Domain > 2fa.520040.xyz

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2025-11-20	43.159.98.18 (ClassC)

HTTP/1.1 200 OKServer: nginx/1.26.3Content-Type: text/html; charsetUTF-8X-Powered-By: PHP/8.3.19Content-Security-Policy: script-src nonce-ak5XpfvmsW7wp3lM64HuB3X4gJTrM0jv3xFIWqg1 wasm-unsafe-eval strict-dynamic; style-src self https://2fa.520040.xyz:* https://fastly.jsdelivr.net:* unsafe-inline; connect-src self https://2fa.520040.xyz:* https://fastly.jsdelivr.net:*; img-src self data: https://2fa.520040.xyz:* https://fastly.jsdelivr.net:*; object-src none; default-src selfSet-Cookie: XSRF-TOKENeyJpdiI6IkZrdUlFTEpBSS9WMWM4eFNwL0xEUlE9PSIsInZhbHVlIjoiMlgyOXZKeFVuQmU2Y3BYL21HZ2RBdGVSZWtmVzNianR6RUJFckFIU29nc2JLNzlBdXpnM0hMYjBMbWFVRlR2MFdQNzUwcVNQZktrdzdkVk1lMmhxN0lUTFFhemw3Qml6WmNVWi84UTgvUXpNL3lHbFZpcDVTdkdXQ0ZKRzJ3VWwiLCJtYWMiOiI1MjhlMjJiNDMzMGIzYWRlYWZiNjkwMzgwZjVhNTA5MWQ3MTYyZjE3NWM0NzYzNTg3OTEyNTIwODMyNWE2M2NlIiwidGFnIjoiIn0%3D; expiresWed, 18 Feb 2026 03:35:27 GMT; Max-Age7776000; path/; samesitelaxSet-Cookie: 2fauth_sessioneyJpdiI6ImJWcVFYVUhOZU5pYVdwakEwU2lJL2c9PSIsInZhbHVlIjoiZzNNK3ZHVUhPNW9ZaGlLUXpRM2NIbjdMVzNwWitEWWZDTUlzY040emk1R2hGM2x0ZFVVZTJaRXpheURNSnhKNXRDYjJOL0RXNk9jdjhzc1BRNnd0Q0JkeitqNnRyNDNHbUMvUHN6MWpmSUZzTEE2UVkzK2pWS2RWKzNCZnFtbk8iLCJtYWMiOiI2YjkyMzhmYzg4NDUwZGM0NGE5OWFjZGNmODkwNjVkYWRhN2M4ZThiMWMyNjQ0NzkyNGZlNzk3MWQ3MzQzNjEyIiwidGFnIjoiIn0%3D; expiresWed, 18 Feb 2026 03:35:27 GMT; Max-Age7776000; path/; httponly; samesitelaxCache-Control: private, no-cacheTransfer-Encoding: chunkedConnection: keep-aliveDate: Thu, 20 Nov 2025 03:36:25 GMTEO-LOG-UUID: 15871825145883233349EO-Cache-Status: MISS

!DOCTYPE html>html data-themesystem langen>head>    meta charsetutf-8>    meta http-equivX-UA-Compatible contentIEedge>    meta namedescription contentA web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes langen>    meta nameviewport contentwidthdevice-width, initial-scale1, maximum-scale1, user-scalable0, shrink-to-fitno, viewport-fitcover>    meta namecsrf-token content0G0bkka9zEs55M0Dq5hwXTwrYf9bLnRtPPJVxd2a>    meta namerobots contentnoindex, nofollow>    meta namemobile-web-app-capable contentyes>    meta nameapple-mobile-web-app-status-bar-style contentblack-translucent>    title>2FAuth/title>    link relshortcut icon hrefhttps://2fa.520040.xyz/favicon.ico />    link relicon typeimage/png hrefhttps://2fa.520040.xyz/favicon.png />    link relapple-touch-icon hrefhttps://2fa.520040.xyz/favicon_lg.png />    link relapple-touch-icon-precomposed hrefhttps://2fa.520040.xyz/favicon_lg.png />    link relmanifest hrefhttps://2fa.520040.xyz/manifest.json>/head>body>    div idapp>        app>/app>    /div>    script typetext/javascript        nonceak5XpfvmsW7wp3lM64HuB3X4gJTrM0jv3xFIWqg1 >        var appSettings  {useEncryption:null,checkForUpdate:null,lastRadarScan:null,latestRelease:null,disableRegistration:false,enableSso:true,useSsoOnly:false,allowPatWhileSsoOnly:false,restrictRegistration:null,restrictList:null,restrictRule:null,keepSsoRegistrationEnabled:null,storeIconsInDatabase:null};        var appConfig  {proxyAuth:false,proxyLogoutUrl:false,sso:{openid:false,github:false},subdirectory:};        var urls  {installDocUrl:https:\/\/docs.2fauth.app\/getting-started\/installation\/self-hosted-server\/,ssoDocUrl:https:\/\/docs.2fauth.app\/security\/authentication\/sso\/,exportSchemaUrl:https:\/\/docs.2fauth.app\/usage\/migration\/#export-schema};        var defaultPreferences  {showOtpAsDot:false,showNextOtp:true,revealDottedOTP:false,closeOtpOnCopy:false,copyOtpOnDisplay:false,clearSearchOnCopy:false,useBasicQrcodeReader:false,displayMode:list,showAccountsIcons:true,iconCollection:selfh,iconVariant:regular,iconVariantStrictFetch:false,kickUserAfter:15,activeGroup:0,rememberActiveGroup:true,viewDefaultGroupOnCopy:false,defaultGroup:0,defaultCaptureMode:livescan,useDirectCapture:false,useWebauthnOnly:false,getOfficialIcons:true,theme:system,formatPassword:true,formatPasswordBy:0.5,lang:browser,getOtpOnRequest:true,notifyOnNewAuthDevice:false,notifyOnFailedLogin:false,timezone:UTC,sortCaseSensitive:false,autoCloseTimeout:2,AutoSaveQrcodedAccount:false,showEmailInFooter:true};        var lockedPreferences  ;        var appVersion  5.6.0;        var isDemoApp  false;        var isTestingApp  false;        var appLocales  bg,zh-CN,da,nl,en,fr,de,hi,it,ja,ko,pt-BR,ru,es-ES,tr;    /script>    link relpreload asstyle hrefhttps://2fa.520040.xyz/build/assets/app-BIlsKXRE.css nonceak5XpfvmsW7wp3lM64HuB3X4gJTrM0jv3xFIWqg1 />link relmodulepreload hrefhttps://2fa.520040.xyz/build/assets/app-C-TXXRMB.js nonceak5XpfvmsW7wp3lM64HuB3X4gJTrM0jv3xFIWqg1 />link relstylesheet hrefhttps://2fa.520040.xyz/build/assets/app-BIlsKXRE.css nonceak5XpfvmsW7wp3lM64HuB3X4gJTrM0jv3xFIWqg1 />script typemodule srchttps://2fa.520040.xyz/build/assets/app-C-TXXRMB.js nonceak5XpfvmsW7wp3lM64HuB3X4gJTrM0jv3xFIWqg1>/script>/body>/html>

Port 443

HTTP/1.1 200 OKServer: nginx/1.26.3Content-Type: text/html; charsetUTF-8X-Powered-By: PHP/8.3.19Content-Security-Policy: script-src nonce-ejaHN5rXXC3uxsvbT6QpNjBY09h8sKYij9Rj79W4 wasm-unsafe-eval strict-dynamic; style-src self https://2fa.520040.xyz:* https://fastly.jsdelivr.net:* unsafe-inline; connect-src self https://2fa.520040.xyz:* https://fastly.jsdelivr.net:*; img-src self data: https://2fa.520040.xyz:* https://fastly.jsdelivr.net:*; object-src none; default-src selfSet-Cookie: XSRF-TOKENeyJpdiI6InlVVDlqK21zKzNicmlYbGI3a3hQQ2c9PSIsInZhbHVlIjoiLzFkdjY5RlBHdTA2ZGdzZmpUQWVFZWJySkYyVkhUb3daZE9sNmJNMzUvam9JZ1FnOXBJa3NsdTRadXlPRVpRWTRUamIwYUxOWmdpelNSYWcwV05BcEg3RjJRUnZid01QdXE5OTRDQ1dYNWZZWVZhM3dUNWhObkhsQnFoZU41azEiLCJtYWMiOiIwNGQyYWU1NmMyYTgzYmJmM2VkMGY5YjVkMjg0MWQ0ZGYzYzFkYzg2OTBiMmQzNTkxZjI1Zjg2OGNiYmU2ZDQwIiwidGFnIjoiIn0%3D; expiresWed, 18 Feb 2026 03:35:27 GMT; Max-Age7776000; path/; samesitelaxSet-Cookie: 2fauth_sessioneyJpdiI6InhaUk5INFRKQXJDbU9qVGQvMGxMUnc9PSIsInZhbHVlIjoiOW91YVRTSldMUW5zZjRaV05vVVJuL2tUNlNjYlJsV1dQVFhyZENZMWkxaWpER1EwSGViY3MwSmhlanVseWp2aE1GN25rRWxVcHMvWjVaNlhQaWtha3o1cisxNFZqeTExc2VobEp3TTM0M2FlWDF5eC9maTNtTzJlQ1pkd0liSi8iLCJtYWMiOiI3MzVlZDVmYjI0N2NhNmU3NjFmMjJlZDQxM2I3ZGIzODRhYzIxZDc3Y2IyZDQyNTQ1NjMzZjFlYjNjNmE3YmVjIiwidGFnIjoiIn0%3D; expiresWed, 18 Feb 2026 03:35:27 GMT; Max-Age7776000; path/; httponly; samesitelaxCache-Control: private, no-cacheTransfer-Encoding: chunkedConnection: keep-aliveDate: Thu, 20 Nov 2025 03:36:26 GMTEO-LOG-UUID: 8783890693538804466EO-Cache-Status: MISS

!DOCTYPE html>html data-themesystem langen>head>    meta charsetutf-8>    meta http-equivX-UA-Compatible contentIEedge>    meta namedescription contentA web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes langen>    meta nameviewport contentwidthdevice-width, initial-scale1, maximum-scale1, user-scalable0, shrink-to-fitno, viewport-fitcover>    meta namecsrf-token content5oCv1jlvABXVUOXhUW7BL0WOfSQDqKaKXhpPrAWg>    meta namerobots contentnoindex, nofollow>    meta namemobile-web-app-capable contentyes>    meta nameapple-mobile-web-app-status-bar-style contentblack-translucent>    title>2FAuth/title>    link relshortcut icon hrefhttps://2fa.520040.xyz/favicon.ico />    link relicon typeimage/png hrefhttps://2fa.520040.xyz/favicon.png />    link relapple-touch-icon hrefhttps://2fa.520040.xyz/favicon_lg.png />    link relapple-touch-icon-precomposed hrefhttps://2fa.520040.xyz/favicon_lg.png />    link relmanifest hrefhttps://2fa.520040.xyz/manifest.json>/head>body>    div idapp>        app>/app>    /div>    script typetext/javascript        nonceejaHN5rXXC3uxsvbT6QpNjBY09h8sKYij9Rj79W4 >        var appSettings  {useEncryption:null,checkForUpdate:null,lastRadarScan:null,latestRelease:null,disableRegistration:false,enableSso:true,useSsoOnly:false,allowPatWhileSsoOnly:false,restrictRegistration:null,restrictList:null,restrictRule:null,keepSsoRegistrationEnabled:null,storeIconsInDatabase:null};        var appConfig  {proxyAuth:false,proxyLogoutUrl:false,sso:{openid:false,github:false},subdirectory:};        var urls  {installDocUrl:https:\/\/docs.2fauth.app\/getting-started\/installation\/self-hosted-server\/,ssoDocUrl:https:\/\/docs.2fauth.app\/security\/authentication\/sso\/,exportSchemaUrl:https:\/\/docs.2fauth.app\/usage\/migration\/#export-schema};        var defaultPreferences  {showOtpAsDot:false,showNextOtp:true,revealDottedOTP:false,closeOtpOnCopy:false,copyOtpOnDisplay:false,clearSearchOnCopy:false,useBasicQrcodeReader:false,displayMode:list,showAccountsIcons:true,iconCollection:selfh,iconVariant:regular,iconVariantStrictFetch:false,kickUserAfter:15,activeGroup:0,rememberActiveGroup:true,viewDefaultGroupOnCopy:false,defaultGroup:0,defaultCaptureMode:livescan,useDirectCapture:false,useWebauthnOnly:false,getOfficialIcons:true,theme:system,formatPassword:true,formatPasswordBy:0.5,lang:browser,getOtpOnRequest:true,notifyOnNewAuthDevice:false,notifyOnFailedLogin:false,timezone:UTC,sortCaseSensitive:false,autoCloseTimeout:2,AutoSaveQrcodedAccount:false,showEmailInFooter:true};        var lockedPreferences  ;        var appVersion  5.6.0;        var isDemoApp  false;        var isTestingApp  false;        var appLocales  bg,zh-CN,da,nl,en,fr,de,hi,it,ja,ko,pt-BR,ru,es-ES,tr;    /script>    link relpreload asstyle hrefhttps://2fa.520040.xyz/build/assets/app-BIlsKXRE.css nonceejaHN5rXXC3uxsvbT6QpNjBY09h8sKYij9Rj79W4 />link relmodulepreload hrefhttps://2fa.520040.xyz/build/assets/app-C-TXXRMB.js nonceejaHN5rXXC3uxsvbT6QpNjBY09h8sKYij9Rj79W4 />link relstylesheet hrefhttps://2fa.520040.xyz/build/assets/app-BIlsKXRE.css nonceejaHN5rXXC3uxsvbT6QpNjBY09h8sKYij9Rj79W4 />script typemodule srchttps://2fa.520040.xyz/build/assets/app-C-TXXRMB.js nonceejaHN5rXXC3uxsvbT6QpNjBY09h8sKYij9Rj79W4>/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > 2fa.520040.xyz

Is this malicious?

DNS Resolutions

Port 80

Port 443