Help
RSS
API
Feed
Maltego
Contact
Domain > mail.makingroup.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Files that talk to mail.makingroup.com
MD5
A/V
3ff79e59f23983931c7f8b78ff705df1
[
HW32.CDB.6c99
] [
Kryptik.CCFN
] [
Win32/Kelihos.SeNdHLB
] [
Backdoor.Win32.Hlux.dlkp
] [
Backdoor.Hlux!oUNizOsy5vo
] [
TrojWare.Win32.Kryptik.CASU
] [
Trojan.Packed.26544
] [
Trojan[Backdoor]/Win32.Hlux
] [
Backdoor:Win32/Kelihos
] [
Trojan/Win32.Tepfer
] [
Heur.Trojan.Hlux
] [
Backdoor.Win32.Hlux.At
] [
Trojan-Downloader.Win32.Waledac
] [
W32/Hlux.AGWI!tr
] [
Win32/Trojan.337
]
Whois
Property
Value
NameServer
NS2.IFORTE.NET.ID
Created
2000-08-15 00:00:00
Changed
2015-08-08 00:00:00
Expires
2022-08-15 00:00:00
Registrar
TUCOWS DOMAINS INC.
DNS Resolutions
Date
IP Address
2024-12-28
202.51.107.60
(
ClassC
)
Port 80
HTTP/1.1 302 Moved TemporarilyServer: nginxDate: Sat, 28 Dec 2024 20:52:27 GMTContent-Type: text/htmlContent-Length: 154Connection: keep-aliveLocation: https://mail.makingroup.com/ html>head>title>302 Found/title>/head>body bgcolorwhite>center>h1>302 Found/h1>/center>hr>center>nginx/center>/body>/html>
Port 443
HTTP/1.1 200 OKServer: nginxDate: Sat, 28 Dec 2024 20:52:28 GMTContent-Type: text/html;charsetutf-8Transfer-Encoding: chunkedConnection: keep-aliveX-Frame-Options: SAMEORIGINExpires: -1Cache-Control: no-store, no-cache, must-revalidate, max-age0Pragma: no-cacheContent-Language: en-USSet-Cookie: ZM_TESTtrue;SecureSet-Cookie: ZM_LOGIN_CSRF2ca10964-e92b-482e-bed5-bf78709492f5;Secure;HttpOnlyVary: User-AgentX-UA-Compatible: IEedgeVary: Accept-Encoding, User-Agent !DOCTYPE html>!-- set this class so CSS definitions that now use REM size, would work relative to this. Since now almost everything is relative to one of the 2 absolute font size classese -->html classuser_font_size_normal langen>head>!-- login.jsp * ***** BEGIN LICENSE BLOCK ***** * Zimbra Collaboration Suite Web Client * Copyright (C) 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Synacor, Inc. * * This program is free software: you can redistribute it and/or modify it under * the terms of the GNU General Public License as published by the Free Software Foundation, * version 2 of the License. * * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU General Public License for more details. * You should have received a copy of the GNU General Public License along with this program. * If not, see https://www.gnu.org/licenses/>. * ***** END LICENSE BLOCK *****--> meta http-equivContent-Type contenttext/html;charsetutf-8> title>Zimbra Web Client Sign In/title> meta nameviewport contentwidthdevice-width, initial-scale1.0> meta namedescription contentZimbra provides open source server and client software for messaging and collaboration. To find out more visit https://www.zimbra.com.> meta nameapple-mobile-web-app-capable contentyes /> meta nameapple-mobile-web-app-status-bar-style contentblack /> link relstylesheet typetext/css href/css/common,login,zhtml,skin.css?skinharmony&v190819071639> link relSHORTCUT ICON href/img/logo/favicon.ico>/head>body onloadonLoad();> div classLoginScreen> div classcenter> div classcontentBox> h1>a hrefhttps://www.zimbra.com/ idbannerLink target_new titleZimbra>span classScreenReaderOnly>Zimbra/span> span classImgLoginBanner>/span> /a>/h1> div idZLoginAppName>Web Client/div> form methodpost nameloginForm action/ accept-charsetUTF-8> input typehidden nameloginOp valuelogin/> input typehidden namelogin_csrf value2ca10964-e92b-482e-bed5-bf78709492f5/> table classform> tr> td>label forusername>Username:/label>/td> td>input idusername classzLoginField nameusername typetext value size40 maxlength1024 autocapitalizeoff autocorrectoff/>/td> /tr> tr> td>label forpassword>Password:/label>/td> td>input idpassword autocompleteoff classzLoginField namepassword typepassword value size40 maxlength1024/>/td> /tr> tr> td> /td> td classsubmitTD> input idremember value1 typecheckbox namezrememberme /> label forremember>Stay signed in/label> input typesubmit classZLoginButton DwtButton valueSign In /> /td> /tr> tr > td colspan2>hr/>/td> /tr> tr > td> label forclient>Version:/label> /td> td> div classpositioning> select idclient nameclient onchangeclientChange(this.optionsthis.selectedIndex.value)> option valuepreferred > Default/option> option valueadvanced > Advanced (Ajax)/option> option valuestandard selected> Standard (HTML)/option> option valuemobile > Mobile/option> /select> script TYPEtext/javascript> document.write(a href# onclickshowWhatsThis(); idZLoginWhatsThisAnchor aria-controlsZLoginWhatsThis aria-expandedfalse>What’s This?/a>); /script> div idZLoginWhatsThis classZLoginInfoMessage styledisplay:none; onclickshowWhatsThis(); roletooltip>h3 styletext-align:center;>Client Types/h3> b>Advanced/b> offers the full set of Web collaboration features. This Web Client works best with newer browsers and faster Internet connections. br>br>b>Standard/b> is recommended when Internet connections are slow, when using older browsers, or for easier accessibility. br>br>b>Mobile/b> is recommended for mobile devices. br>br>To set b>Default/b> to be your preferred client type, change the sign in options in your Preferences, General tab after you sign in./div> div idZLoginUnsupported classZLoginInfoMessage styledisplay:none;>Note that your web browser or display does not fully support the Advanced version. We strongly recommend that you use the Standard client./div> /div> /td> /tr> /table> /form> /div> div classdecor1>/div> /div> div classFooter> div idZLoginNotice classlegalNotice-small>a target_new hrefhttps://www.zimbra.com>Zimbra/a> :: the leader in open source messaging and collaboration :: a target_new hrefhttps://blog.zimbra.com>Blog/a> - a target_new hrefhttps://wiki.zimbra.com>Wiki/a> - a target_new hrefhttps://www.zimbra.com/forums>Forums/a>/div> div classcopyright> Copyright © 2005-2017 Synacor, Inc. All rights reserved. Zimbra is a registered trademark of Synacor, Inc./div> /div> div classdecor2>/div> /div>script>function ZmSkin(e){this.hintsthis.mergeObjects(ZmSkin.hints,e)}ZmSkin.hints{name:harmony,version:1,skin:{containers:skin_outer},banner:{position:static,url:https://mail.makingroup.com},userInfo:{position:static},search:{position:static},quota:{position:static},presence:{width:40px,height:24px},appView:{position:static},searchResultsToolbar:{containers:skin_tr_search_results_toolbar},newButton:{containers:skin_td_new_button},tree:{minWidth:13.5rem,maxWidth:84rem,containers:skin_td_tree,skin_td_tree_app_sash,resizeContainers:skin_td_tree,skin_container_app_new_button},topToolbar:{containers:skin_spacing_app_top_toolbar},treeFooter:{containers:skin_tr_tree_footer},topAd:{containers:skin_tr_top_ad},sidebarAd:{containers:skin_td_sidebar_ad},bottomAd:{containers:skin_tr_bottom_ad},treeTopAd:{containers:skin_tr_tree_top_ad},treeBottomAd:{containers:skin_tr_tree_bottom_ad},helpButton:{style:link,container:quota,url:},logoutButton:{style:link,container:quota},appChooser:{position:static,direction:LR},toast:{location:N,transitions:{type:fade-in,step:5,duration:50},{type:pause,duration:5000},{type:fade-out,step:-10,duration:500}},fullScreen:{containers:!skin_td_tree,!skin_td_tree_app_sash},allAds:{containers:skin_tr_top_ad,skin_td_sidebar_ad,skin_tr_bottom_ad,skin_tr_tree_top_ad,skin_tr_tree_bottom_ad},hideSearchInCompose:true,notificationBanner:/skins/_base/logos/NotificationBanner_grey.gif?v190819071639,socialfox:{iconURL:/img/logo/ImgZimbraIcon.gif,icon32URL:/img/logo/ImgZimbraLogo_32.gif,icon64URL:/img/logo/ImgZimbraLogo_64.gif,mailIconURL:/img/zimbra/ImgMessage.png}};window.BaseSkinZmSkin;ZmSkin.prototype{show:function(t,e,l){var athis.hintst&&this.hintst.containers;if(a){if(typeof afunction){a.apply(this,e!false);skin._reflowApp();return}if(typeof astring){aa}var sfalse;for(var r0;ra.length;r++){var har;var oh.replace(/^!/,);var nh!o;if(this._showEl(o,n?!e:e)){strue}}if(s&&!l){skin._reflowApp()}}},hide:function(e,t){this.show(e,false,t)},gotoApp:function(e,t){appCtxt.getAppController().activateApp(e,null,t)},gotoPrefs:function(e){if(appCtxt.getCurrentAppName()!ZmApp.PREFERENCES){var tnew AjxCallback(this,this._gotoPrefPage,e);this.gotoApp(ZmApp.PREFERENCES,t)}else{this._gotoPrefPage(e)}},mergeObjects:function(e,o){if(enull){e{}}for(var a1;aarguments.length;a++){var nargumentsa;for(var t in n){var set;if(typeof sobject&&!(s instanceof Array)){this.mergeObjects(et,nt);continue}if(!et){etnt}}}return e},getTreeWidth:function(){return Dwt.getSize(this._getEl(this.hints.tree.containers0)).x},setTreeWidth:function(e){this._setContainerSizes(tree,e,null)},showTopAd:function(e){if(skin._showEl(skin_tr_top_ad,e)){skin._reflowApp()}},hideTopAd:function(){skin.showTopAd(false)},getTopAdContainer:function(){return skin._getEl(skin_container_top_ad)},showSidebarAd:function(e){var tskin_td_sidebar_ad;if(e!null){Dwt.setSize(t,e)}if(skin._showEl(t)){skin._reflowApp()}},hideSidebarAd:function(){var eskin_td_sidebar_ad;if(skin._hideEl(e)){skin._reflowApp()}},getSidebarAdContainer:function(){return this._getEl(skin_container_sidebar_ad)},handleNotification:function(t,e){},_getEl:function(e){return(typeof estring?document.getElementById(e):e)},_showEl:function(o,i){var tthis._getEl(o);if(!t){return}var a;if(ifalse){anone}else{var et.tagName;if(eTD){atable-cell}else{if(eTR){atable-row}else{ablock}}}if(a!t.style.display){t.style.displaya;return true}else{return false}},_hideEl:function(e){return this._showEl(e,false)},_reparentEl:function(i,e){var athis._getEl(e);var ta&&this._getEl(i);if(t){a.appendChild(t)}},_setContainerSizes:function(n,a,e){var othis.hintsn.resizeContainers||this.hintsn.containers;for(var t0;to.length;t++){Dwt.setSize(ot,a,null)}},_reflowApp:function(){if(window._zimbraMail){window._zimbraMail.getAppViewMgr().fitAll()}},_gotoPrefPage:function(a){if(anull){return}var iappCtxt.getApp(ZmApp.PREFERENCES);var ti.getPrefController();var et.getPrefsView();e.selectSection(a)}};window.skinnew ZmSkin();var link document.getElementById(bannerLink);if (link) { link.href skin.hints.banner.url;}// show a message if they should be using the standard client, but have chosen advanced insteadfunction clientChange(selectValue) { var useStandard true; useStandard useStandard || (screen && (screen.width 800 && screen.height 600)); var div document.getElementById(ZLoginUnsupported); if (div) div.style.display ((selectValue advanced) && useStandard) ? block : none;}// if they have JS, write out a whats this? link that shows the message belowfunction showWhatsThis() { var anchor document.getElementById(ZLoginWhatsThisAnchor), tooltip document.getElementById(ZLoginWhatsThis), doHide (tooltip.style.display block); tooltip.style.display doHide ? none : block; anchor.setAttribute(aria-expanded, doHide ? false : true);}function forgotPassword() { var accountInput document.getElementById(username).value; var queryParams encodeURI(account + accountInput); var url /public/PasswordRecovery.jsp? + location.search; if (accountInput ! ) { url + (location.search ! ? & : ) + encodeURI(account + accountInput); } window.location.href url;}function onLoad() { var loginForm document.loginForm; if (loginForm.username) { if (loginForm.username.value ! ) { loginForm.password.focus(); //if username set, focus on password } else { loginForm.username.focus(); } } clientChange(standard); //check if the login page is loaded in the sidebar. if (navigator.mozSocial) { //send a ping so that worker knows about this page. navigator.mozSocial.getWorker().port.postMessage({topic: worker.reload, data: true}); //this page is loaded in firefox sidebar so listen for message from worker. navigator.mozSocial.getWorker().port.onmessage function onmessage(e) { var topic e.data.topic; if (topic && topic sidebar.authenticated) { window.location.href /public/launchSidebar.jsp; } }; } if (false && loginForm.totpcode) { loginForm.totpcode.focus(); }}/script>/body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]