Source: https://panctisdae25.github.io/ |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
Source: https://panctisdae25.github.io/ |
Virustotal: Detection: 15% |
Perma Link |
Source: https://panctisdae25.github.io/ |
LLM: Score: 9 brands: Facebook Reasons: The URL 'https://panctisdae25.github.io/' does not match the legitimate domain name for Facebook, which is 'facebook.com'. The page contains a login form asking for email address or phone number and password, which is a common phishing technique. The use of a security notification and the urgency of account deactivation are social engineering techniques to trick users into providing their credentials. DOM: 0.0.pages.csv |
Source: https://panctisdae25.github.io/ |
HTTP Parser: Form action: https://tempatrelaod1472d0.000webhostapp.com/verified.php github 000webhostapp |
Source: https://panctisdae25.github.io/ |
HTTP Parser: Number of links: 1 |
Source: https://panctisdae25.github.io/ |
HTTP Parser: Title: Restrictions Information does not match URL |
Source: https://panctisdae25.github.io/ |
HTTP Parser: Form action: /logout.php?button_location=settings&button_name=logout |
Source: https://panctisdae25.github.io/ |
HTTP Parser: Form action: https://tempatrelaod1472d0.000webhostapp.com/verified.php |
Source: https://panctisdae25.github.io/ |
HTTP Parser: <input type="password" .../> found |
Source: https://panctisdae25.github.io/ |
HTTP Parser: No <meta name="author".. found |
Source: https://panctisdae25.github.io/ |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.46.162.224 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1Host: panctisdae25.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /asset/css/1D8erEf3S9.css HTTP/1.1Host: panctisdae25.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://panctisdae25.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /asset/css/4fGxs96Xxc.css HTTP/1.1Host: panctisdae25.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://panctisdae25.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /asset/img/MetaSecure.png HTTP/1.1Host: panctisdae25.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://panctisdae25.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /rsrc.php/v3/y5/r/espe7X_o_zC.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://panctisdae25.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /asset/img/MetaSecure.png HTTP/1.1Host: panctisdae25.github.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /asset/icon/favicon.ico HTTP/1.1Host: panctisdae25.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://panctisdae25.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /asset/icon/favicon.ico HTTP/1.1Host: panctisdae25.github.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
DNS traffic detected: DNS query: panctisdae25.github.io |
Source: global traffic |
DNS traffic detected: DNS query: static.xx.fbcdn.net |
Source: global traffic |
DNS traffic detected: DNS query: www.google.com |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingx-fatal-request: static.xx.fbcdn.netPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTtiming-allow-origin: *reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;content-security-policy: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src data: blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';document-policy: force-load-at-top |
Source: chromecache_46.2.dr |
String found in binary or memory: https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/espe7X_o_zC.png |
Source: chromecache_46.2.dr |
String found in binary or memory: https://tempatrelaod1472d0.000webhostapp.com/verified.php |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49744 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49743 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49758 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49741 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49740 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49678 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49741 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49743 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49746 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49745 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49739 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49736 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49736 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49758 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49735 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49675 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49740 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49749 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49747 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49744 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49749 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49735 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49747 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49746 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49739 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49745 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2 |
Source: classification engine |
Classification label: mal64.phis.win@16/14@8/7 |
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=2084,i,15634253484415595677,15088899054563807059,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
|
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://panctisdae25.github.io/" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=2084,i,15634253484415595677,15088899054563807059,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: Window Recorder |
Window detected: More than 3 window changes detected |