Report - sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html

Report Overview

Submitted URL
sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
IP
92.204.216.120
ASN
#21499 Host Europe GmbH
Submitted
2023-04-19 16:53:59
Access
public
Website Title
Final URL
Tags
dkb financial phishing
urlquery detections
Phishing - Deutsche Kreditbank

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sxb1plvwcpnl499274.prod.sxb1.secureserver.net	unknown	2022-12-30	2023-03-25	426 B	21 kB	92.204.216.120
code.jquery.com	634	2012-05-21	2023-04-19	432 B	31 kB	69.16.175.42
farmchokchai.com	unknown	2015-11-01	2023-01-27	3.9 kB	1.2 MB	147.50.231.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-04-19	medium	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html

PhishTank

Scan Date	Severity	Indicator	Alert
2023-04-19	medium	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-19	medium	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html	1.1 kB	2023-04-19	2023-04-19
Pretty URL sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html IP 92.204.216.120 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 18:54:00 Last Seen2023-04-19 18:54:00 Times Seen1 Hash c478d76c99f1fe7f8b905e30e3a092e0 1828ac00811d6c8388ce81b0c753e16c78938c16 cb038d37b9c43dafaad897af352894a331a96024f43ef27d4bc23257ae7943a8 Loading...

	farmchokchai.com/home/mein/js/jquery.ccs.js	8.6 kB	2023-03-07	2024-04-30
Pretty URL farmchokchai.com/home/mein/js/jquery.ccs.js IP 147.50.231.65 ASN #9891 CS LOXINFO Public Company Limited. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:50 Last Seen2024-04-30 19:52:11 Times Seen227 Hash 0bd4315906225c8d21713149d658cdcd e0f1b951f063c962c7736130362c8a2165a5dfce c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079 Loading...

	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html	1.8 kB	2023-03-09	2023-07-04
Pretty URL sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html IP 92.204.216.120 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 06:18:38 Last Seen2023-07-04 13:48:47 Times Seen3 Hash 169412783600ca9f8f889229a53b5613 48ca1b0b42fa217654b647cc6b5c7f028f777c97 eceaff0d896564771c8ad4f3b1d9ff2f0c49e53ce0aafe942e1597586267bc78 Loading...

	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html	18 kB	2023-04-19	2023-07-04
Pretty URL sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html IP 92.204.216.120 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 18:54:00 Last Seen2023-07-04 13:48:47 Times Seen2 Hash 7c7f5ef7921d13a96343005205c749ed 45b86667059f1b4e1f1f9bf80467eaafc072ea33 0f1ce513b388a7447ef6d75713a338d3be4330588d8efe41c89ca0cd33ce437d Loading...

	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html	4.7 kB	2023-04-19	2023-07-04
Pretty URL sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html IP 92.204.216.120 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 18:54:00 Last Seen2023-07-04 13:48:47 Times Seen2 Hash f477c6eacdf4049c365a57de9cd14aef 3f0ece9fbc2c6b9b1176f8ac6891ac154a0f00f0 b1eebc0b34776bee1545a69ae68bbe69771fcb5ec2877cd49a4c2c51e4664664 Loading...

	code.jquery.com/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-05-04
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-04 00:17:37 Times Seen96849 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html	3.2 kB	2023-03-09	2023-04-19
Pretty URL sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html IP 92.204.216.120 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 06:18:38 Last Seen2023-04-19 18:54:00 Times Seen2 Hash 5a2bf69d34dd9de6e655b29aee2e545f e6104c0ff8ad3be0c9d451b32188a00e659fedaf 6b0d0df9caee7fa2dce341151a8cb9ea389cb35bd7638a5b70cb547ce80651e8 Loading...

HTTP Transactions (10)

URL IP Response Size

sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html

92.204.216.120

200 OK

21 kB

URL User Request GET HTTP/1.1
sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
IP
92.204.216.120:80
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11132)
Size
21 kB (20556 bytes)
Hash
d3acd1068a4263f2b41a17abebb80d93
a8e3bbff8806a104f5b2c800cc7f0e00ed1467b0
e8bb8364120a10496ed0b15af42515d401c8a78c95036e41f4d78a0eaa50a7e6

Detections

Analyzer	Verdict	Alert
openphish	Deutsche Kreditbank
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /~dash007/de.html HTTP/1.1
Host: sxb1plvwcpnl499274.prod.sxb1.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 19 Apr 2023 16:53:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 18 Apr 2023 18:17:49 GMT
ETag: "1c1a02-1db44-5f9a0532b8d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20556
Keep-Alive: timeout=5
Content-Type: text/html

code.jquery.com/jquery-3.4.1.min.js

69.16.175.42

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 19 Apr 2023 16:53:44 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1681923224.dop213.sk1.t,1681923224.cds252.sk1.hn,1681923224.cds201.sk1.c
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/img/350edc0d04792de6a889b333cb453642.png

147.50.231.65

200 OK

16 kB

URL GET HTTP/2
farmchokchai.com/home/mein/img/350edc0d04792de6a889b333cb453642.png
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2021:08:17 16:01:37], baseline, precision 8, 120x90, components 3\012- data
Size
16 kB (15756 bytes)
Hash
a2a4aaf492b0448eacd7d42d0f7d4e97
970a6523ab4099a928d4a9a743855a808f88a8c3
6c4b3a8937d0d4afc92802590264f8d3dc614b97beeecae5ce7657862aa45ce9

HTTP Headers

GET /home/mein/img/350edc0d04792de6a889b333cb453642.png HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: image/png
content-length: 15756
last-modified: Tue, 18 Apr 2023 22:11:56 GMT
etag: "643f15ac-3d8c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/img/favicon.ico

147.50.231.65

200 OK

242 kB

URL GET HTTP/2
farmchokchai.com/home/mein/img/favicon.ico
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
MS Windows icon resource - 5 icons, -64x-64, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size
242 kB (242142 bytes)
Hash
b35d0dda49783541abcaab8f61083b76
af5c9c13f5c9de59ecfd9ad98b6f680c2114b438
b3e982ffba0784b0d1cc5541ce7f272b4a8a6540baab2a29880fb9295e6c741d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /home/mein/img/favicon.ico HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: image/vnd.microsoft.icon
content-length: 242142
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: "63549ee6-3b1de"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1

147.50.231.65

200 OK

48 kB

URL GET HTTP/2
farmchokchai.com/home/mein/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
ASCII text, with very long lines (27038)
Size
48 kB (47676 bytes)
Hash
de0cf97ec2768d58fe2b00be0117bb80
b3469cd96444b27176e75492a08737c49eabe055
a8dbada555c2f0c95845facbed7db4ec0b258507e68c1f7a6bf792112465eacf

HTTP Headers

GET /home/mein/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1 HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-3b4fb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/ip.php?messi

147.50.231.65

200 OK

73 B

URL GET HTTP/2
farmchokchai.com/home/mein/ip.php?messi
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
73 B (73 bytes)
Hash
bd8a7e3ec3cf25c8e371ab87e5956dd6
a1468badc85e0d09c81801f6a9fef96e94b9ee52
67fbc3be27b8157968ec9bec6a2d1331af6d3ad66789b2f89bf965b24629d1da

HTTP Headers

GET /home/mein/ip.php?messi HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: application/json
cache-control: no-cache, must-revalidate
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/img/170407_1024x1024_Logo_Banking_App.png

147.50.231.65

200 OK

9.1 kB

URL GET HTTP/2
farmchokchai.com/home/mein/img/170407_1024x1024_Logo_Banking_App.png
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
9.1 kB (9134 bytes)
Hash
46fd8bc6e78fc8d4a40345174a261b91
3592e37d910a1be4dceedffb98c6694e6e79eb6d
b9c750ea19b6182aa8ec5272465dd30ad7785eb8af8e76d3338a50845d6fe0ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /home/mein/img/170407_1024x1024_Logo_Banking_App.png HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: image/png
content-length: 9134
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: "63549ee6-23ae"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/dkb_responsive.min.css

147.50.231.65

200 OK

616 kB

URL GET HTTP/2
farmchokchai.com/home/mein/dkb_responsive.min.css
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
616 kB (615615 bytes)
Hash
5e13596cf656659505d0c1acb21c1183
5fc1ca9da89d0a655e6f39bbf2c4793d8c0b9da1
525c29e5bf1712a70c61d6f914c770432c8bbb72f0cd22eac71968f48b974181

HTTP Headers

GET /home/mein/dkb_responsive.min.css HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-964bf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/dkb-global-print.css

147.50.231.65

200 OK

226 kB

URL GET HTTP/2
farmchokchai.com/home/mein/dkb-global-print.css
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
ASCII text, with very long lines (10023)
Size
226 kB (226388 bytes)
Hash
cbf8ce3883b33b865b46be95460d455a
95bfb8756f8f0744e469dac6160972513631d43f
06f7edf3277d44924c26cdb4f3a9a5bdff10471b49b886a34a1544fa37a2a40d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /home/mein/dkb-global-print.css HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-37454"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

farmchokchai.com/home/mein/js/jquery.ccs.js

147.50.231.65

200 OK

8.6 kB

URL GET HTTP/2
farmchokchai.com/home/mein/js/jquery.ccs.js
IP
147.50.231.65:443
ASN
#9891 CS LOXINFO Public Company Limited.

Requested by
http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate
IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT

File type
ASCII text, with very long lines (8941), with no line terminators
Size
8.6 kB (8625 bytes)
Hash
a973db49d8674338f96462ad0da470ee
a56d8a2dbab4c11394173023fd1c81b7c430291b
27bf1bd7d4c769550726c1bbb6a1bba2e2870cc02d82482b5fd2985b23daf201

HTTP Headers

GET /home/mein/js/jquery.ccs.js HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: application/javascript
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-21b1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL User Request GET HTTP/1.1

IP

ASN

File type