Source: https://05tns.csb.app/ | SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering |
Source: https://05tns.csb.app/ | Matcher: Template: office matched with high similarity |
Source: https://05tns.csb.app/ | Matcher: Template: office matched |
Source: Yara match | File source: 472847.pages.csv, type: HTML |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373591680915711&output=html&h=250&slotname=9454352660&adk=1294191884&adf=615884932&pi=t.ma~as.9454352660&w=250&lmt=1614899672&url=http%3A%2F%2Fwww.htmlprotection.kom.gt%2F&flash=29.0.0&wgl=1&dt=1614899671426&bpp=61&bdt=504&idt=423&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=4400435368515&frm=20&pv=2&ga_vid=2003745227.1614899672&ga_sid=1614899672&ga_hid=1318567104&ga_fc=0&u_tz=60&u_his=2&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=676&ady=75&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21066432%2C21066922%2C21068108%2C21069711&oid=3&pvsid=4089538964379651&pem=792&rx=0&eae=0&fc=640&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=8192&bc=1&ifi=1&uci=a!1&xpc=wGHJNxAEDu&p=http%3A//www.htmlprotection.kom.gt&dtd=627 |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: http://www.facebook.com/plugins/like.php?href=http://www.htmlprotection.kom.gt&layout=button_count&show_faces=false&width=150&action=like&font=verdana&colorscheme=light&height=21 |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373591680915711&output=html&h=250&slotname=9454352660&adk=3430002613&adf=2416142612&pi=t.ma~as.9454352660&w=250&lmt=1614899672&url=http%3A%2F%2Fwww.htmlprotection.kom.gt%2F&flash=29.0.0&wgl=1&dt=1614899671519&bpp=58&bdt=598&idt=557&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=9454352660&correlator=4400435368515&frm=20&pv=1&ga_vid=2003745227.1614899672&ga_sid=1614899672&ga_hid=1318567104&ga_fc=0&u_tz=60&u_his=2&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=366&ady=2363&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21066432%2C21066922%2C21068108%2C21069711&oid=3&pvsid=4089538964379651&pem=792&rx=0&eae=0&fc=640&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=8192&bc=1&ifi=2&uci=a!2&btvi=1&xpc=Gk5IjVvCWC&p=http%3A//www.htmlprotection.kom.gt&dtd=728 |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373591680915711&output=html&h=250&slotname=9454352660&adk=3430002613&adf=1314770583&pi=t.ma~as.9454352660&w=250&lmt=1614899672&url=http%3A%2F%2Fwww.htmlprotection.kom.gt%2F&flash=29.0.0&wgl=1&adsid=ChEIgKeCggYQ6quMiYul5rvRARIvAD5jN23CnTlAjBbaP0KlHQMXatMuye_Jt8cDEXFEc6rZMonxjOBau1U4XQ6VvAM&dt=1614899671622&bpp=20&bdt=701&idt=641&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Db85e1f3cdfd063ee-22ca798fa8ba00a8%3AT%3D1614899617%3ART%3D1614899617%3AS%3DALNI_MZjBCCxQhf4gdmXmPjgCpdTTZ97pQ&prev_slotnames=9454352660%2C9454352660&correlator=4400435368515&frm=20&pv=1&ga_vid=2003745227.1614899672&ga_sid=1614899672&ga_hid=1318567104&ga_fc=0&u_tz=60&u_his=2&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=648&ady=2363&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21066432%2C21066922%2C21068108%2C21069711&oid=3&pvsid=4089538964379651&pem=792&rx=0&eae=0&fc=640&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7Cm%7Cebr%7Cp&abl=XS&pfx=0&fu=8192&bc=1&ifi=3&uci=a!3&btvi=2&xpc=DbpAEryMgX&p=http%3A//www.htmlprotection.kom.gt&dtd=805 |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: http://www.facebook.com/plugins/like.php?href=http://www.htmlprotection.kom.gt&layout=button_count&show_faces=false&width=150&action=like&font=verdana&colorscheme=light&height=21 |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373591680915711&output=html&adk=1812271804&adf=3025194257&lmt=1614899676&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.htmlprotection.kom.gt%2F&ea=0&flash=29.0.0&pra=7&wgl=1&adsid=ChEIgKeCggYQ6quMiYul5rvRARIvAD5jN23CnTlAjBbaP0KlHQMXatMuye_Jt8cDEXFEc6rZMonxjOBau1U4XQ6VvAM&dt=1614899676812&bpp=14&bdt=5893&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db85e1f3cdfd063ee-22ca798fa8ba00a8%3AT%3D1614899617%3ART%3D1614899617%3AS%3DALNI_MZjBCCxQhf4gdmXmPjgCpdTTZ97pQ&prev_slotnames=9454352660%2C9454352660%2C9454352660&nras=1&correlator=4400435368515&frm=20&pv=1&ga_vid=2003745227.1614899672&ga_sid=1614899672&ga_hid=1318567104&ga_fc=0&u_tz=60&u_his=2&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21066432%2C21066922%2C21068108%2C21069711&oid=3&pvsid=4089538964379651&pem=792&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=4&uci=a!4&dtd=83 |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html# |
Source: http://www.htmlprotection.kom.gt/ | HTTP Parser: Iframe src: data:text/html;charset=UTF-8;base64,PCFET0NUWVBFIGh0bWw+PGJvZHk+PHNjcmlwdCBub25jZT0iIj4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgZT0iZnVuY3Rpb24iPT10eXBlb2YgT2JqZWN0LmNyZWF0ZT9PYmplY3QuY3JlYXRlOmZ1bmN0aW9uKGEpe3ZhciBiPWZ1bmN0aW9uKCl7fTtiLnByb3RvdHlwZT1hO3JldHVybiBuZXcgYn0sZjtpZigiZnVuY3Rpb24iPT10eXBlb2YgT2JqZWN0LnNldFByb3RvdHlwZU9mKWY9T2JqZWN0LnNldFByb3RvdHlwZU9mO2Vsc2V7dmFyIGc7YTp7dmFyIGg9e2E6ITB9LGs9e307dHJ5e2suX19wcm90b19fPWg7Zz1rLmE7YnJlYWsgYX1jYXRjaChhKXt9Zz0hMX1mPWc/ZnVuY3Rpb24oYSxiKXthLl9fcHJvdG9fXz1iO2lmKGEuX19wcm90b19fIT09Yil0aHJvdyBuZXcgVHlwZUVycm9yKGErIiBpcyBub3QgZXh0ZW5zaWJsZSIpO3JldHVybiBhfTpudWxsfQp2YXIgbD1mLG49ZnVuY3Rpb24oYSxiKXthLnByb3RvdHlwZT1lKGIucHJvdG90eXBlKTthLnByb3RvdHlwZS5jb25zdHJ1Y3Rvcj1hO2lmKGwpbChhLGIpO2Vsc2UgZm9yKHZhciBjIGluIGIpaWYoInByb3RvdHlwZSIhPWMpaWYoT2JqZWN0LmRlZmluZVByb3BlcnRpZXMpe3ZhciBkPU9iamVjdC5nZXRPd25Qcm9wZXJ0eURlc2NyaXB0b3IoYixjKTtkJiZPYmplY3QuZGVmaW5lUHJvcGVydHkoYSxjLGQpfWVsc2UgYVtjXT1iW2NdO2EubD1iLnByb3RvdHlwZX07dmFyIHA9e307ZnVuY3Rpb24gcShhKXtpZihhIT09cCl0aHJvdyBFcnJvcigiQmFkIHNlY3JldCIpO307ZnVuY3Rpb24gcigpe3ZhciBhPSJ1bmRlZmluZWQiIT09dHlwZW9mIHdpbmRvdz93aW5kb3cudHJ1c3RlZFR5cGVzOnZvaWQgMDtyZXR1cm4gbnVsbCE9PWEmJnZvaWQgMCE9PWE/YTpudWxsfXZhciB0O2Z1bmN0aW9uIHUoKXt2YXIgYSxiO3ZvaWQgMD09PXQmJih0PW51bGwhPT0oYj1udWxsPT09KGE9cigpKXx8dm9pZCAwPT09YT92b2lkIDA6YS5jcmVhdGVQb2xpY3koImdvb2dsZSNzYWZlIix7Y3JlYXRlSFRNTDpmdW5jdGlvbihjKXtyZXR1cm4gY30sY3JlYXRlU2NyaXB0OmZ1bmN0aW9uKGMpe3JldHVybiBjfSxjcmVhdGVTY3JpcHRVUkw6ZnVuY3Rpb24oYyl7cmV0dXJuIGN9fSkpJiZ2b2lkIDAhPT1iP2I6bnVsbCk7cmV0dXJuIHR9O3ZhciB2LHc9ZnVuY3Rpb24oKXt9LHg9ZnVuY3Rpb24oYSxiKXtxKGIpO3RoaXMuaD1hfTtuKHgsdyk7eC5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5oLnRvU3RyaW5nKCl9O3ZhciB5PW51bGw9PT0odj1yKCkpfHx2b2lkIDA9PT12P3ZvaWQgMDp2LmVtcHR5SFRNTDtuZXcgeChudWxsIT09eSYmdm9pZCAwIT09eT95OiIiLHApO3ZhciB6LEE9ZnVuY3Rpb24oKXt9LEI9ZnVuY3Rpb24oYSxiKXtxKGIpO3RoaXMuaT1hfTtuKEIsQSk7Qi5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5pLnRvU3RyaW5nKCl9O3ZhciBDPW51bGw9PT0oej1yKCkpfHx2b2lkIDA9PT16P3ZvaWQgMDp6LmVtcHR5U2NyaXB0O25ldyBCKG51bGwhPT1DJiZ2b2lkIDAhPT1DP0M6IiIscCk7dmFyIEQ9ZnVuY3Rpb24oKXt9LEU9ZnVuY3Rpb24oYSxiKXtxKGIpO3RoaXMuaj1hfTtuKEUsRCk7RS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5qfTtuZXcgRSgiYWJvdXQ6YmxhbmsiLHApO25ldyBFKCJhYm91dDppbnZhbGlkI3pUU3oiLHApO3ZhciBGPWZ1bmN0aW9uKCl7fSxHPWZ1bmN0aW9uKGEsYil7cShiKTt0aGlzLmc9YX07bihHLEYpO0cucHJvdG90 |