Report - layyan4n-bantu4n.djcle.com/

Report Overview

Submitted URL
layyan4n-bantu4n.djcle.com/
IP
172.67.157.236
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 05:24:08
Access
public
Website Title
DANA - Apa pun transaksinya selalu ada DANA
Final URL
layyan4n-bantu4n.djcle.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-03-28	420 B	32 kB	151.101.2.137
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-29	471 B	50 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-29	567 B	49 kB	216.58.207.227
layyan4n-bantu4n.djcle.com	unknown	2023-09-06	2024-03-02	2024-03-04	7.5 kB	205 kB	172.67.157.236

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA
2024-03-28	medium	layyan4n-bantu4n.djcle.com/	DANA

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
layyan4n-bantu4n.djcle.com/ast/img/hero.png
IP
172.67.157.236
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
43 kB (43109 bytes)
Hash
4126c0393b3b7dfa2800095ce6ecf338
811d0a98523b12c1fa6255aa87b4d2101dab1020
f7d0665dea209eb1d41d46f66b7c2106f9e2f129178e530dfe258965c6d885d1

Archive (1)

Modified	Filename	Size	Md5	File type
2023-06-12 16:28	Screenshot_20230612-162641-removebg-preview~2.png	43 kB	a2fe81573586ae2ff99e0096c6c79ed9	PNG image data, 335 x 298, 8-bit/color RGB, non-interlaced

JavaScript (13)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-29
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-29 02:07:15 Times Seen140052 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	layyan4n-bantu4n.djcle.com/	135 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen704 Hash 8135d55bdb3fdd9003e5226986c539f4 17796aff7fea44999042478f0340bdc87776acab 0c472d92c58eac469153a6fa27f2fb758ae436804afed1b0689bd9e33c15a0eb Loading...

	layyan4n-bantu4n.djcle.com/	66 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen693 Hash b7ec93a09110dfd8bb76196fe658a2ca fa0e9eecd598aa16a419e4e799c4694469ecf9f3 5ef8108dc8ed8de6d3ce2b0a190bcde518ac3f55143f767074e421359a2ee58a Loading...

	layyan4n-bantu4n.djcle.com/	214 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen681 Hash d5d8d7e5364c28cf2a6bdb2d1b533425 38c68da0d60983a3f9fa085872d27ad97f5707d0 73e91b6f1b1b5cf60d3701b6e287a052b09787492ee66fd00288d6d29c5b1f75 Loading...

	layyan4n-bantu4n.djcle.com/	690 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen690 Hash 37b6cc906dee95ba31d6dc3561093274 cf09a304a41aafdb080861bc47d37f346def78d4 f2e9070c480bcec6af473420c44054580f46caddad6daed002db97fe1790daac Loading...

	layyan4n-bantu4n.djcle.com/	689 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen704 Hash b05c8bd1528cb5466392fb8d88178905 84590a391d262608fef98d82cc37bc399c656c6a c5ed1f676d19f816f1f227611469605003b0e57edc27aaf55f51a654aa6134e2 Loading...

	layyan4n-bantu4n.djcle.com/	429 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen681 Hash 4d1528243a309f4162fe80c2cde9ae93 8f3ed458f48f58e15538686dc001fd0ae8fe2079 917bd4fc4ff0da5f10b0e353b4dc49b8cf8962d64e04c7f8095fa046360a2d40 Loading...

	layyan4n-bantu4n.djcle.com/	357 B	2023-06-29	2024-04-27
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-27 19:23:08 Times Seen187 Hash ae670af07ba3f41b83efee1f7aaec49b 6449c1b351f3ae8ad60dd920f6015f366a232e65 3b412056538c9ca5fbea8ce1fce2d3268214bf0c93af968bcc17b87d6eb4ba00 Loading...

	layyan4n-bantu4n.djcle.com/ast/jquery.mask.min.js	7.9 kB	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ast/jquery.mask.min.js IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:42:12 Times Seen898 Hash 2e961f240d376e0a83c885a07f00762e e9f1d4a792dc3fb06f8d65d68a607738f3b4070c 470a65fdd4c44fa96ef232acb2a308ca73a3f17d6accc399d0c7a28a21d532d9 Loading...

	layyan4n-bantu4n.djcle.com/	278 B	2023-06-29	2024-04-27
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-27 19:23:08 Times Seen187 Hash 98d47023d77791c3fcb4d2d917ceab48 0db967e209ff2a11f3861e8e092548e2dd2bd81e 46ffe8601ef68e12c5909802c82967e3bbea08fc0fb5df8f1885625ead2736a8 Loading...

	layyan4n-bantu4n.djcle.com/	372 B	2023-06-29	2024-04-27
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-27 19:23:08 Times Seen187 Hash b2becc9784c38e2886fbc8c9d838eb76 f829beaac152b27a8f2d1c1d46495a289bc9846f e93ef7b036b54308f1c535df2f7b5d7750ebb892407a4b4aad9540dff35b454f Loading...

	layyan4n-bantu4n.djcle.com/	156 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen690 Hash 00c3ff7222ce30d0151b609ce9b1dd00 28fbd8656f7edc3e6f92e420aa6c8bba22be6049 aaaee6f16237a69ade0d0a8e1246b230292a6eead0155f688c49e8de8b5a35c2 Loading...

	layyan4n-bantu4n.djcle.com/	382 B	2023-06-29	2024-04-28
Pretty URL layyan4n-bantu4n.djcle.com/ IP 172.67.157.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-28 07:39:52 Times Seen697 Hash 7544c9acf4737e54470eb118ba8361a5 6a4d26abaec547bb911dcd1d131505512c3d5dfc 15d88dfd919c1a4ae658e43cfb9c9bc3dc298440028e47b065e43b2218c52f21 Loading...

HTTP Transactions (19)

URL IP Response Size

layyan4n-bantu4n.djcle.com/ast/img/dana_logo.png

172.67.157.236

200 OK

13 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/dana_logo.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 382 x 112, 8-bit/color RGBA, interlaced
Size
13 kB (12786 bytes)
Hash
6fd5a7d18a8f7c04bc5effcdc5235987
c4852c577f44fcdf78fb439a30ea2c6c6983b140
c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/dana_logo.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 12786
last-modified: Mon, 12 Jun 2023 14:22:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hV2Dhr6fz0RotqqsNxxB2kVN8hODjCpdC8P4xOZK8wuWFHn6AOpCaGXeMUZaBp9%2BYsVQZFDMCt8MD7ofAOp2XkFasNSI06ivic6BQXW7AGUie0hBSjSL9Hf5szGThouFMfy0XktXO7nZ1EITnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d88b529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/img/load_spin.png

172.67.157.236

200 OK

5.1 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/load_spin.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 200 x 200, 8-bit gray+alpha, non-interlaced
Size
5.1 kB (5078 bytes)
Hash
e8e4e4432355a07040a7327673850223
b07f6cfaacb6a2093778b08dd8d9b8f7d718c119
50b4bad00572d07c6158459a5cb93b1b3f9bdea95d393aa56970afded2f58913

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/load_spin.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 5078
last-modified: Mon, 12 Jun 2023 14:22:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o35ee4R5ZUeOKwWVYIapqbfNmYaucgxa1eXutwVt6aHZf%2F9ga12z08vncpJfjhPFAXV%2F3LBER%2B0gwaJau9x3WMmd%2BivTvyhQnY3%2BQOniZJW1oZTJr%2BLFjFJk64niyiwQDPOMLgsNxnmbTvKc2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d8fb529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/img/bi.png

172.67.157.236

200 OK

16 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/bi.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 360 x 200, 8-bit/color RGBA, non-interlaced
Size
16 kB (16542 bytes)
Hash
6e77df79b301b9fb95fdf50d66e3ceb7
1c93476fccf582d5ea0fa88ec8b1becc00d9edb5
4262dc8d42209d7e2a597f7f1098880e75ad0f6a53a66da1a7bd094a5f778199

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/bi.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 16542
last-modified: Mon, 12 Jun 2023 14:22:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsAvv5tBKM0T%2Bqr0AYVjK%2BKX37GfhxCyUvZnSJP3Y7t8Bk5qES8gY8xUn3LFXUrICMj%2BznUFQG7Om1GelKkNmpnk94FQbps84EwtZLCBmGWHOaf4Sj66qdct3jcenr%2Bwl2H3rXboKP001aurag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d8bb529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/img/indo.png

172.67.157.236

200 OK

741 B

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/indo.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 80 x 45, 8-bit colormap, non-interlaced
Size
741 B (741 bytes)
Hash
c15c95b8db17f44e5826bb7839278578
5be0ab5aba6201a0a3a3423f9db8008ed2385430
af52bfb0ab7606d185db1457ddc3edceb61c7fe9675e099cae3e3be1eccf152c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/indo.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 741
last-modified: Mon, 12 Jun 2023 14:23:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFz96w89OBCrmBQz4M%2FBP6EOB005MRo95Qaldm8jtXDDOSFASknsRB6rw8i1kk289Msz1iypfQbX2fklS8qkM6H2QxCAHtlrONkENDBN9zJEereG66WGp6Eh9daFUChWKBXm3NHJwUGSU8%2BnVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df42d90b529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/img/hero.png

172.67.157.236

200 OK

43 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/hero.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
43 kB (43109 bytes)
Hash
4126c0393b3b7dfa2800095ce6ecf338
811d0a98523b12c1fa6255aa87b4d2101dab1020
f7d0665dea209eb1d41d46f66b7c2106f9e2f129178e530dfe258965c6d885d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/hero.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 43109
last-modified: Mon, 12 Jun 2023 14:29:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMi6FupCEv7olRZyGqPMMHuHjzPnuUPcczu9MQpXMmp2lkRqq79FgVB%2Bv0HbvBEXTphgQzIdGJtKxawiaMt%2Fpi7XFOa6%2B%2Bty8kWHZDguLIRiMLnIjDg3fflC8LovJKl0Mj0MW4M%2FrePgRbadgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d89b529-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-3.5.1.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 29 Mar 2024 05:23:43 GMT
age: 1646665
x-served-by: cache-lga21981-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 220774
x-timer: S1711689823.450622,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

layyan4n-bantu4n.djcle.com/ast/8d62ea654fcf0e4cae001e344ee2592c.css

172.67.157.236

200 OK

1.5 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/8d62ea654fcf0e4cae001e344ee2592c.css
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
ASCII text, with very long lines (3850), with no line terminators
Size
1.5 kB (1520 bytes)
Hash
6a47026eae042cc9152e2ba28cae1688
11f91794ddadcd088a8e78720abd5cce59700198
a2a6e6317012a338c0dc67124f68f969166edc9f7c3f75d54ff48942d785e709

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/8d62ea654fcf0e4cae001e344ee2592c.css HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 14:19:40 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXgGEatvPVCyu8QLA7wkvfg%2FbLVBWjiAZ0%2F4CoUkiXOVBwD6xHJLD%2FGW%2Fc7s2yITxLwVZvq3NY07HEH9ASAsb%2FHd%2Bgh%2FVEt5E2x%2FugwQMuueMKufP3j13EvHCvCCfW%2FmOmpfrSFLOfqJSDIu2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df40d7eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

142.250.74.106

200 OK

50 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
gzip compressed data, max compression
Size
50 kB (49919 bytes)
Hash
930fa007c079ce204769d4861673a52e
1663a6c791f1a59a229d53615be16f24ae7d636f
356c6739029d6066b69383dfad694d37e72b911784fa5ca25d1a452046a5a7d2

HTTP Headers

GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 05:23:43 GMT
date: Fri, 29 Mar 2024 05:23:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

layyan4n-bantu4n.djcle.com/ast/img/load_bg.png

172.67.157.236

200 OK

7.9 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/load_bg.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced
Size
7.9 kB (7863 bytes)
Hash
bf1d4a90de7e29b2be55237982cb30b4
ef942049631b598767fda52d54458b9f9680ee87
46518758f002d85cff9220609163f23b7e9f8f2721561d1e0ba79c4f17425c58

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/load_bg.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 7863
last-modified: Mon, 12 Jun 2023 14:23:04 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKfIq5c%2FTN8t8RnF%2BDbHmQsD%2Fki2FBN3318s4PbDPo4nMbVXheE477tqX2ioNdzB4zcCK8BI5wj5Bc0ktyykPesAp41cq8ALdR4gdgaKyjOvoV6fR%2FPpjq%2BDaKcmGE5h6Eyp4QnQkG14qizpaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d8eb529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/img/dana_text.png

172.67.157.236

200 OK

11 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/dana_text.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 480 x 118, 8-bit/color RGBA, non-interlaced
Size
11 kB (10588 bytes)
Hash
3dc459976e4f7086419105435a80fc25
4a79a70ae98be7b6386ddde8609d83eee4777373
8af7f1691e018bfc400432dfc61455f26f63226ab369e675c80cef5a93334e87

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/dana_text.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: image/png
content-length: 10588
last-modified: Mon, 12 Jun 2023 14:22:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1d6CKT4cw9NTN7hpto2gLUhKVTuvHwjBdJ4brRPsyCrkyWNVv3g9wMRHOVn95aBSwNEWtEBVULJNRo4iGO3hIIGXoTaWw5mEE77YxIimf3%2BLIjGXpq1kh2QWzO%2B5GLkZdxAZHt%2FOnkw%2FvCQPzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d8ab529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/3fadc676582b9542004b502ee03df3a3.css

172.67.157.236

200 OK

7.4 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/3fadc676582b9542004b502ee03df3a3.css
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
ASCII text, with very long lines (1561), with no line terminators
Size
7.4 kB (7372 bytes)
Hash
553a4feacebe4a339e3f83b082684ff8
7334803536f6429c43ad344da92e22414e5882c2
94e570a73c7171a271962b2c59739196b2101bba6ce3257e1e60743013cdaf32

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/3fadc676582b9542004b502ee03df3a3.css HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 14:18:54 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpMpSCS2hzc0FZEU%2F3W%2Bp%2BMkgdmYwv%2BH9IMYp20yB4J01%2BtMPmhIXyR%2FSPE4CfV2TtUL18aqQ%2Bwy78gVzIoy2Ic%2F1WTLasz6v7kCOmQ%2BnX6R82THmz2tk2yhwAg5th%2FsaJNm03GgjrxjDjkE8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d84b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/47e4c58f6b9789b8a33f2525cf084599.css

172.67.157.236

200 OK

12 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/47e4c58f6b9789b8a33f2525cf084599.css
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
ASCII text, with very long lines (790), with no line terminators
Size
12 kB (12424 bytes)
Hash
8308d2ea1d6ea02c0cb00f298799633e
6deedbf3eea7d45bd140179d681c8f78613073d6
fe9df1a47b206f90c0f6a9bd88239d8eb22313978376f04d9e3fab4a35317380

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/47e4c58f6b9789b8a33f2525cf084599.css HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 14:20:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6qV%2FdW4rQuSJFKQQo0900EFXosNWS%2BVjGtTKo%2Flv4at8v5fI0%2B345n2Hf%2FOzHq1NR5qpaTJ3At9V%2B2MFgfG3BxszQIpLzibLBvrEvhwsdwZPCzasIZ%2B%2BzjK6sw1T9CxfoD%2Fjc%2FAyg%2FkzSpXdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d87b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/img/kom.png

172.67.157.236

200 OK

8.5 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/img/kom.png
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8484 bytes)
Hash
74adb66e545a68df7e5a0442a02fa8e7
a1692d3bfbde3c0cb3a8bc9b9b1fb2de4d570e85
4285db40c51cc53230cab0490df40566e285b48fb2b2e4729b42ff2a26c74480

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/kom.png HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:44 GMT
content-type: image/png
content-length: 8484
last-modified: Mon, 12 Jun 2023 14:23:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CztNL%2FzOJTexXQgyVR3%2BG3l0PSOs%2Begi8R%2F2MIx9i1oVSW3aAEG7%2BTPJDocrP3nrCLk9d30uHPovzVhAE1WqoY2fYQCd%2BrCcI54%2F283hjCewKUuXQSk%2BabtvvZjLvFrKmrqhkFmthcupYJ9RQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d8db529-OSL
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/00b9d2e9f52e505c013c16bb638a42a4.css

172.67.157.236

200 OK

48 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/00b9d2e9f52e505c013c16bb638a42a4.css
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
ASCII text, with very long lines (666), with no line terminators
Size
48 kB (48490 bytes)
Hash
f04c34e455649c317cbfe449a7c5b10e
07c192cd6c0d6b6a96ddd3fe56ffc5762c2f6eb7
963ee000ea25a124a63e7dd4ded8a9adc4d3501de7d0bf47f78f6fa4bc4ee472

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/00b9d2e9f52e505c013c16bb638a42a4.css HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 14:18:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtqQzhrv%2F8FSgSHMmE2bURp1rAju%2FqX6QSByGpmKH54VSJuAmavUpXe1BTE4BXv0blhXWWTHsw%2BMqNhl5N6rO%2F%2FQyCVDIG%2FSCkf3C0JokYZ1KIY%2BnZlsBtrJVF8oyAXLavhBbRxEDG%2F4%2FYGOvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df40d7fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://layyan4n-bantu4n.djcle.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 96528
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

layyan4n-bantu4n.djcle.com/ast/jquery.mask.min.js

172.67.157.236

200 OK

7.9 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/jquery.mask.min.js
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
JavaScript source, ASCII text, with very long lines (8132), with no line terminators
Size
7.9 kB (7920 bytes)
Hash
c71ebcdd10a5dd93f081dc61e87d6b63
88623481cb90c64c31185ae9325d420aeffdd1e6
d07deaceaefefc6bab3b5d703b361beac52560eb3418a71ae7312e2d873094ba

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/jquery.mask.min.js HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:44 GMT
content-type: text/javascript
last-modified: Mon, 12 Jun 2023 14:21:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBKCCoroBXBbBJtJOS2Y0aPFkzEETIR6gZVjAjwn%2B%2BlJcIhST6jEsgXSV%2BhpxhfABL4EhxRLK9UVDoGDdOSkTg2srU6JfkbSuRVbDlMEUMGC3dY0CxeNobMhpEV8Hxh%2FXyChwtOltSS9paKWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df42d92b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/ast/6990a7033bbaeadc2040ac863ff124fd.css

172.67.157.236

200 OK

1.3 kB

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/ast/6990a7033bbaeadc2040ac863ff124fd.css
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
ASCII text, with very long lines (1255), with no line terminators
Size
1.3 kB (1255 bytes)
Hash
7420333c4f6ef8b075a0f757b2af4f20
0e6836ef790baabf62aa0df5f33c8b3e8450295a
55c79193a97d40e41d31c65be9722e008c40ee3b3404d7c59dd75114b5986202

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/6990a7033bbaeadc2040ac863ff124fd.css HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 14:21:02 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYc2qedU36K1u%2FyPr%2FqeUKsjnFjz9WrylY2wjU5WzTiu4UBVToqly6O61PEDxl4suLFbFaz5rafceNjxyYq4%2BYzct4bplj3Jt0Il0DplN3%2B22ynjH1LVNdu5a%2B91rPOyCxwxGQtHjHt2HMHbpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6df41d80b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/favicon.ico

172.67.157.236

404 Not Found

315 B

URL GET HTTP/3
layyan4n-bantu4n.djcle.com/favicon.ico
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://layyan4n-bantu4n.djcle.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://layyan4n-bantu4n.djcle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 05:23:46 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oO7OwJ1uLEcRvPPXhReSzTHYTQrMNxGXbGx%2F63mXNHUAE8xQxmcus26OJrIPfllajai1EKbW7jQUm%2FE9e4ogOlnTsWFWm88pckA0g1Rm4aZ0VKiPSfbD2LHRloaMwR%2BUMzSxPxpuTToRRZ2N9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd6dfe09b5b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

layyan4n-bantu4n.djcle.com/

172.67.157.236

200 OK

9.8 kB

URL User Request GET HTTP/2
layyan4n-bantu4n.djcle.com/
IP
172.67.157.236:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdjcle.com
Fingerprint59:28:DB:6C:FE:72:BA:83:2A:A0:61:CA:0A:14:5B:78:1A:67:D9:C4
ValidityFri, 01 Mar 2024 22:32:21 GMT - Thu, 30 May 2024 22:32:20 GMT

File type
HTML document, ASCII text, with very long lines (10254), with no line terminators
Size
9.8 kB (9798 bytes)
Hash
6edeced07a156f5b88ee29d91730b5fb
12a3dbc33d02afbaac26aaa28c43278c0a255237
2f46d31297415f893339689ebf6fb5eab9431bd789f90ad2dc8a0764ad4ecce2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET / HTTP/1.1
Host: layyan4n-bantu4n.djcle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:23:43 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1g49nKwP1FlvwKv5NeZDGOG5iYsZPQ4T7nHADPYIjCLiH2qhx6ACvW5RfC4aERZR44%2FImVWOZ3m79TaapDjZc6RGXFNyx00T6XVv7dqeHm2dJZFQ3u%2FK1bdCIQBxQYz%2B0aPruTpJuHZ%2Bg6yNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd6df28805712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (1)

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by