Report - hemnanipublicschool.com/Webmail/94/Webmail/webmail.php

Report Overview

Visited public
2025-04-12 17:40:43
Tags
URL
hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
Finishing URL
hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
IP / ASN
162.241.85.198
#46606 UNIFIEDLAYER-AS-1
Title
Webmail Login

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hemnanipublicschool.com	unknown	2017-06-13	2018-01-24	2025-04-07	2.2 kB	127 kB	162.241.85.198

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-12	medium	hemnanipublicschool.com	Sinkholed
2025-04-12	medium	hemnanipublicschool.com	Sinkholed
2025-04-12	medium	hemnanipublicschool.com	Sinkholed
2025-04-12	medium	hemnanipublicschool.com	Sinkholed
2025-04-12	medium	hemnanipublicschool.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	hemnanipublicschool.com/Webmail/94/Webmail/webmail.php	ScriptElement	84 B	2023-03-07	2025-05-16
Pretty URL hemnanipublicschool.com/Webmail/94/Webmail/webmail.php IP 162.241.85.198 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-16 10:47 Times Seen2211 Hash f88baf75b8e07dd7ec741e96546bc4f7 a74b22312f7ce6ea751190a32f188b305f2e71e3 1e5f5c8697f7a5934a4e88d298805feb7272c5ae7b1a357b44ec0b5289b60a50 Loading...

	hemnanipublicschool.com/Webmail/94/Webmail/webmail.php	ScriptElement	8.8 kB	2023-07-15	2025-05-07
Pretty URL hemnanipublicschool.com/Webmail/94/Webmail/webmail.php IP 162.241.85.198 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-15 03:18 Last Seen2025-05-07 08:55 Times Seen227 Hash d6876d0d8c3100909fc954797e94bcdf efa253fe8fd45647809e675d769791650411a9bb 25cdeb95a36c713b640dda5fe48e620d295e4882a8c369c0de87ec025dcd4a26 Loading...

HTTP Transactions (5)

URL IP Response Size

hemnanipublicschool.com/Webmail/94/Webmail/webmail.php

162.241.85.198

429 Too Many Requests

227 B

URL User Request GET
hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
IP
162.241.85.198:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.hemnanipublicschool.com
Fingerprint04:8E:14:95:C2:38:AB:04:9A:23:B3:82:E5:F8:CE:23:C5:F4:B5:76
ValidityThu, 20 Feb 2025 09:42:46 GMT - Wed, 21 May 2025 09:42:45 GMT

File type
HTML document, ASCII text
Size
227 B (227 bytes)
Hash
ae578b560a5e7b37a9fd9ecb97b56aa4
212a2655009e301967f727cb2a2ac11e2761bc2e
d2217005a87dc943366f465b9a094230e2a10401fb9b0e628c6414a499ba2998

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Webmail/94/Webmail/webmail.php HTTP/1.1
Host: hemnanipublicschool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 429 Too Many Requests
date: Sat, 12 Apr 2025 17:40:22 GMT
server: nginx/1.25.5
content-type: text/html; charset=iso-8859-1
content-length: 227
X-Firefox-Spdy: h2

hemnanipublicschool.com/Webmail/94/Webmail/webmail.php

162.241.85.198

200 OK

29 kB

URL User Request GET
hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
IP
162.241.85.198:80
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5306), with CRLF line terminators
Size
29 kB (28880 bytes)
Hash
6fae9cfe1de5933edddf89b4a104a70f
bd39fedcf764da4808073a74c787d65d1c741ab7
f1f66c5a16b88315a60837fa2dfe553d67592918c68583cb2680093d42188abf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Webmail/94/Webmail/webmail.php HTTP/1.1
Host: hemnanipublicschool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Apr 2025 17:40:37 GMT
Server: nginx/1.25.5
Content-Type: text/html; charset=UTF-8
Content-Length: 10163
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false

hemnanipublicschool.com/Webmail/94/Webmail/Webmail%20Login_files/webmail-logo.svg

162.241.85.198

200 OK

5.4 kB

URL GET
hemnanipublicschool.com/Webmail/94/Webmail/Webmail%20Login_files/webmail-logo.svg
IP
162.241.85.198:80
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
http://hemnanipublicschool.com/Webmail/94/Webmail/webmail.php

File type
SVG Scalable Vector Graphics image
Size
5.4 kB (5360 bytes)
Hash
bc0c956653325b9e694d4dd1dfb78020
e1196e4db68ed573355ade966152a084581b40ec
998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Webmail/94/Webmail/Webmail%20Login_files/webmail-logo.svg HTTP/1.1
Host: hemnanipublicschool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Apr 2025 17:40:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 27 May 2024 01:21:36 GMT
Accept-Ranges: bytes
Content-Length: 5360
Content-Type: image/svg+xml

hemnanipublicschool.com/Webmail/94/Webmail/Webmail%20Login_files/open_sans.css

162.241.85.198

200 OK

6.4 kB

URL GET
hemnanipublicschool.com/Webmail/94/Webmail/Webmail%20Login_files/open_sans.css
IP
162.241.85.198:80
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
http://hemnanipublicschool.com/Webmail/94/Webmail/webmail.php

File type
ASCII text, with very long lines (6358), with no line terminators
Size
6.4 kB (6358 bytes)
Hash
476afa553fea4614728877a7cd478705
f3e85923be9467bcb19dd9fe1a64b2094d6dbc7e
919e3b6b5b80ecdfb3c87b5e3aa55f174c21a79ed75c63de2dab20394ff7a676

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Webmail/94/Webmail/Webmail%20Login_files/open_sans.css HTTP/1.1
Host: hemnanipublicschool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Apr 2025 17:40:38 GMT
Server: Apache
Last-Modified: Mon, 27 May 2024 01:21:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 559
Content-Type: text/css

hemnanipublicschool.com/Webmail/94/Webmail/Webmail%20Login_files/style_v2_optimized.css

162.241.85.198

200 OK

85 kB

URL GET
hemnanipublicschool.com/Webmail/94/Webmail/Webmail%20Login_files/style_v2_optimized.css
IP
162.241.85.198:80
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
http://hemnanipublicschool.com/Webmail/94/Webmail/webmail.php

File type
ASCII text, with very long lines (65374)
Size
85 kB (84926 bytes)
Hash
6be752b6a895bc1f13e0602843ce2c99
b289069a2f7b123352f71631420976a459d44154
e8d52843db13fe3edfd9b4bdfb1b0c27a270bd461b4657b33b44a087a777572e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Webmail/94/Webmail/Webmail%20Login_files/style_v2_optimized.css HTTP/1.1
Host: hemnanipublicschool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hemnanipublicschool.com/Webmail/94/Webmail/webmail.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Apr 2025 17:40:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 27 May 2024 01:21:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers