| mail.52jfg.xyz/assets/modules/fontawesome-free/css/fontawesome.min.css | 45.147.197.40 | 200 OK | 12 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/fontawesome-free/css/fontawesome.min.css IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeASCII text, with very long lines (57726) Hasheeb705d0bdccfd645d3bbd46dd1fbab3 066def290f42ed8c00860e573cc880bd46e9ced4 d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/fontawesome-free/css/fontawesome.min.css HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:27 GMT
content-type: text/css
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:36 GMT
content-encoding: br
age: 51805
content-length: 12145
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/izitoast/iziToast.min.css | 45.147.197.40 | 200 OK | 10 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/izitoast/iziToast.min.css IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeASCII text, with very long lines (41419) Hashca2f839e9a41207ce4d486b75b0dc926 398acaa4eca2baa749a90175fe24d3c2a35f19ca 20b2776eaee552defc7c9b25bfef14a891f0dd4a12ac7320d689d749e1ca0fa7
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/izitoast/iziToast.min.css HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:27 GMT
content-type: text/css
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:32 GMT
content-encoding: br
age: 51805
content-length: 10201
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/fontawesome-free/css/solid.min.css | 45.147.197.40 | 200 OK | 287 B |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/fontawesome-free/css/solid.min.css IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeASCII text, with very long lines (483) Hash9eb2d3c87feb6bb2ffa63b70532b1477 38f226335a05ab0e30497bc7419eb5e243a9e26c 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/fontawesome-free/css/solid.min.css HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:27 GMT
content-type: text/css
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 51805
content-length: 287
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/select2/select2.min.css | 45.147.197.40 | 200 OK | 1.8 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/select2/select2.min.css IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeASCII text, with very long lines (14965) Hash9f54e6414f87e0d14b9e966f19a174f9 ae5735562faabd1a2d9803bbd7bf4c502b5e4f51 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/select2/select2.min.css HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:27 GMT
content-type: text/css
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:35 GMT
content-encoding: br
age: 51805
content-length: 1821
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/css/custom.css | 45.147.197.40 | 200 OK | 1.3 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/css/custom.css IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeassembler source, ASCII text Hash88df7cd96f39eb4a214b84635c728207 12c363685205e6cb7c7757b9fe3291518421080e a34583896daa89dd052257089a24c2363e51e0666a6f7ddf0c4bf2c06e7b70a8
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/custom.css HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:27 GMT
content-type: text/css
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:25 GMT
content-encoding: br
age: 51805
content-length: 1347
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/izitoast/iziToast.min.js | 45.147.197.40 | 200 OK | 5.1 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/izitoast/iziToast.min.js IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (18398) Hasha05a127c793145cec6b721f14fced3e5 5d753b1c803de12f4d2217ab0d143d4dcf047010 ac860be79a4cfe434ea68f002638f79371d9a85a3b045a1aaf10dc98df551497
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/izitoast/iziToast.min.js HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 15:35:46 GMT
content-type: application/javascript
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:32 GMT
content-encoding: gzip
age: 48187
content-length: 5077
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| | 45.147.197.40 | 302 Found | 105 kB |
URL User Request GET HTTP/2IP45.147.197.40:443
CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeASCII text, with very long lines (65158) Size105 kB (104905 bytes) Hash3761431942d1adad52b80e4e4d174449 97a30cba1aabe8de821bde5b2d2822c188fbb55a 150fa4d262057d65d54da5b56ab877a8ac7c2175f9066e5fe901bed299148da1
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9; Domain=.52jfg.xyz; HttpOnly; Path=/; Expires=Wed, 07-May-2025 04:58:51 GMT
date: Tue, 07 May 2024 04:58:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.18
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'nonce-R3e4Y7PMl5b4bO2wKonq5A=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';
feature-policy: geolocation 'none'; microphone 'none'; camera 'none'
permissions-policy: geolocation=(), microphone=(), camera=()
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: DENY
cross-origin-resource-policy: same-origin
x-robots-tag: noindex, nofollow
location: pages/login.php
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/__UNAM_LIB/unam_lib.js | 45.147.197.40 | 200 OK | 383 B |
URL GET HTTP/2mail.52jfg.xyz/__UNAM_LIB/unam_lib.js IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
Hash7fa82422409fedd9fbc1d63b3de7e75a 1be72e17ed2e99222f4afb820dd3fac010601fc0 c9636b6900533ccd3ba88d5337207a5f5aa31d1dc3222dce0e8d7c71af7400a7
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /__UNAM_LIB/unam_lib.js HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 15:35:46 GMT
content-type: application/javascript
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 48186
content-length: 383
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/select2/select2.min.js | 45.147.197.40 | 200 OK | 20 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/select2/select2.min.js IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64131) Hash0f64f3a3a0c620a6756d36abaff1b4a6 4738d7f9885db2cb9370766974c8f6b22e9ec29d 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/select2/select2.min.js HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 15:35:45 GMT
content-type: application/javascript
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:35 GMT
content-encoding: gzip
age: 48187
content-length: 19904
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/jquery/jquery-3.7.1.min.js | 45.147.197.40 | 200 OK | 30 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/jquery/jquery-3.7.1.min.js IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/jquery/jquery-3.7.1.min.js HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 15:35:46 GMT
content-type: application/javascript
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:34 GMT
content-encoding: gzip
age: 48186
content-length: 30413
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/fonts/sourcesanspro-regular-webfont.woff2 | 45.147.197.40 | 200 OK | 20 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/fonts/sourcesanspro-regular-webfont.woff2 IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20540, version 2.2949 Hashd67b548b833d70dda3779916f5415e7e f1d3b0c478384a35f0766d9d1839aea81a164b3f 8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/fonts/sourcesanspro-regular-webfont.woff2 HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mail.52jfg.xyz/assets/css/custom.css
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 15:46:27 GMT
content-type: font/woff2
content-length: 20540
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:26 GMT
accept-ranges: bytes
age: 47545
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 | 45.147.197.40 | 200 OK | 78 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mail.52jfg.xyz/assets/modules/fontawesome-free/css/solid.min.css
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 15:46:27 GMT
content-type: font/woff2
content-length: 78196
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:37 GMT
accept-ranges: bytes
age: 47545
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/img/favicon.png | 45.147.197.40 | 200 OK | 1.8 kB |
URL GET HTTP/2mail.52jfg.xyz/assets/img/favicon.png IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typePNG image data, 120 x 120, 8-bit colormap, non-interlaced Hash596af1ae4b10854e334121133691325b ccbaa5ee0def372ae2d791e7c0666e5777c75198 576d5210ef7bd676fff12be80fd61b793c5acdc618b4734f2da4cd638966e496
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/favicon.png HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:33 GMT
content-type: image/png
content-length: 1846
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:27 GMT
accept-ranges: bytes
age: 51799
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/pages/login.php | 45.147.197.40 | 200 OK | 3.4 kB |
URL User Request GET HTTP/2mail.52jfg.xyz/pages/login.php IP45.147.197.40:443
CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
File typeHTML document, ASCII text, with very long lines (3616), with no line terminators Hash3b4165fe3bc13c57b2028b8e55f67366 fb3cf7d982bf58f70df318159172508fc93cf969 24a1246a932e10a8c1a0badb1fd6104de1d7bc8c19cab31502bb3e9f64d0e5af
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /pages/login.php HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 04:58:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.2.18
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'nonce-zOkmQzUbjHlRLJmKzL14Ig=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';
feature-policy: geolocation 'none'; microphone 'none'; camera 'none'
permissions-policy: geolocation=(), microphone=(), camera=()
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: DENY
cross-origin-resource-policy: same-origin
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mail.52jfg.xyz/assets/css/adminlte.min.css | 45.147.197.40 | 200 OK | 1.4 MB |
URL GET HTTP/2mail.52jfg.xyz/assets/css/adminlte.min.css IP45.147.197.40:443
Requested byhttps://mail.52jfg.xyz/pages/login.php CertificateIssuerLet's Encrypt Subjectmail.52jfg.xyz FingerprintF4:31:9E:F7:03:E7:5D:3A:86:60:F4:ED:65:BE:29:B5:C7:64:09:46 ValidityMon, 06 May 2024 13:23:29 GMT - Sun, 04 Aug 2024 13:23:28 GMT
Size1.4 MB (1382975 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | malware | Malware - Botnet panel | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/adminlte.min.css HTTP/1.1
Host: mail.52jfg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=0lcPwisn0DeIRXXyJdH9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Mon, 06 May 2024 14:35:27 GMT
content-type: text/css
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
last-modified: Wed, 06 Mar 2024 11:01:26 GMT
content-encoding: br
age: 51805
content-length: 104905
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|