Report - higjjj.ltd/

Report Overview

Submitted URL
higjjj.ltd/
IP
47.243.47.203
ASN
#45102 Alibaba US Technology Co., Ltd.
Submitted
2024-05-10 04:56:14
Access
public
Website Title
Roundcube Webmail :: 欢迎使用 Roundcube Webmail
Final URL
higjjj.ltd/mail/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
higjjj.ltd	unknown	2021-06-28	2022-08-30	2024-01-19	7.7 kB	1.2 MB	47.243.47.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-01	medium	higjjj.ltd/mail/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.
2024-04-06	medium	higjjj.ltd/	PayPal Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	higjjj.ltd/mail/skins/elastic/ui.min.js?s=1604826089	60 kB	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/skins/elastic/ui.min.js?s=1604826089 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-05-20 10:49:52 Times Seen135 Hash ed8f1b2feecfe213230d84f5415cde21 99359abc4e7d9ae6c755d496b0278e5b20a08335 946b68ba501a99378a0f240b3fbd5e8eb78346fc2013981ca26e51e80f90700f Loading...

	higjjj.ltd/mail/program/js/jstz.min.js?s=1604825989	14 kB	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/program/js/jstz.min.js?s=1604825989 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-05-20 10:49:52 Times Seen634 Hash b5ee3ce2023c717fff34cfe5d3b82599 36f532887c2bf6bc7bdd06e68e96eafe2051a5f7 716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a Loading...

	higjjj.ltd/mail/program/js/common.min.js?s=1604825971	13 kB	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/program/js/common.min.js?s=1604825971 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-05-20 10:49:52 Times Seen200 Hash a2fcf18b8b93b2acca79230ccf53c80c a5efb30a6cd0cce7f94d0a73f3a5d2b558e34e61 6001e5503f42285de39e5ef3e276eec34a9fe1e71d3160a5aacb7b6516bee642 Loading...

	higjjj.ltd/mail/program/js/app.min.js?s=1604825966	172 kB	2023-03-08	2024-05-20
Pretty URL higjjj.ltd/mail/program/js/app.min.js?s=1604825966 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:57:30 Last Seen2024-05-20 10:49:52 Times Seen91 Hash 8d89f36fa43e867f56d0c0b980784750 0b400631add9a862e2bcacf8e87d37510be7c268 efb8f29e934cd9b7b4848ef44e503f74fcfa7f3c4655b526a71bbd4e0628da5f Loading...

	higjjj.ltd/mail/	0 B	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/ IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 19:12:51 Times Seen37888379 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	higjjj.ltd/mail/plugins/jqueryui/js/jquery-ui.min.js?s=1604825877	260 kB	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/plugins/jqueryui/js/jquery-ui.min.js?s=1604825877 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:24 Last Seen2024-05-20 10:49:52 Times Seen942 Hash fb752c6ba6b88ffa885f1d2a6492ef58 e20616dd323e0313e75de00ac055b7d249cb9056 59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834 Loading...

	higjjj.ltd/mail/plugins/jqueryui/js/i18n/jquery.ui.datepicker-zh-CN.js?s=1604825875	1.1 kB	2023-03-08	2024-05-20
Pretty URL higjjj.ltd/mail/plugins/jqueryui/js/i18n/jquery.ui.datepicker-zh-CN.js?s=1604825875 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:57:30 Last Seen2024-05-20 10:49:52 Times Seen103 Hash 49fb41cda92ba68fb0df8a37183c119b c6b75b9b5077a95cdf9d6c52cc089d83283af3fd 4bd30c0c38247e7c91a055cb32ee02b5acdaaf5d289363ebd9038289a6db50e3 Loading...

	higjjj.ltd/mail/	0 B	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/ IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 19:12:51 Times Seen37888379 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	higjjj.ltd/mail/skins/elastic/deps/bootstrap.bundle.min.js?s=1604826086	79 kB	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/skins/elastic/deps/bootstrap.bundle.min.js?s=1604826086 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:50 Last Seen2024-05-20 10:49:52 Times Seen461 Hash a187431872552aacc1d4df6a65638f6a b61a4dc554a133bc455c09713a464ffea357643f 3e735a9880bf0bf27c32641063cccc60d93c53a7a77306dd6221f3db3c57ea20 Loading...

	higjjj.ltd/mail/program/js/jquery.min.js?s=1604825967	90 kB	2023-03-07	2024-05-20
Pretty URL higjjj.ltd/mail/program/js/jquery.min.js?s=1604825967 IP 47.243.47.203 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-05-20 10:49:52 Times Seen497 Hash 80d6b39faaf27486264ff13531191401 03e255f1f19107a46b09da332347baa25231fc22 542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f Loading...

	unknown	113 B	2023-04-13	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 01:54:41 Last Seen2024-05-20 10:49:52 Times Seen475 Hash a7bf779bf1b210137b4e2e88f6222593 b851692bb37b698d14b0f707f17d672bc31c5f5b e8e2b385faf716c54f60ce4f50d4526026c1565675a64d46a89395221f5b1b9b Loading...

HTTP Transactions (18)

URL IP Response Size

higjjj.ltd/

47.243.47.203

169 B

URL User Request GET
higjjj.ltd/
IP
47.243.47.203:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET / HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:49 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: http://higjjj.ltd/mail/

higjjj.ltd/mail/

47.243.47.203

200 OK

5.3 kB

URL User Request GET HTTP/1.1
higjjj.ltd/mail/
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (558)
Size
5.3 kB (5346 bytes)
Hash
928873ba68f704edb11ebab6fbf6809a
511034c09d77f5c3bc4c5c2ca55be3a860b1f3e8
ee294196a89c69ef4ce9d167ed1631252187948d139a8db139e3350c778eb90e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/ HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Set-Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj; path=/; HttpOnly
Expires: Fri, 10 May 2024 04:55:51 GMT
Last-Modified: Fri, 10 May 2024 04:55:51 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: sameorigin
Content-Language: zh

higjjj.ltd/mail/program/js/common.min.js?s=1604825971

47.243.47.203

200 OK

13 kB

URL GET HTTP/1.1
higjjj.ltd/mail/program/js/common.min.js?s=1604825971
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (1379)
Size
13 kB (13186 bytes)
Hash
a2fcf18b8b93b2acca79230ccf53c80c
a5efb30a6cd0cce7f94d0a73f3a5d2b558e34e61
6001e5503f42285de39e5ef3e276eec34a9fe1e71d3160a5aacb7b6516bee642

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/program/js/common.min.js?s=1604825971 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: application/javascript
Content-Length: 13186
Last-Modified: Sun, 08 Nov 2020 08:59:31 GMT
Connection: keep-alive
ETag: "5fa7b373-3382"
Accept-Ranges: bytes

higjjj.ltd/mail/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1604825872

47.243.47.203

200 OK

34 kB

URL GET HTTP/1.1
higjjj.ltd/mail/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1604825872
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
ASCII text, with very long lines (2515)
Size
34 kB (34190 bytes)
Hash
58500b350f9ebfc6a6ddf292859207ad
b87ad65d09c6b423b54b0241afcb628605d1bf58
06bd23ab85e71dcb4aabe629932bb6438fe0819cfd037fd5f53168af71db0c35

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1604825872 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: text/css
Content-Length: 34190
Last-Modified: Sun, 08 Nov 2020 08:57:52 GMT
Connection: keep-alive
ETag: "5fa7b310-858e"
Accept-Ranges: bytes

higjjj.ltd/mail/program/js/jstz.min.js?s=1604825989

47.243.47.203

200 OK

14 kB

URL GET HTTP/1.1
higjjj.ltd/mail/program/js/jstz.min.js?s=1604825989
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (12309)
Size
14 kB (13835 bytes)
Hash
b5ee3ce2023c717fff34cfe5d3b82599
36f532887c2bf6bc7bdd06e68e96eafe2051a5f7
716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a

HTTP Headers

GET /mail/program/js/jstz.min.js?s=1604825989 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:52 GMT
Content-Type: application/javascript
Content-Length: 13835
Last-Modified: Sun, 08 Nov 2020 08:59:49 GMT
Connection: keep-alive
ETag: "5fa7b385-360b"
Accept-Ranges: bytes

higjjj.ltd/mail/plugins/jqueryui/js/i18n/jquery.ui.datepicker-zh-CN.js?s=1604825875

47.243.47.203

200 OK

1.1 kB

URL GET HTTP/1.1
higjjj.ltd/mail/plugins/jqueryui/js/i18n/jquery.ui.datepicker-zh-CN.js?s=1604825875
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.1 kB (1103 bytes)
Hash
49fb41cda92ba68fb0df8a37183c119b
c6b75b9b5077a95cdf9d6c52cc089d83283af3fd
4bd30c0c38247e7c91a055cb32ee02b5acdaaf5d289363ebd9038289a6db50e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/plugins/jqueryui/js/i18n/jquery.ui.datepicker-zh-CN.js?s=1604825875 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:52 GMT
Content-Type: application/javascript
Content-Length: 1103
Last-Modified: Sun, 08 Nov 2020 08:57:55 GMT
Connection: keep-alive
ETag: "5fa7b313-44f"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/styles/styles.css?s=1604826087

47.243.47.203

200 OK

104 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/styles/styles.css?s=1604826087
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (103595 bytes)
Hash
4e7a1a6ae689ee5cc49f8dadce5fb9ff
881bdb0596551eec056525020a0a7afaf550ce7c
7be8adede2f06532bc60694f1a065b6db1d1447951451229cedb9921856025bb

HTTP Headers

GET /mail/skins/elastic/styles/styles.css?s=1604826087 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: text/css
Content-Length: 103595
Last-Modified: Sun, 08 Nov 2020 09:01:27 GMT
Connection: keep-alive
ETag: "5fa7b3e7-194ab"
Accept-Ranges: bytes

higjjj.ltd/mail/program/js/jquery.min.js?s=1604825967

47.243.47.203

200 OK

90 kB

URL GET HTTP/1.1
higjjj.ltd/mail/program/js/jquery.min.js?s=1604825967
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (64001)
Size
90 kB (89595 bytes)
Hash
80d6b39faaf27486264ff13531191401
03e255f1f19107a46b09da332347baa25231fc22
542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/program/js/jquery.min.js?s=1604825967 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: application/javascript
Content-Length: 89595
Last-Modified: Sun, 08 Nov 2020 08:59:27 GMT
Connection: keep-alive
ETag: "5fa7b36f-15dfb"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/deps/bootstrap.min.css?s=1604826085

47.243.47.203

200 OK

156 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/deps/bootstrap.min.css?s=1604826085
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
ASCII text, with very long lines (65324)
Size
156 kB (155713 bytes)
Hash
096fafc23eb84c35bb350d486e215ffc
5bba93b213b9394f7deb540dd62f52a409f94ff6
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/deps/bootstrap.min.css?s=1604826085 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: text/css
Content-Length: 155713
Last-Modified: Sun, 08 Nov 2020 09:01:25 GMT
Connection: keep-alive
ETag: "5fa7b3e5-26041"
Accept-Ranges: bytes

higjjj.ltd/mail/plugins/jqueryui/js/jquery-ui.min.js?s=1604825877

47.243.47.203

200 OK

260 kB

URL GET HTTP/1.1
higjjj.ltd/mail/plugins/jqueryui/js/jquery-ui.min.js?s=1604825877
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (33303)
Size
260 kB (259776 bytes)
Hash
fb752c6ba6b88ffa885f1d2a6492ef58
e20616dd323e0313e75de00ac055b7d249cb9056
59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/plugins/jqueryui/js/jquery-ui.min.js?s=1604825877 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:52 GMT
Content-Type: application/javascript
Content-Length: 259776
Last-Modified: Sun, 08 Nov 2020 08:57:57 GMT
Connection: keep-alive
ETag: "5fa7b315-3f6c0"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/deps/bootstrap.bundle.min.js?s=1604826086

47.243.47.203

200 OK

79 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/deps/bootstrap.bundle.min.js?s=1604826086
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (65297)
Size
79 kB (78587 bytes)
Hash
a187431872552aacc1d4df6a65638f6a
b61a4dc554a133bc455c09713a464ffea357643f
3e735a9880bf0bf27c32641063cccc60d93c53a7a77306dd6221f3db3c57ea20

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/deps/bootstrap.bundle.min.js?s=1604826086 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:52 GMT
Content-Type: application/javascript
Content-Length: 78587
Last-Modified: Sun, 08 Nov 2020 09:01:26 GMT
Connection: keep-alive
ETag: "5fa7b3e6-132fb"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/ui.min.js?s=1604826089

47.243.47.203

200 OK

60 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/ui.min.js?s=1604826089
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (629)
Size
60 kB (60311 bytes)
Hash
ed8f1b2feecfe213230d84f5415cde21
99359abc4e7d9ae6c755d496b0278e5b20a08335
946b68ba501a99378a0f240b3fbd5e8eb78346fc2013981ca26e51e80f90700f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/ui.min.js?s=1604826089 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:54 GMT
Content-Type: application/javascript
Content-Length: 60311
Last-Modified: Sun, 08 Nov 2020 09:01:29 GMT
Connection: keep-alive
ETag: "5fa7b3e9-eb97"
Accept-Ranges: bytes

higjjj.ltd/mail/program/js/app.min.js?s=1604825966

47.243.47.203

200 OK

172 kB

URL GET HTTP/1.1
higjjj.ltd/mail/program/js/app.min.js?s=1604825966
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
JavaScript source, ASCII text, with very long lines (690)
Size
172 kB (172166 bytes)
Hash
8d89f36fa43e867f56d0c0b980784750
0b400631add9a862e2bcacf8e87d37510be7c268
efb8f29e934cd9b7b4848ef44e503f74fcfa7f3c4655b526a71bbd4e0628da5f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/program/js/app.min.js?s=1604825966 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:51 GMT
Content-Type: application/javascript
Content-Length: 172166
Last-Modified: Sun, 08 Nov 2020 08:59:26 GMT
Connection: keep-alive
ETag: "5fa7b36e-2a086"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/images/logo.svg?s=1604826082

47.243.47.203

888 B

URL GET
higjjj.ltd/mail/skins/elastic/images/logo.svg?s=1604826082
IP
47.243.47.203:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
SVG Scalable Vector Graphics image
Size
888 B (888 bytes)
Hash
ddeffd34eae92b1b9b9c636636e4b9c8
19cb881a5d08d31db933da6440595767d0a02d94
2b2d9c7a82f92976268b03e13c61f64ead91a3c63b97c59cef2acbf501f67618

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/images/logo.svg?s=1604826082 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:58 GMT
Content-Type: image/svg+xml
Content-Length: 888
Last-Modified: Sun, 08 Nov 2020 09:01:22 GMT
Connection: keep-alive
ETag: "5fa7b3e2-378"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/fonts/fa-solid-900.woff2

47.243.47.203

200 OK

75 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/fonts/fa-solid-900.woff2
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049
Size
75 kB (75440 bytes)
Hash
b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/fonts/fa-solid-900.woff2 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/skins/elastic/styles/styles.css?s=1604826087
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:58 GMT
Content-Type: font/woff2
Content-Length: 75440
Last-Modified: Sun, 08 Nov 2020 09:01:32 GMT
Connection: keep-alive
ETag: "5fa7b3ec-126b0"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/fonts/roboto-v19-regular.woff2

47.243.47.203

200 OK

51 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/fonts/roboto-v19-regular.woff2
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
Web Open Font Format (Version 2), TrueType, length 51116, version 1.0
Size
51 kB (51116 bytes)
Hash
9549360090baf2eb8b25d3a9708fc19d
3229ae839d33696d39c89dc0d3e193fe985f1da4
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/fonts/roboto-v19-regular.woff2 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/skins/elastic/styles/styles.css?s=1604826087
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:58 GMT
Content-Type: font/woff2
Content-Length: 51116
Last-Modified: Sun, 08 Nov 2020 09:01:33 GMT
Connection: keep-alive
ETag: "5fa7b3ed-c7ac"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/images/favicon.ico?s=1604826082

47.243.47.203

200 OK

2.3 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/images/favicon.ico?s=1604826082
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 16x16, 32 bits/pixel
Size
2.3 kB (2294 bytes)
Hash
f1ac749564d5ba793550ec6bdc472e7c
e7629a6866f78f303da1ce3acc4245931d2d9b58
57cd8ca9ca6e635c103951b8339f8661e3dbc6eded99c082c6ea1df8e866e9e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/images/favicon.ico?s=1604826082 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:59 GMT
Content-Type: image/x-icon
Content-Length: 2294
Last-Modified: Sun, 08 Nov 2020 09:01:22 GMT
Connection: keep-alive
ETag: "5fa7b3e2-8f6"
Accept-Ranges: bytes

higjjj.ltd/mail/skins/elastic/fonts/roboto-v19-regular.woff2

47.243.47.203

200 OK

51 kB

URL GET HTTP/1.1
higjjj.ltd/mail/skins/elastic/fonts/roboto-v19-regular.woff2
IP
47.243.47.203:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://higjjj.ltd/mail/

File type
Web Open Font Format (Version 2), TrueType, length 51116, version 1.0
Size
51 kB (51116 bytes)
Hash
9549360090baf2eb8b25d3a9708fc19d
3229ae839d33696d39c89dc0d3e193fe985f1da4
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /mail/skins/elastic/fonts/roboto-v19-regular.woff2 HTTP/1.1
Host: higjjj.ltd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://higjjj.ltd/mail/skins/elastic/styles/styles.css?s=1604826087
Cookie: roundcube_sessid=mekugilpef81orslomeshel9pj
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 04:55:58 GMT
Content-Type: font/woff2
Content-Length: 51116
Last-Modified: Sun, 08 Nov 2020 09:01:33 GMT
Connection: keep-alive
ETag: "5fa7b3ed-c7ac"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML