Report - izoa.netsons.org/pages/login.php

Report Overview

Visited public
2025-05-07 09:57:08
Tags
botpanel malware
URL
izoa.netsons.org/pages/login.php
Finishing URL
izoa.netsons.org/pages/login.php
IP / ASN
46.252.158.186
#60087 Netsons s.r.l.
Title
Unam Web Panel — Login
Malware - Botnet panel

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
izoa.netsons.org	unknown	unknown	No data	No data	6.8 kB	1.8 MB	46.252.158.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	izoa.netsons.org/__UNAM_LIB/unam_lib.js	ScriptElement	952 B	2023-03-08	2025-05-09
Pretty URL izoa.netsons.org/__UNAM_LIB/unam_lib.js IP 46.252.158.186 ASN #60087 Netsons s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:22 Last Seen2025-05-09 03:39 Times Seen402 Hash 8c7fb12cb6f7e2df13448f35fcc57fb4 d21730a298168b00466ccf8d73232794c789bc23 203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee Loading...

	izoa.netsons.org/pages/login.php	ScriptElement	601 B	2024-07-07	2025-05-11
Pretty URL izoa.netsons.org/pages/login.php IP 46.252.158.186 ASN #60087 Netsons s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-07 14:40 Last Seen2025-05-11 00:50 Times Seen34 Hash d430c6f87e2da0f07ab7a58bc82b674e 4a7eaf40707470b4efd1878393f3ea5356bffdce b55dc009bd973d6a6d373b4b0e5400dd71a82f8d62e37f8e920b7bac867d473a Loading...

	izoa.netsons.org/assets/modules/jquery/jquery-3.7.1.min.js	ScriptElement	88 kB	2023-08-31	2025-05-12
Pretty URL izoa.netsons.org/assets/modules/jquery/jquery-3.7.1.min.js IP 46.252.158.186 ASN #60087 Netsons s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-05-12 02:27 Times Seen35965 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	izoa.netsons.org/assets/modules/izitoast/iziToast.min.js	ScriptElement	18 kB	2023-03-07	2025-05-10
Pretty URL izoa.netsons.org/assets/modules/izitoast/iziToast.min.js IP 46.252.158.186 ASN #60087 Netsons s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-10 22:43 Times Seen609 Hash df383d4feeb05ea8bfe86a0569ef0524 c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4 df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446 Loading...

	izoa.netsons.org/assets/modules/select2/select2.min.js	ScriptElement	71 kB	2023-03-08	2025-05-09
Pretty URL izoa.netsons.org/assets/modules/select2/select2.min.js IP 46.252.158.186 ASN #60087 Netsons s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:22 Last Seen2025-05-09 03:39 Times Seen362 Hash 37dd3c4be796c3e4d2914e336fc84624 efd00b3c59b9093335cfcc043fa0576587676636 d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772 Loading...

HTTP Transactions (14)

URL IP Response Size

izoa.netsons.org/assets/modules/fontawesome-free/css/fontawesome.min.css

46.252.158.186

200 OK

58 kB

URL GET
izoa.netsons.org/assets/modules/fontawesome-free/css/fontawesome.min.css
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
ASCII text, with very long lines (57726), with CRLF line terminators
Size
58 kB (57916 bytes)
Hash
bb747d04bc4c8aa452bb9bd91ae47935
9039d9584b2e8f55f9da771dcf1b4854b6633e14
e0351876703417eb2a9985cb15ecf9910966d2941e7c61c8f3907a2834c38383

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/fontawesome-free/css/fontawesome.min.css HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12136
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

izoa.netsons.org/assets/modules/select2/select2.min.css

46.252.158.186

200 OK

15 kB

URL GET
izoa.netsons.org/assets/modules/select2/select2.min.css
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
ASCII text, with very long lines (14965), with CRLF line terminators
Size
15 kB (14967 bytes)
Hash
ba5948c0bda0f5f26bd3068ce565deaa
6d28595693ce13f1a79db7d5c73bd82b13cf63b5
c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/select2/select2.min.css HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1803
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/css/adminlte.min.css

46.252.158.186

200 OK

1.4 MB

URL GET
izoa.netsons.org/assets/css/adminlte.min.css
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
ASCII text, with very long lines (65148), with CRLF line terminators
Size
1.4 MB (1382986 bytes)
Hash
efd25adb317155ad5b5e3ab8a9a692dd
db0afb70249f3787a94bd4e97ebda0878191d394
8777aaf5d50b19f517d03349f82ac8634fac8d2d4ef71a715fead6a43435ee25

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/css/adminlte.min.css HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 20 Dec 2022 23:52:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 109769
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/__UNAM_LIB/unam_lib.js

46.252.158.186

200 OK

952 B

URL GET
izoa.netsons.org/__UNAM_LIB/unam_lib.js
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
ASCII text, with CRLF line terminators
Size
952 B (952 bytes)
Hash
8c7fb12cb6f7e2df13448f35fcc57fb4
d21730a298168b00466ccf8d73232794c789bc23
203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /__UNAM_LIB/unam_lib.js HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 349
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/pages/login.php

46.252.158.186

200 OK

3.5 kB

URL User Request GET
izoa.netsons.org/pages/login.php
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
HTML document, ASCII text, with very long lines (324), with CRLF line terminators
Size
3.5 kB (3502 bytes)
Hash
f03053fe46d5fe61179018214b7cdfcc
336c09248f1ce8d1a9003aa759e6807c0d281054
68d88a2420b1a0d4e3b33f12b56534faf1a0d6d5053404eda70d7c83a946a0bc

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /pages/login.php HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: default-src 'self'; script-src 'self' 'nonce-Bzhx9hjp68F3SW3eG3SLeA=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';
feature-policy: geolocation 'none'; microphone 'none'; camera 'none'
permissions-policy: geolocation=(), microphone=(), camera=()
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: DENY
cross-origin-resource-policy: same-origin
set-cookie: PHPSESSID=355387ceddbad118440943fce089c281; path=/; HttpOnly; SameSite=Strict; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 1144
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 07 May 2025 09:56:35 GMT
x-robots-tag: noindex, nofollow
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

izoa.netsons.org/assets/modules/izitoast/iziToast.min.css

46.252.158.186

200 OK

42 kB

URL GET
izoa.netsons.org/assets/modules/izitoast/iziToast.min.css
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
ASCII text, with very long lines (41419), with CRLF line terminators
Size
42 kB (41505 bytes)
Hash
b2f7bdc3ed47f5956551ce0333925792
d2c6cd54cf8a6c040c28844b306543b76eeab8b8
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/izitoast/iziToast.min.css HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9933
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/modules/jquery/jquery-3.7.1.min.js

46.252.158.186

200 OK

88 kB

URL GET
izoa.netsons.org/assets/modules/jquery/jquery-3.7.1.min.js
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/jquery/jquery-3.7.1.min.js HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 15 Jan 2024 06:26:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 29739
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/modules/fontawesome-free/css/solid.min.css

46.252.158.186

200 OK

673 B

URL GET
izoa.netsons.org/assets/modules/fontawesome-free/css/solid.min.css
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
ASCII text, with very long lines (483), with CRLF line terminators
Size
673 B (673 bytes)
Hash
3b659e3d10259f2c31001fee050aeb63
b4be4363d60981bd76c578190333414f0b91407c
7854d8e44687343f7178f324562de684a174684f0e92c66ce00d4c4bf1795fc1

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/fontawesome-free/css/solid.min.css HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 290
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/css/custom.css

46.252.158.186

200 OK

5.3 kB

URL GET
izoa.netsons.org/assets/css/custom.css
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
5.3 kB (5326 bytes)
Hash
1123383213092643b28c31c521a184ef
5a584dd8aa499f0f0d97734b5f1c6a20444d77a4
19567504a2faa9db6515f2323aeb58f0892db85b0fca2a3cb7ffea243369d43f

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/css/custom.css HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 05 Feb 2024 11:50:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1286
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/modules/izitoast/iziToast.min.js

46.252.158.186

200 OK

18 kB

URL GET
izoa.netsons.org/assets/modules/izitoast/iziToast.min.js
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (18398), with CRLF line terminators
Size
18 kB (18486 bytes)
Hash
df383d4feeb05ea8bfe86a0569ef0524
c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/izitoast/iziToast.min.js HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4784
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/modules/select2/select2.min.js

46.252.158.186

200 OK

71 kB

URL GET
izoa.netsons.org/assets/modules/select2/select2.min.js
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64130), with CRLF line terminators
Size
71 kB (70852 bytes)
Hash
37dd3c4be796c3e4d2914e336fc84624
efd00b3c59b9093335cfcc043fa0576587676636
d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/select2/select2.min.js HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18500
date: Wed, 07 May 2025 09:56:36 GMT
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2

46.252.158.186

200 OK

78 kB

URL GET
izoa.netsons.org/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://izoa.netsons.org/assets/modules/fontawesome-free/css/solid.min.css
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: font/woff2
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-length: 78196
date: Wed, 07 May 2025 09:56:36 GMT
vary: User-Agent
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/fonts/sourcesanspro-regular-webfont.woff2

46.252.158.186

200 OK

20 kB

URL GET
izoa.netsons.org/assets/fonts/sourcesanspro-regular-webfont.woff2
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20540, version 2.2949
Size
20 kB (20540 bytes)
Hash
d67b548b833d70dda3779916f5415e7e
f1d3b0c478384a35f0766d9d1839aea81a164b3f
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/fonts/sourcesanspro-regular-webfont.woff2 HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://izoa.netsons.org/assets/css/custom.css
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: font/woff2
last-modified: Sat, 03 Feb 2024 10:44:44 GMT
accept-ranges: bytes
content-length: 20540
date: Wed, 07 May 2025 09:56:36 GMT
vary: User-Agent
x-robots-tag: noindex, nofollow

izoa.netsons.org/assets/img/favicon.png

46.252.158.186

200 OK

1.8 kB

URL GET
izoa.netsons.org/assets/img/favicon.png
IP
46.252.158.186:443
ASN
#60087 Netsons s.r.l.

Requested by
https://izoa.netsons.org/pages/login.php
Certificate
IssuerLet's Encrypt
Subjectizoa.netsons.org
Fingerprint67:F3:10:2D:0F:A0:D2:58:CA:24:40:3D:6E:CB:93:14:74:DF:5B:7A
ValidityMon, 28 Apr 2025 01:24:26 GMT - Sun, 27 Jul 2025 01:24:25 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
1.8 kB (1846 bytes)
Hash
596af1ae4b10854e334121133691325b
ccbaa5ee0def372ae2d791e7c0666e5777c75198
576d5210ef7bd676fff12be80fd61b793c5acdc618b4734f2da4cd638966e496

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/img/favicon.png HTTP/1.1
Host: izoa.netsons.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=355387ceddbad118440943fce089c281
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 May 2025 09:56:36 GMT
content-type: image/png
last-modified: Sun, 01 May 2022 02:34:08 GMT
accept-ranges: bytes
content-length: 1846
date: Wed, 07 May 2025 09:56:36 GMT
vary: User-Agent
x-robots-tag: noindex, nofollow

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP