sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
92.204.216.120200 OK 21 kB URL User Request GET HTTP/1.1 sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
IP 92.204.216.120:80
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11132)
Hash d3acd1068a4263f2b41a17abebb80d93
a8e3bbff8806a104f5b2c800cc7f0e00ed1467b0
e8bb8364120a10496ed0b15af42515d401c8a78c95036e41f4d78a0eaa50a7e6
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
GET /~dash007/de.html HTTP/1.1
Host: sxb1plvwcpnl499274.prod.sxb1.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 19 Apr 2023 16:53:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 18 Apr 2023 18:17:49 GMT
ETag: "1c1a02-1db44-5f9a0532b8d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20556
Keep-Alive: timeout=5
Content-Type: text/html
code.jquery.com/jquery-3.4.1.min.js
69.16.175.42200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.42:443
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 19 Apr 2023 16:53:44 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1681923224.dop213.sk1.t,1681923224.cds252.sk1.hn,1681923224.cds201.sk1.c
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/img/350edc0d04792de6a889b333cb453642.png
147.50.231.65200 OK 16 kB URL GET HTTP/2 farmchokchai.com/home/mein/img/350edc0d04792de6a889b333cb453642.png
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2021:08:17 16:01:37], baseline, precision 8, 120x90, components 3\012- data
Hash a2a4aaf492b0448eacd7d42d0f7d4e97
970a6523ab4099a928d4a9a743855a808f88a8c3
6c4b3a8937d0d4afc92802590264f8d3dc614b97beeecae5ce7657862aa45ce9
GET /home/mein/img/350edc0d04792de6a889b333cb453642.png HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: image/png
content-length: 15756
last-modified: Tue, 18 Apr 2023 22:11:56 GMT
etag: "643f15ac-3d8c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/img/favicon.ico
147.50.231.65200 OK 242 kB URL GET HTTP/2 farmchokchai.com/home/mein/img/favicon.ico
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type MS Windows icon resource - 5 icons, -64x-64, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 242 kB (242142 bytes)
Hash b35d0dda49783541abcaab8f61083b76
af5c9c13f5c9de59ecfd9ad98b6f680c2114b438
b3e982ffba0784b0d1cc5541ce7f272b4a8a6540baab2a29880fb9295e6c741d
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /home/mein/img/favicon.ico HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: image/vnd.microsoft.icon
content-length: 242142
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: "63549ee6-3b1de"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1
147.50.231.65200 OK 48 kB URL GET HTTP/2 farmchokchai.com/home/mein/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type ASCII text, with very long lines (27038)
Hash de0cf97ec2768d58fe2b00be0117bb80
b3469cd96444b27176e75492a08737c49eabe055
a8dbada555c2f0c95845facbed7db4ec0b258507e68c1f7a6bf792112465eacf
GET /home/mein/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1 HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-3b4fb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/ip.php?messi
147.50.231.65200 OK 73 B URL GET HTTP/2 farmchokchai.com/home/mein/ip.php?messi
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash bd8a7e3ec3cf25c8e371ab87e5956dd6
a1468badc85e0d09c81801f6a9fef96e94b9ee52
67fbc3be27b8157968ec9bec6a2d1331af6d3ad66789b2f89bf965b24629d1da
GET /home/mein/ip.php?messi HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: application/json
cache-control: no-cache, must-revalidate
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/img/170407_1024x1024_Logo_Banking_App.png
147.50.231.65200 OK 9.1 kB URL GET HTTP/2 farmchokchai.com/home/mein/img/170407_1024x1024_Logo_Banking_App.png
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Hash 46fd8bc6e78fc8d4a40345174a261b91
3592e37d910a1be4dceedffb98c6694e6e79eb6d
b9c750ea19b6182aa8ec5272465dd30ad7785eb8af8e76d3338a50845d6fe0ec
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /home/mein/img/170407_1024x1024_Logo_Banking_App.png HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: image/png
content-length: 9134
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: "63549ee6-23ae"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/dkb_responsive.min.css
147.50.231.65200 OK 616 kB URL GET HTTP/2 farmchokchai.com/home/mein/dkb_responsive.min.css
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 616 kB (615615 bytes)
Hash 5e13596cf656659505d0c1acb21c1183
5fc1ca9da89d0a655e6f39bbf2c4793d8c0b9da1
525c29e5bf1712a70c61d6f914c770432c8bbb72f0cd22eac71968f48b974181
GET /home/mein/dkb_responsive.min.css HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-964bf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/dkb-global-print.css
147.50.231.65200 OK 226 kB URL GET HTTP/2 farmchokchai.com/home/mein/dkb-global-print.css
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type ASCII text, with very long lines (10023)
Size 226 kB (226388 bytes)
Hash cbf8ce3883b33b865b46be95460d455a
95bfb8756f8f0744e469dac6160972513631d43f
06f7edf3277d44924c26cdb4f3a9a5bdff10471b49b886a34a1544fa37a2a40d
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /home/mein/dkb-global-print.css HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:46 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-37454"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
farmchokchai.com/home/mein/js/jquery.ccs.js
147.50.231.65200 OK 8.6 kB URL GET HTTP/2 farmchokchai.com/home/mein/js/jquery.ccs.js
IP 147.50.231.65:443
ASN #9891 CS LOXINFO Public Company Limited.
Requested by http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/~dash007/de.html
Certificate IssuerLet's Encrypt
Subjectfarmchokchai.com
Fingerprint72:5F:5C:E7:D7:11:14:79:AB:84:22:51:24:9C:3F:79:34:B8:B0:AC
ValidityTue, 28 Mar 2023 16:45:17 GMT - Mon, 26 Jun 2023 16:45:16 GMT
File type ASCII text, with very long lines (8941), with no line terminators
Hash a973db49d8674338f96462ad0da470ee
a56d8a2dbab4c11394173023fd1c81b7c430291b
27bf1bd7d4c769550726c1bbb6a1bba2e2870cc02d82482b5fd2985b23daf201
GET /home/mein/js/jquery.ccs.js HTTP/1.1
Host: farmchokchai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sxb1plvwcpnl499274.prod.sxb1.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 19 Apr 2023 16:53:45 GMT
content-type: application/javascript
last-modified: Sun, 23 Oct 2022 01:54:46 GMT
etag: W/"63549ee6-21b1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2