTP/2www.kimiagroups.pw/plugins/sweetalert/dist/sweetalert.min.js IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (16994), with no line terminators Hash2f9966a615f3f46d846807adbe42644f 441544c084828da55ca0bafdc4c3df7dc7020820 be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c
| Analyzer | Verdict | Alert |
|---|
| urlquery | malware | Malware - Botnet panel |
GET /plugins/sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 15 Dec 2016 06:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5135
date: Wed, 24 Apr 2024 04:23:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| www.kimiagroups.pw/favicon.ico | 162.213.251.25 | 404 Not Found | 1.3 kB |
URL GET HTTP/2www.kimiagroups.pw/favicon.ico IP162.213.251.25:443
Requested byhttps://www.kimiagroups.pw/login.php CertificateIssuerSectigo Limited Subjectkimiagroups.pw Fingerprint43:AC:D1:BE:5F:CD:40:71:D1:F5:DE:C7:41:E7:DB:11:DF:23:B3:B1 ValiditySun, 03 Dec 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
GET /favicon.ico HTTP/1.1
Host: www.kimiagroups.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kimiagroups.pw/login.php
Cookie: PHPSESSID=32c3ef2874a3db1e12040561b95b03bb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1251
date: Wed, 24 Apr 2024 04:23:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|