| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css | 104.17.24.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css IP104.17.24.14:443
Requested byhttps://goldauth.ddns.net/relogin.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hash9402848c3d4bbc710c764326f8b887c9 b6e555166eb1381392e00adcde9bf8863f16ff01 c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
GET /ajax/libs/font-awesome/6.5.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goldauth.ddns.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:41:18 GMT
content-type: text/css; charset=utf-8
content-length: 18861
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65692999-49ad"
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 577757
expires: Sun, 27 Apr 2025 12:41:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FX8zPOYf1WzzLEOOsnAp%2FtNysm6Crn9TTS%2FdKZX2VG7bmCI%2B%2F7GmtimAYWvbUVXZW%2FyrSc3IU%2BFcu1u1aW3FYUg36SweGQY6wjI77de80eukQ8SXMotMk6tIgZAW9QMDjRaoMP4S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88014890ba6fb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| goldauth.ddns.net/relogin.php | 159.223.49.171 | 200 OK | 2.5 kB |
URL User Request GET HTTP/1.1goldauth.ddns.net/relogin.php IP159.223.49.171:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectgoldauth.ddns.net FingerprintAC:0B:83:5E:C3:FC:C7:B5:07:36:4C:0D:68:34:13:D2:0C:F6:F2:E1 ValidityMon, 06 May 2024 20:27:50 GMT - Sun, 04 Aug 2024 20:27:49 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash831d60f2cbc32d28a55d2404ae3f62cb 80ff934ea7c14ef2c851e5f8c5311f732566df7c 054d762aec90fa974ceb2f21f3f8e37f15e9aed52442346b1263c056cb81b3ba
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Generic/Spear Phishing |
GET /relogin.php HTTP/1.1
Host: goldauth.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:41:17 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| goldauth.ddns.net/css/style.css | 159.223.49.171 | 200 OK | 3.2 kB |
URL GET HTTP/1.1goldauth.ddns.net/css/style.css IP159.223.49.171:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://goldauth.ddns.net/relogin.php CertificateIssuerLet's Encrypt Subjectgoldauth.ddns.net FingerprintAC:0B:83:5E:C3:FC:C7:B5:07:36:4C:0D:68:34:13:D2:0C:F6:F2:E1 ValidityMon, 06 May 2024 20:27:50 GMT - Sun, 04 Aug 2024 20:27:49 GMT
File typeASCII text, with CRLF line terminators Hasha0e2889f754afbdd3438d223e212f6f0 98b2744f2fa5cd65007886a4eefda84f37d59235 5829f52336c218a825a32f95efa49261ed8364a19ba843c6737899ef018f0f09
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Generic/Spear Phishing |
GET /css/style.css HTTP/1.1
Host: goldauth.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldauth.ddns.net/relogin.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:41:18 GMT
Server: Apache
Last-Modified: Sat, 20 Apr 2024 17:10:18 GMT
Accept-Ranges: bytes
Content-Length: 3198
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 | 104.17.24.14 | 200 OK | 156 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 IP104.17.24.14:443
Requested byhttps://goldauth.ddns.net/relogin.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 156496, version 773.768 Size156 kB (156496 bytes) Hash6c4eee562650e53cee32496bdfbe534b 1aae708e3b94ee981b452a918d28ed037fbb5e18 9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldauth.ddns.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 12:41:18 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 156496
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "65692999-26350"
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 505160
expires: Sun, 27 Apr 2025 12:41:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CvujJk5MzfIATvCUa95rP6mxwU5v33M9PArBU43%2Bwv%2Fu368Aker995ufa5BbrgWNeP5tFEw5ccbsUNZdnTl8vYGb2%2FnhzE3E4TnKjXqBjOylaJWyNQIpuiIrDkGrFoWRj4ii0YGy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880148938942b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| goldauth.ddns.net/favicon.ico | 159.223.49.171 | 404 Not Found | 315 B |
URL GET HTTP/1.1goldauth.ddns.net/favicon.ico IP159.223.49.171:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://goldauth.ddns.net/relogin.php CertificateIssuerLet's Encrypt Subjectgoldauth.ddns.net FingerprintAC:0B:83:5E:C3:FC:C7:B5:07:36:4C:0D:68:34:13:D2:0C:F6:F2:E1 ValidityMon, 06 May 2024 20:27:50 GMT - Sun, 04 Aug 2024 20:27:49 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Generic/Spear Phishing |
GET /favicon.ico HTTP/1.1
Host: goldauth.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldauth.ddns.net/relogin.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 12:41:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| goldauth.ddns.net/img/main.png | 159.223.49.171 | 200 OK | 63 kB |
URL GET HTTP/1.1goldauth.ddns.net/img/main.png IP159.223.49.171:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://goldauth.ddns.net/relogin.php CertificateIssuerLet's Encrypt Subjectgoldauth.ddns.net FingerprintAC:0B:83:5E:C3:FC:C7:B5:07:36:4C:0D:68:34:13:D2:0C:F6:F2:E1 ValidityMon, 06 May 2024 20:27:50 GMT - Sun, 04 Aug 2024 20:27:49 GMT
File typePNG image data, 377 x 134, 8-bit/color RGBA, non-interlaced Hash07f95d3ea7b70b7713f563eef714d192 030e196cfd08dd203db24dcea9c606ca87647e15 a28529d1306927628895fd6dbd0aaef065802cece3d909ef5887eec7781f8028
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Generic/Spear Phishing |
GET /img/main.png HTTP/1.1
Host: goldauth.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldauth.ddns.net/relogin.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:41:19 GMT
Server: Apache
Last-Modified: Sat, 20 Apr 2024 17:08:38 GMT
Accept-Ranges: bytes
Content-Length: 63030
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| goldauth.ddns.net/img/cloud.jpg | 0.0.0.0 | | 0 B |
URL GET goldauth.ddns.net/img/cloud.jpg IP0.0.0.0:0
Requested byhttps://goldauth.ddns.net/relogin.php CertificateIssuerLet's Encrypt Subjectgoldauth.ddns.net FingerprintAC:0B:83:5E:C3:FC:C7:B5:07:36:4C:0D:68:34:13:D2:0C:F6:F2:E1 ValidityMon, 06 May 2024 20:27:50 GMT - Sun, 04 Aug 2024 20:27:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Generic/Spear Phishing |
GET /img/cloud.jpg HTTP/1.1
Host: goldauth.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldauth.ddns.net/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:41:26 GMT
Server: Apache
Last-Modified: Sat, 20 Apr 2024 17:16:36 GMT
Accept-Ranges: bytes
Content-Length: 609381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
|
|