Report - doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX

Report Overview

Submitted URL
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
IP
91.212.166.21
ASN
#198953 Proton66 OOO
Submitted
2024-05-10 12:07:30
Access
public
Website Title
Админка
Final URL
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	467 B	5.3 kB	142.250.74.106
doggygangers.com	unknown	2023-01-15	2023-01-15	2023-11-12	3.5 kB	614 kB	91.212.166.21
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	534 B	34 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 12:07:04	medium	91.212.166.21	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 14
2024-05-10 12:07:04	medium	91.212.166.21	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 14
2024-05-10 12:07:04	high	Client IP	91.212.166.21	ET EXPLOIT_KIT Fake Browser Update Domain in TLS SNI (doggygangers .com)
2024-05-10 12:07:04	high	Client IP	91.212.166.21	ET EXPLOIT_KIT Fake Browser Update Domain in TLS SNI (doggygangers .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed
2024-05-10	medium	doggygangers.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/js/jquery.min.js	88 kB	2023-03-07	2024-05-20
Pretty URL doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/js/jquery.min.js IP 91.212.166.21 ASN #198953 Proton66 OOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-20 19:37:48 Times Seen99234 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

HTTP Transactions (8)

URL IP Response Size

doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/bootstrap.min.css

91.212.166.21

200 OK

26 kB

URL GET HTTP/2
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/bootstrap.min.css
IP
91.212.166.21:443
ASN
#198953 Proton66 OOO

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerLet's Encrypt
Subjectdoggygangers.com
Fingerprint16:70:30:5C:8E:6E:62:C4:BF:01:9E:8B:9A:CD:B9:F5:E4:E0:32:D5
ValidityMon, 18 Mar 2024 07:19:11 GMT - Sun, 16 Jun 2024 07:19:10 GMT

File type
gzip compressed data, from Unix
Size
26 kB (26347 bytes)
Hash
1a5fdac9a8c282b115903a9cf553f24a
43114d73627513e3f49cd846873e833c98c30879
07d6a1a5dfb8a3623b3e963dfacb238c6700842eab1469de3eea42b6815964eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/bootstrap.min.css HTTP/1.1
Host: doggygangers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Cookie: PHPSESSID=n3314ae8su99mc2p0571erckba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 12:07:05 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 03:48:04 GMT
etag: W/"65fa5c74-2c1fc"
expires: Sat, 11 May 2024 12:07:05 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2

doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/theme.min.css

91.212.166.21

200 OK

38 kB

URL GET HTTP/2
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/theme.min.css
IP
91.212.166.21:443
ASN
#198953 Proton66 OOO

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerLet's Encrypt
Subjectdoggygangers.com
Fingerprint16:70:30:5C:8E:6E:62:C4:BF:01:9E:8B:9A:CD:B9:F5:E4:E0:32:D5
ValidityMon, 18 Mar 2024 07:19:11 GMT - Sun, 16 Jun 2024 07:19:10 GMT

File type
gzip compressed data, from Unix
Size
38 kB (38423 bytes)
Hash
dd9212f3d69f35ddf689ebdc3018f2f8
bc4d1e70e64444fb6497629dc559dc23b54ecd3e
65f6bbf9d57bca1d981acbf22547cd4835f2f4fe4129781784ddbc8a6820407d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/theme.min.css HTTP/1.1
Host: doggygangers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Cookie: PHPSESSID=n3314ae8su99mc2p0571erckba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 12:07:05 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 03:48:04 GMT
etag: W/"65fa5c74-61fa"
expires: Sat, 11 May 2024 12:07:05 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/baloopaaji2/v27/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2

142.250.74.99

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/baloopaaji2/v27/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32664, version 1.0
Size
33 kB (32664 bytes)
Hash
0ca0a62f0e77e48c04067590e56b8047
9dac41047c087ce5b282d71f24421f1418b398d6
7cb436710e1550e5967a3df24d23a4a8d266cc47f54ced3e1cd2ab91721fe27a

HTTP Headers

GET /s/baloopaaji2/v27/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doggygangers.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:16:13 GMT
expires: Fri, 09 May 2025 02:16:13 GMT
cache-control: public, max-age=31536000
age: 121852
last-modified: Thu, 24 Aug 2023 20:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/images/favicon.ico

91.212.166.21

200 OK

104 kB

URL GET HTTP/2
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/images/favicon.ico
IP
91.212.166.21:443
ASN
#198953 Proton66 OOO

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerLet's Encrypt
Subjectdoggygangers.com
Fingerprint16:70:30:5C:8E:6E:62:C4:BF:01:9E:8B:9A:CD:B9:F5:E4:E0:32:D5
ValidityMon, 18 Mar 2024 07:19:11 GMT - Sun, 16 Jun 2024 07:19:10 GMT

File type
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
104 kB (104344 bytes)
Hash
ba4677278fa1d4e918294c06d5abaaae
6af6374914ed6a037d6bb06f12a2b631c43ad0a8
31b294d5991a3e70f96a45d143b96d00539db92d074dc01bcc08393a09415b6a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/images/favicon.ico HTTP/1.1
Host: doggygangers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Cookie: PHPSESSID=n3314ae8su99mc2p0571erckba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 12:07:05 GMT
content-type: image/vnd.microsoft.icon
content-length: 104344
last-modified: Wed, 20 Mar 2024 03:48:04 GMT
etag: "19798-6140f75390500"
accept-ranges: bytes
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Baloo+Paaji+2:wght@400;500;600&display=swap

142.250.74.106

200 OK

4.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Baloo+Paaji+2:wght@400;500;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (4824), with no line terminators
Size
4.7 kB (4716 bytes)
Hash
7e4dfa5c94e5c852e833fef696532d61
698916ff9964024f9e98f4a7ddda60f6d419463f
eb078d0a15a36cf18e97dc997f19343770800bc246412f99fdd3c4f1db2f6bc1

HTTP Headers

GET /css2?family=Baloo+Paaji+2:wght@400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doggygangers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 12:07:05 GMT
date: Fri, 10 May 2024 12:07:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php

91.212.166.21

200 OK

3.9 kB

URL User Request GET HTTP/2
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
IP
91.212.166.21:443
ASN
#198953 Proton66 OOO

Certificate
IssuerLet's Encrypt
Subjectdoggygangers.com
Fingerprint16:70:30:5C:8E:6E:62:C4:BF:01:9E:8B:9A:CD:B9:F5:E4:E0:32:D5
ValidityMon, 18 Mar 2024 07:19:11 GMT - Sun, 16 Jun 2024 07:19:10 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4138), with no line terminators
Size
3.9 kB (3927 bytes)
Hash
1c003100e7555c99454cb457f714689d
c36dc51a8b9a10c54f9fe323e9e611050dcdc80a
a6c6a6df73fa576639030aa06687ad624c8532b17e27c8cf345bb4627b41bfa1

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php HTTP/1.1
Host: doggygangers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 12:07:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=n3314ae8su99mc2p0571erckba; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
X-Firefox-Spdy: h2

doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/icons.min.css

91.212.166.21

200 OK

351 kB

URL GET HTTP/2
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/icons.min.css
IP
91.212.166.21:443
ASN
#198953 Proton66 OOO

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerLet's Encrypt
Subjectdoggygangers.com
Fingerprint16:70:30:5C:8E:6E:62:C4:BF:01:9E:8B:9A:CD:B9:F5:E4:E0:32:D5
ValidityMon, 18 Mar 2024 07:19:11 GMT - Sun, 16 Jun 2024 07:19:10 GMT

File type
ASCII text, with very long lines (65354)
Size
351 kB (351369 bytes)
Hash
c59c284ee41539e92d37083eac21176e
0275b89ed42d9506f6ab7e7732815ef300f462a1
129e9a9205d6a1c6ee8b70db9d54440d95677986c79847bf2d385e4cd7f6dee0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/css/icons.min.css HTTP/1.1
Host: doggygangers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Cookie: PHPSESSID=n3314ae8su99mc2p0571erckba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 12:07:05 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 03:48:04 GMT
etag: W/"65fa5c74-55c89"
expires: Sat, 11 May 2024 12:07:05 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2

doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/js/jquery.min.js

91.212.166.21

200 OK

88 kB

URL GET HTTP/2
doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/js/jquery.min.js
IP
91.212.166.21:443
ASN
#198953 Proton66 OOO

Requested by
https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Certificate
IssuerLet's Encrypt
Subjectdoggygangers.com
Fingerprint16:70:30:5C:8E:6E:62:C4:BF:01:9E:8B:9A:CD:B9:F5:E4:E0:32:D5
ValidityMon, 18 Mar 2024 07:19:11 GMT - Sun, 16 Jun 2024 07:19:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/assets/js/jquery.min.js HTTP/1.1
Host: doggygangers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doggygangers.com/YfMv2QsjpCQl845BWSYNfNOQitweyze_Z6lIlrRr43MRjX_HrM/login.php
Cookie: PHPSESSID=n3314ae8su99mc2p0571erckba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 12:07:05 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 03:48:04 GMT
etag: W/"65fa5c74-15851"
expires: Sat, 11 May 2024 12:07:05 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size