| ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/login.php?user=true | 91.215.85.79 | 200 OK | 9.5 kB |
URL User Request GET HTTP/2ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/login.php?user=true IP91.215.85.79:443
CertificateIssuerLet's Encrypt Subjectptsb-open24help.com Fingerprint58:05:08:36:B8:E4:BE:94:AC:C6:17:56:4F:10:DD:AD:D8:64:63:57 ValiditySat, 20 Apr 2024 17:54:03 GMT - Fri, 19 Jul 2024 17:54:02 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4215) Hash4a002ba988ac752ac68c7e09249d6a09 b64848e1523158682c48a01eadd9610d9a9c2ce2 72af4eca633c2861a5fd794bd1336a79da65294976740b34f422ba77a37e7b82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c9913e9902759477d84f2156d4be4124/login.php?user=true HTTP/1.1
Host: ptsb-open24help.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
set-cookie: PHPSESSID=02d8ab4c6cb54d20673abbaadd9884f3; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 9501
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 14:27:39 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
| ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/partial/css/a.css | 91.215.85.79 | 200 OK | 891 kB |
URL GET HTTP/3ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/partial/css/a.css IP91.215.85.79:443
Requested byhttps://ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/login.php?user=true CertificateIssuerLet's Encrypt Subjectptsb-open24help.com Fingerprint58:05:08:36:B8:E4:BE:94:AC:C6:17:56:4F:10:DD:AD:D8:64:63:57 ValiditySat, 20 Apr 2024 17:54:03 GMT - Fri, 19 Jul 2024 17:54:02 GMT
File typeASCII text, with very long lines (65528) Size891 kB (891155 bytes) Hash9f3ad0d44c5bfae994a49b47adcb0497 e2291c59b2677a17d5ceb40c3ace36b21ea7f28f 5e4a667dca6a455b0ea4cf6cff7673805d3d79f3c2438cc0ef3b72d460fee016
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing | Quad9 DNS | malicious | Sinkholed |
GET /c9913e9902759477d84f2156d4be4124/partial/css/a.css HTTP/1.1
Host: ptsb-open24help.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/login.php?user=true
Cookie: PHPSESSID=02d8ab4c6cb54d20673abbaadd9884f3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 14:27:39 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 19:06:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 891155
date: Wed, 24 Apr 2024 14:27:39 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
| ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/partial/js/jquery.js | 91.215.85.79 | 200 OK | 76 kB |
URL GET HTTP/3ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/partial/js/jquery.js IP91.215.85.79:443
Requested byhttps://ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/login.php?user=true CertificateIssuerLet's Encrypt Subjectptsb-open24help.com Fingerprint58:05:08:36:B8:E4:BE:94:AC:C6:17:56:4F:10:DD:AD:D8:64:63:57 ValiditySat, 20 Apr 2024 17:54:03 GMT - Fri, 19 Jul 2024 17:54:02 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash3f24e8505d471bd934a5a68b86971580 876bd436d3b3c1436a8ac17a654e38d062acf45e 4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing | Quad9 DNS | malicious | Sinkholed |
GET /c9913e9902759477d84f2156d4be4124/partial/js/jquery.js HTTP/1.1
Host: ptsb-open24help.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptsb-open24help.com/c9913e9902759477d84f2156d4be4124/login.php?user=true
Cookie: PHPSESSID=02d8ab4c6cb54d20673abbaadd9884f3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript
last-modified: Sat, 20 Apr 2024 19:06:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 76354
date: Wed, 24 Apr 2024 14:27:39 GMT
|