Sample details: 0872e8d532435737deb514348f02ba21 --

Hashes
MD5: 0872e8d532435737deb514348f02ba21
SHA1: 6270ebf47bc11ee437161c44425e677f9c95310c
SHA256: 96ac718a0f8282445d216658fd54ee8e687ebed3c390b98998e360e4bb54640b
SSDEEP: 96:bGirpiQ28/mSHHpC0w1OuRRWMiILdZONUguemP6XkAP7AEi+AVeHnivUXYcPvcwA:bHrUH8/rpC0wFzjiWd8FmP34DIWBpgZ
Details
File Type: HTML
Yara Hits
YRP/domain | YRP/url | YRP/contentis_base64 | YRP/Big_Numbers0 |
Source
http://markossolomon.com/F1q7QX.php
Strings
		<html>
	<head lang="en">
		<meta charset="UTF-8"/>
		<title>Registrant WHOIS contact information verification | Namecheap.com</title>
		<meta name="viewport" content="width=device-width, initial-scale=1"/>
		<link rel="shortcut icon" href="https://www.namecheap.com/assets/img/nc-icon/favicon.ico"/>
		<script type="text/javascript">
        window.__ncOnScriptLoadError = function (error) {
            window.newrelic.noticeError(new Error('UiGlobalenv was not loaded: ' + JSON.stringify(error)));
           
            // retry request
            var request = new XMLHttpRequest();
            
            request.onreadystatechange = function() {
                if (request.readyState !== 4) {
                    return;
                }
               
                var data = {
                    status: request.status,
                    headers: request.getAllResponseHeaders()
                };
               
                if (request.status !== 200) {
                    data.responseText = request.responseText;
                }
                
                window.newrelic.noticeError(new Error('Retry to load UiGlobalEnv. Status: ' + data.status), data);
            };
            request.open('GET', 'https://nc-img.com/pp/nc-ui-globalenv/main.95c75c5ebbd01b86a09b.js');
            request.send();
            
            // request for tracking headers
            var apiRequest = new XMLHttpRequest();
            
            apiRequest.open('GET', 'https://www.sandbox.namecheap.com/apps/api/temp/uiglobalenv/info?pptest=1');
            apiRequest.send();
        }
    </script><script type="text/javascript">
        var nc_scriptLoader=function(t){function r(n){if(e[n])return e[n].exports;var o=e[n]={i:n,l:!1,exports:{}};return t[n].call(o.exports,o,o.exports,r),o.l=!0,o.exports}var e={};return r.m=t,r.c=e,r.d=function(t,e,n){r.o(t,e)||Object.defineProperty(t,e,{configurable:!1,enumerable:!0,get:n})},r.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return r.d(e,"a",e),e},r.o=function(t,r){return Object.prototype.hasOwnProperty.call(t,r)},r.p="",r(r.s=270)}({270:function(t,r,e){"use strict";Object.defineProperty(r,"__esModule",{value:!0}),e.d(r,"ScriptLoader",function(){return n});var n=function(){function t(){this.scriptsConfiguration={paths:{}},this.loadingQueue={},this.loadedModules=[]}return t.prototype.config=function(t){var r=!0===t.crossorigin;for(var e in t.paths)if(null==this.scriptsConfiguration.paths[e]){var n=t.paths[e];this.scriptsConfiguration.paths[e]={path:-1===n.indexOf(".js")?n+".js":n,crossorigin:r}}return this},t.prototype.require=function(t,r){for(var e=this.createOnCallCallback(t,r),n=[],o=0,i=t;o<i.length;o++){var a=i[o],u=this.scriptsConfiguration.paths[a];if(null==u)throw new Error("Cannot find URL for script "+a+". Check that ncScriptLoader.config is called with "+a+' in "paths" configuration.');var c=this.loadingQueue[a];null==c?this.loadedModules.indexOf(a)>-1?e():(c=this.loadingQueue[a]=[],c.push(e),n.push(this.createScriptTag(a,u))):c.push(e)}n.forEach(function(t){return document.head.appendChild(t)})},t.prototype.createScriptTag=function(t,r){var e=document.createElement("script");return e.type="text/javascript",e.async=!0,e.onload=this.createLoadCompleteCallback(t),e.onerror=function(){return console&&console.error("Failed to load script "+t)},e.src=r.path,r.crossorigin&&(e.crossOrigin="anonymous"),e},t.prototype.createOnCallCallback=function(t,r){var e=this,n=!1;return function(){t.every(function(t){return e.loadedModules.indexOf(t)>-1})&&!n&&(r(),n=!0)}},t.prototype.createLoadCompleteCallback=function(t){var r=this;return function(){var e=r.loadingQueue[t];if(e||!r.loadedModules.includes(t)){delete r.loadingQueue[t],r.loadedModules.push(t);try{e.forEach(function(t){try{t()}catch(t){console&&console.error(t)}})}catch(e){var n=document.querySelectorAll('*[src="'+r.scriptsConfiguration.paths[t].path+'"]').length;throw new Error("Cannot get a callback for module "+t+". [\n                \tconfig: "+JSON.stringify(r.scriptsConfiguration)+", \n                \tqueue: "+JSON.stringify(r.loadingQueue)+",\n                \tloadedModules: "+JSON.stringify(r.loadedModules)+",\n                \telementsCount: "+n+"\n\t\t\t\t]")}}}},t}()}});
        window.ncScriptLoader = new nc_scriptLoader.ScriptLoader();
    </script>
<!-- .load 00.0522, start: 29:27.9989, end: 29:28.0512 -->
<!-- .render 00.0525, start: 29:27.9989, end: 29:28.0515 -->	
	<link href="https://nc-img.com/pp/nc-ui-globalenv/app.79da253dd39acc4b66c6d3a79aab125a.css" rel="stylesheet" type="text/css" /><script src="https://nc-img.com/pp/nc-ui-globalenv/mainLegacy.b87f5bbf088fb1a5121a.js" type="text/javascript" crossorigin="anonymous" onerror="__ncOnScriptLoadError()"></script><link href="https://nc-img.com/pp/nc-ui-globalenv/museo-sans-300-italic-webfont.1ec5d6b46fb910b7438691a06f535727.woff2"" rel="preload" as="font" type="font/woff2" crossorigin="anonymous" /><link href="https://nc-img.com/pp/nc-ui-globalenv/museo-sans-300-webfont.96dd56ebb50aa0150f6630360d8d69cf.woff2"" rel="preload" as="font" type="font/woff2" crossorigin="anonymous" /><link href="https://nc-img.com/pp/nc-ui-globalenv/museo-sans-500-webfont.5d9883d92e2eaa724e4e6beb0ef6728a.woff2"" rel="preload" as="font" type="font/woff2" crossorigin="anonymous" /><link href="https://nc-img.com/pp/nc-ui-globalenv/museo-sans-700-webfont.b125dc012841fa8a23b98c37499ca5e8.woff2"" rel="preload" as="font" type="font/woff2" crossorigin="anonymous" /><link href="https://nc-img.com/uiraa/app.ab29bfd164428d10f32bc34df1cad4ed.css" rel="stylesheet" type="text/css" /><link href="https://nc-img.com/uiraa/app.fe7a493a8565a298dbf4.js" rel="preload" as="script" crossorigin="anonymous" /></head>
	<body>
		<fragment style="display: block;" class="uiraa no-js" ncui-version="1.0.2-develop-59">
		<fragment-app-69bb2b42></fragment-app-69bb2b42><script type="text/javascript" charset="utf-8">
(function(l) {
	l.config({ paths: {'__nc_polyfills': 'https://nc-img.com/uiraa/libs/polyfills_73fa035e1251131417db','vendors_656e7b51c80db3b4f4f2': 'https://nc-img.com/uiraa/libs/vendors_656e7b51c80db3b4f4f2', 'nc_uiraa': 'https://nc-img.com/uiraa/app.fe7a493a8565a298dbf4' }, crossorigin: true });l.require(['__nc_polyfills'], function() {
		l.require(['vendors_656e7b51c80db3b4f4f2',], function() {
			l.require(['nc_uiraa'], function() {
				var app = window.nc_uiraa
				var apiProxy = (location.protocol || 'https:') + '//' + location.host + '/';app.main({"fragmentModuleName":"fragment-app-69bb2b42","requestUrl":"\u002FLauncherUpdate\u002Fversion.txt","apiProxy":apiProxy,"assetsPath":"https:\u002F\u002Fnc-img.com\u002Fuiraa","primary":false,"basePageUrl":"\u002F","appConfig":{"infrastructure":{"cmsBase":"https:\u002F\u002Fwww.namecheap.com","accountPanelBase":"https:\u002F\u002Fap.www.namecheap.com\u002F","loginUrl":"\u002Fmyaccount\u002Flogin.aspx","signupUrl":"\u002Fmyaccount\u002Flogin-signup.aspx"}}});
				var el = document.querySelector('fragment.uiraa');
				if (el !== null) el.classList.remove('no-js');
			});
		});});})(ncScriptLoader);</script></fragment>
<!-- /uiraa/LauncherUpdate/version.txt.load 00.0141, start: 29:27.9998, end: 29:28.0139 -->
<!-- /uiraa/LauncherUpdate/version.txt.render 00.0519, start: 29:27.9998, end: 29:28.0517 -->	
	<input type="hidden" id="x-ncpl-csrfvalue" value="fa59c49d542a43849cf606952df1d502" /></body>
</html>