Report - klginternationalinc.com/Mortgage/llc/auth/index.php

Report Overview

Submitted URL
klginternationalinc.com/Mortgage/llc/auth/index.php
IP
50.31.160.191
ASN
#23352 SERVERCENTRAL
Submitted
2024-04-17 04:23:48
Access
public
Website Title
Document
Final URL
klginternationalinc.com/Mortgage/llc/auth/index.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
klginternationalinc.com	unknown	2010-06-30	2015-02-10	2023-11-10	2.7 kB	61 kB	50.31.160.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	klginternationalinc.com/Mortgage/llc/auth/index.php	Outlook

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	klginternationalinc.com/Mortgage/llc/auth/assets/js/captcha.js	121 kB	2023-03-07	2024-04-17
Pretty URL klginternationalinc.com/Mortgage/llc/auth/assets/js/captcha.js IP 50.31.160.191 ASN #23352 SERVERCENTRAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:43 Last Seen2024-04-17 06:23:49 Times Seen17 Hash f9b4d1eb62665a905ddbc03aa49f2d86 658667afae7136d83feb4dc42443db7947194b9a 10565764da9848dc9bb77662d6a8658cc96d1933cf671b2f173f75ca128d2948 Loading...

	unknown	129 B	2023-04-18	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 09:20:20 Last Seen2024-04-17 06:23:49 Times Seen23 Hash 58b87f8be6f1c91cb02f8d73f4095744 c15727272a616b5833ec9c5815fe6ccf6cab5144 dea0ab34c9be0e339a72c93cb644669592829fd9a9462b31b5d97671fe9750f1 Loading...

HTTP Transactions (5)

URL IP Response Size

klginternationalinc.com/Mortgage/llc/auth/index.php

50.31.160.191

200 OK

307 B

URL User Request GET HTTP/1.1
klginternationalinc.com/Mortgage/llc/auth/index.php
IP
50.31.160.191:443
ASN
#23352 SERVERCENTRAL

Certificate
IssuerLet's Encrypt
Subject*.klginternationalinc.com
Fingerprint83:00:AC:7A:78:2F:D2:DA:BB:B3:E9:09:ED:FC:2A:96:8D:89:B2:15
ValidityMon, 11 Mar 2024 04:22:09 GMT - Sun, 09 Jun 2024 04:22:08 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
307 B (307 bytes)
Hash
8013749aeb9bd98e50aa2e5e5f9e1ba0
04afb8f89d1db352b662180dbbc06e45755442a6
c33f1d79ff8a5225bb8136d5dc85c3bd138566184a0345b41301f06ff2bbca66

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Outlook

HTTP Headers

GET /Mortgage/llc/auth/index.php HTTP/1.1
Host: klginternationalinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 04:23:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: cazanova=f5755d7fadffd1461b6312e6fbc5ed25ca0fbe2b; expires=Wed, 17-Apr-2024 06:23:22 GMT; Max-Age=7200; path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 307
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

klginternationalinc.com/Mortgage/llc/auth/assets/js/captcha.js

50.31.160.191

200 OK

43 kB

URL GET HTTP/1.1
klginternationalinc.com/Mortgage/llc/auth/assets/js/captcha.js
IP
50.31.160.191:443
ASN
#23352 SERVERCENTRAL

Requested by
https://klginternationalinc.com/Mortgage/llc/auth/index.php
Certificate
IssuerLet's Encrypt
Subject*.klginternationalinc.com
Fingerprint83:00:AC:7A:78:2F:D2:DA:BB:B3:E9:09:ED:FC:2A:96:8D:89:B2:15
ValidityMon, 11 Mar 2024 04:22:09 GMT - Sun, 09 Jun 2024 04:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43145 bytes)
Hash
f9b4d1eb62665a905ddbc03aa49f2d86
658667afae7136d83feb4dc42443db7947194b9a
10565764da9848dc9bb77662d6a8658cc96d1933cf671b2f173f75ca128d2948

HTTP Headers

GET /Mortgage/llc/auth/assets/js/captcha.js HTTP/1.1
Host: klginternationalinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://klginternationalinc.com/Mortgage/llc/auth/index.php
Cookie: cazanova=f5755d7fadffd1461b6312e6fbc5ed25ca0fbe2b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 04:23:22 GMT
Server: Apache
Last-Modified: Thu, 28 Jan 2021 00:33:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43145
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

klginternationalinc.com/Mortgage/llc/auth/images/favicon.ico

50.31.160.191

200 OK

1.3 kB

URL GET HTTP/1.1
klginternationalinc.com/Mortgage/llc/auth/images/favicon.ico
IP
50.31.160.191:443
ASN
#23352 SERVERCENTRAL

Requested by
https://klginternationalinc.com/Mortgage/llc/auth/index.php
Certificate
IssuerLet's Encrypt
Subject*.klginternationalinc.com
Fingerprint83:00:AC:7A:78:2F:D2:DA:BB:B3:E9:09:ED:FC:2A:96:8D:89:B2:15
ValidityMon, 11 Mar 2024 04:22:09 GMT - Sun, 09 Jun 2024 04:22:08 GMT

File type
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Size
1.3 kB (1325 bytes)
Hash
ac16fa7fc862073b02acd1187fc6def4
f2b9a6255f6293000f30eee272abdd372a14e9d3
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45

HTTP Headers

GET /Mortgage/llc/auth/images/favicon.ico HTTP/1.1
Host: klginternationalinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://klginternationalinc.com/Mortgage/llc/auth/index.php
Cookie: cazanova=f5755d7fadffd1461b6312e6fbc5ed25ca0fbe2b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 04:23:22 GMT
Server: Apache
Last-Modified: Sun, 31 Jan 2021 00:48:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1325
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/x-icon

klginternationalinc.com/Mortgage/llc/auth/captcha.png?_1713327807477

50.31.160.191

200 OK

5.6 kB

URL GET HTTP/1.1
klginternationalinc.com/Mortgage/llc/auth/captcha.png?_1713327807477
IP
50.31.160.191:443
ASN
#23352 SERVERCENTRAL

Requested by
https://klginternationalinc.com/Mortgage/llc/auth/index.php
Certificate
IssuerLet's Encrypt
Subject*.klginternationalinc.com
Fingerprint83:00:AC:7A:78:2F:D2:DA:BB:B3:E9:09:ED:FC:2A:96:8D:89:B2:15
ValidityMon, 11 Mar 2024 04:22:09 GMT - Sun, 09 Jun 2024 04:22:08 GMT

File type
PNG image data, 319 x 83, 8-bit/color RGB, non-interlaced
Size
5.6 kB (5633 bytes)
Hash
b2f3428ff7c99d8396f3845db0ad4301
745fc51200d0c4694b6adbff523044233d3dac72
531412d38050e451bde4f4df4dbc56104f6b43d3db627d05315ddc8fad6c28b9

HTTP Headers

GET /Mortgage/llc/auth/captcha.png?_1713327807477 HTTP/1.1
Host: klginternationalinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://klginternationalinc.com/Mortgage/llc/auth/index.php
Cookie: cazanova=f5755d7fadffd1461b6312e6fbc5ed25ca0fbe2b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 04:23:24 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5633
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

klginternationalinc.com/Mortgage/llc/auth/2134651.png

50.31.160.191

200 OK

8.5 kB

URL GET HTTP/1.1
klginternationalinc.com/Mortgage/llc/auth/2134651.png
IP
50.31.160.191:443
ASN
#23352 SERVERCENTRAL

Requested by
https://klginternationalinc.com/Mortgage/llc/auth/index.php
Certificate
IssuerLet's Encrypt
Subject*.klginternationalinc.com
Fingerprint83:00:AC:7A:78:2F:D2:DA:BB:B3:E9:09:ED:FC:2A:96:8D:89:B2:15
ValidityMon, 11 Mar 2024 04:22:09 GMT - Sun, 09 Jun 2024 04:22:08 GMT

File type
PNG image data, 355 x 142, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8515 bytes)
Hash
9a2ae3b67b7001b6bb4bf3e1903b59f2
db0a1994b15e971fcf943d731d5d1bdee9ac7d52
ff2294f85ad59d6d537ba92d2c8054c8f824736f946714688c1f51a6a6577bd3

HTTP Headers

GET /Mortgage/llc/auth/2134651.png HTTP/1.1
Host: klginternationalinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://klginternationalinc.com/Mortgage/llc/auth/index.php
Cookie: cazanova=f5755d7fadffd1461b6312e6fbc5ed25ca0fbe2b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 04:23:25 GMT
Server: Apache
Last-Modified: Sun, 31 Jan 2021 00:32:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8515
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type