idpfbeldiu.ydns.eu/sama.php
200 OK 960 B URL User Request GET HTTP/2 idpfbeldiu.ydns.eu/sama.php
IP
Certificate IssuerLet's Encrypt
Subjectidpfbeldiu.ydns.eu
FingerprintF6:12:99:FB:F2:C4:12:2B:97:DA:B9:07:1B:C4:1F:67:EC:84:DF:2F
ValidityFri, 22 Sep 2023 21:01:46 GMT - Thu, 21 Dec 2023 21:01:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 27d33e224152922d5147c81835f92c73
c15bc02efc0d095258870be3450d1d72e67f3e6b
b19fc54b3318614b5a377aef211637a6e8e30a05044e70ed2e32f52559238454
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
PhishTank phishing Facebook
GET /sama.php HTTP/1.1
Host: idpfbeldiu.ydns.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 960
date: Sun, 24 Sep 2023 01:45:55 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/600px-Facebook_f_logo_%282019%29.svg.png
200 OK 18 kB URL GET HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/600px-Facebook_f_logo_%282019%29.svg.png
IP
Requested by https://idpfbeldiu.ydns.eu/sama.php
Certificate IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint91:D4:DD:DD:2F:F9:18:E0:19:07:D8:6B:C7:54:54:F1:1A:8F:2C:DC
ValidityThu, 27 Oct 2022 00:00:00 GMT - Fri, 17 Nov 2023 23:59:59 GMT
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 43e7a2bbc29966d92a22f409dbdee51d
cb4da19955ad376f47dea756bfe42cae1986f1cd
12a7f36244d45adce34a2a1bc358dbc703bc9326d9427e853b974e8019a94d2f
GET /wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/600px-Facebook_f_logo_%282019%29.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idpfbeldiu.ydns.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:13:06 GMT
content-type: image/png
content-length: 17473
content-disposition: inline;filename*=UTF-8''Facebook_f_logo_%282019%29.svg.png
last-modified: Tue, 22 Mar 2022 23:52:27 GMT
etag: 43e7a2bbc29966d92a22f409dbdee51d
server: ATS/9.1.4
age: 12769
x-cache: cp3078 hit, cp3078 hit/3
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
idpfbeldiu.ydns.eu/css/fb_style.css
200 OK 891 B URL GET HTTP/2 idpfbeldiu.ydns.eu/css/fb_style.css
IP
Requested by https://idpfbeldiu.ydns.eu/sama.php
Certificate IssuerLet's Encrypt
Subjectidpfbeldiu.ydns.eu
FingerprintF6:12:99:FB:F2:C4:12:2B:97:DA:B9:07:1B:C4:1F:67:EC:84:DF:2F
ValidityFri, 22 Sep 2023 21:01:46 GMT - Thu, 21 Dec 2023 21:01:45 GMT
Hash f5990efce538cfdfebb8910b2b41b24e
931725ac8a506dfdfee26c2422db01b407bda91e
5dd5413d9c5dc9802971efb610dd11c8fa5678e2ec853507749cb0d0042b9030
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
PhishTank phishing Facebook
GET /css/fb_style.css HTTP/1.1
Host: idpfbeldiu.ydns.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idpfbeldiu.ydns.eu/sama.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 01 Oct 2023 01:45:55 GMT
etag: "cc8-650e0f3c-fc81d;br"
last-modified: Fri, 22 Sep 2023 22:03:40 GMT
content-type: text/css
content-length: 891
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Sep 2023 01:45:55 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 01:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
200 OK 1.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
Requested by https://idpfbeldiu.ydns.eu/sama.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type gzip compressed data, max compression\012- data
Hash 339c296f825aeda2b28cf5a1555a46eb
50865f95d2efa04d2b03a0071cdc8e31f5c47b4a
32855c9b35fb5c34a0852a286a8f063e2ea715d3f95343454b125ac0a29d7402
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idpfbeldiu.ydns.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 24 Sep 2023 01:45:56 GMT
date: Sun, 24 Sep 2023 01:45:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 01:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://idpfbeldiu.ydns.eu/sama.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://idpfbeldiu.ydns.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 04:50:55 GMT
expires: Fri, 20 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 248101
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 01:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
idpfbeldiu.ydns.eu/img/icon-fb.png
404 Not Found 1.2 kB URL GET HTTP/2 idpfbeldiu.ydns.eu/img/icon-fb.png
IP
Requested by https://idpfbeldiu.ydns.eu/sama.php
Certificate IssuerLet's Encrypt
Subjectidpfbeldiu.ydns.eu
FingerprintF6:12:99:FB:F2:C4:12:2B:97:DA:B9:07:1B:C4:1F:67:EC:84:DF:2F
ValidityFri, 22 Sep 2023 21:01:46 GMT - Thu, 21 Dec 2023 21:01:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1274), with no line terminators
Hash 8c16945397b2ea2fa974494c910f6d08
87289c714f1955cc0a4b8d0f5319bf0dcf771141
16782bd72a33f1963efb1d59aa17f964a604235a255e51dd4aafe0e0587040c6
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
PhishTank phishing Facebook
GET /img/icon-fb.png HTTP/1.1
Host: idpfbeldiu.ydns.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idpfbeldiu.ydns.eu/sama.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Sun, 24 Sep 2023 01:45:56 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
103.191.92.3
142.250.74.131