| login-dana2024-resmi.duckdns.org/ | 139.180.136.134 | | 4.4 kB |
URL login-dana2024-resmi.duckdns.org/ IP139.180.136.134:0
File typeHTML document, ASCII text, with very long lines (456) Hash2a14b13a87c42253c8f3996885073217 1e2132c01c25358ea308fe131941b90a2a47023f 84d0da3f050772623b63a7378e231a1b3f5fbe534076ec60b8bc7797dfc455da
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET / HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:23 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css | 151.101.1.229 | | 928 B |
URL cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css IP151.101.1.229:0
Hashf9faba678c4d6dcfdde69e5b11b37a2e 81a434f94f2b1124f3232bb86f2944f82fb23ac0 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
GET /npm/slick-carousel@1.8.1/slick/slick-theme.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
content-encoding: br
accept-ranges: bytes
date: Fri, 29 Mar 2024 05:24:24 GMT
age: 19633921
x-served-by: cache-fra-eddf8230023-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 928
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css | 151.101.1.229 | | 30 kB |
URL cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css IP151.101.1.229:0
File typeUnicode text, UTF-8 text, with very long lines (65300) Hash6d9c6fda1e7087224431cc8068bb998f 6273ac1a23d79a122f022f6a87c5b75c2cfafc3a fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf
GET /npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://login-dana2024-resmi.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
content-encoding: br
accept-ranges: bytes
date: Fri, 29 Mar 2024 05:24:24 GMT
age: 17811308
x-served-by: cache-fra-etou8220113-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30281
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css | 151.101.1.229 | | 1.8 kB |
URL cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css IP151.101.1.229:0
Hashf38b2db10e01b1572732a3191d538707 a94a059b3178b4adec09e3281ace2819a30095a4 de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
GET /npm/slick-carousel@1.8.1/slick/slick.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
accept-ranges: bytes
date: Fri, 29 Mar 2024 05:24:24 GMT
age: 3029199
x-served-by: cache-fra-eddf8230085-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1776
X-Firefox-Spdy: h2
|
|
| login-dana2024-resmi.duckdns.org/lib/style/index.css | 139.180.136.134 | | 876 B |
URL login-dana2024-resmi.duckdns.org/lib/style/index.css IP139.180.136.134:0
Hash165d83f808e6913fe870a6ff0766e777 3672b80d18163e49fb60390094778d79c74f9e82 542138a8793d3a960071709bbe6fe6a073df656b29804a38ad9d50d43e97eb99
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /lib/style/index.css HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:24 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 06:24:28 GMT
Accept-Ranges: bytes
Content-Length: 876
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| login-dana2024-resmi.duckdns.org/assets/img/dana_text.png | 139.180.136.134 | | 1.5 kB |
URL login-dana2024-resmi.duckdns.org/assets/img/dana_text.png IP139.180.136.134:0
File typePNG image data, 252 x 58, 8-bit colormap, non-interlaced Hashfd841b9e9127fb1190033b5194629e01 3e0110740cfb85144a8c31836dc5d72af8545a3c 7b29d4f79db97e3b622e8e4ff6fc2cc8e12189d1b32e105fb48315b2c052c339
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/dana_text.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:24 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:38:06 GMT
Accept-Ranges: bytes
Content-Length: 1466
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css | 104.26.6.173 | | 8.5 kB |
URL code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css IP104.26.6.173:0
File typeUnicode text, UTF-8 text, with very long lines (50806) Hash1690997909aae14b023a6580d4a2f33f a4fd9551382a3b5c9c43e14adb8c4c4149cd2352 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
GET /ionicons/2.0.1/css/ionicons.min.css HTTP/1.1
Host: code.ionicframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:24:24 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
access-control-allow-origin: *
etag: W/"64382bc3-c854"
expires: Tue, 26 Mar 2024 23:51:35 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-github-request-id: CE2C:362DB4:136FD0C:13AF4B2:66035D6A
via: 1.1 varnish
age: 21113
x-served-by: cache-osl6520-OSL
x-cache: HIT
x-cache-hits: 1
x-timer: S1711668751.159811,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: 57b2cecbc71a7948b1581857fafc589d71c6ae70
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcYXhHntJbbM29CxMsVZCEk8j2pFUNtMl0hjfZs50PCCHSJWPXYvCn28bfXsGPIULpZB5vuQ%2F1Qqik2kmBMcp8zSxUlnUL2v109p7kp08ao5m6T0WmDWu7lijWVVnxxD5h3x5AJqgq44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd6ef2dd2256cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css | 104.18.10.207 | | 21 kB |
URL maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css IP104.18.10.207:0
File typeASCII text, with very long lines (65371) Hash5d5357cb3704e1f43a1f5bfed2aebf42 08df9a96752852f2cbd310c30facd934e348c2c5 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:24:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 07/07/2023 01:09:13
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1076
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0ad4fc24207cad41168348671d66aef9
cdn-cache: HIT
cf-cache-status: HIT
age: 10724207
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86bd6ef28b3156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.dana.id/favicon.ico | 23.197.207.49 | | 5.2 kB |
IP23.197.207.49:0 ASN#20940 Akamai International B.V.
File typeMS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Hash8f1bac7ae69451bdf9c44b09577cf28c 4fe47a2d13f8b8bdf5966dc6c4e9e245b00e91c1 8cd0ee2909907b3b0f78d1fd1e7223e2ecc90069261768d98c4b8c7cbee0f9f5
GET /favicon.ico HTTP/1.1
Host: www.dana.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Tue, 11 Apr 2023 09:54:24 GMT
etag: "64352e50-18c5f"
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-length: 5210
cache-control: public, no-transform, max-age=5739819
date: Fri, 29 Mar 2024 05:24:24 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711689864701_398839597_29392415_55_10021_8_30_21";dur=1
X-Firefox-Spdy: h2
|
|
| login-dana2024-resmi.duckdns.org/assets/img/footer.jpg | 139.180.136.134 | | 35 kB |
URL login-dana2024-resmi.duckdns.org/assets/img/footer.jpg IP139.180.136.134:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 814x167, components 3 Hashc562bd188dc2a037a7802f007e864e75 79175aec8e6fc423994abc828524891be8f60132 d55b6db488cde763d6b9f8793537a30a9ea4238be9cf270d9b0dd47f7fe0f7ee
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/footer.jpg HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:24 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 05:17:24 GMT
Accept-Ranges: bytes
Content-Length: 35291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| login-dana2024-resmi.duckdns.org/main.php | 139.180.136.134 | 200 OK | 2.4 kB |
URL User Request GET HTTP/1.1login-dana2024-resmi.duckdns.org/main.php IP139.180.136.134:443
CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typeHTML document, ASCII text Hashcb7fb7d8fe37e5480f9a71f4d7122b83 df399e4538fe67315f0df76839288c2ddd188aff 27b2bca74fb324962f9119652dd40ad6c6458da3a986e82a7d155e929527bbbc
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /main.php HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| login-dana2024-resmi.duckdns.org/lib/style/main.css | 139.180.136.134 | 200 OK | 2.4 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/lib/style/main.css IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
Hashfb7ecbfba8215376b4b57a896cb58c4b 79d7313443b99a7e2a677c7a072c881e8273914f 385f9789b1a2ff6a4673485b30b4c044495214755a09405d34011f2677e1f7f3
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /lib/style/main.css HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Fri, 14 Jul 2023 00:13:18 GMT
Accept-Ranges: bytes
Content-Length: 2435
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| login-dana2024-resmi.duckdns.org/lib/style/spinner.css | 139.180.136.134 | 200 OK | 1.2 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/lib/style/spinner.css IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
Hasha395b035c48b175f14215a5bf82f9fad fb2613f099a8771589454c9250c2db89ce48c594 822ef09afb75295a7e0be229069b971e893b81a4df6996328f434cc8670a3b8c
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /lib/style/spinner.css HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 00:00:32 GMT
Accept-Ranges: bytes
Content-Length: 1191
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap | 142.250.74.106 | 200 OK | 2.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap IP142.250.74.106:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typegzip compressed data, max compression Hash33bafc2c13f3b4ef127c95d43fdf8cb8 850a1f0fc64ad4c4ad89eb427cef4c94fccdf5c4 76ca71d1c9d2e61c45f230184fcbb3fbf8550ec03c79a37699299afe3edc3e08
GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 05:24:28 GMT
date: Fri, 29 Mar 2024 05:24:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| login-dana2024-resmi.duckdns.org/lib/functions/function.js | 139.180.136.134 | 200 OK | 751 B |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/lib/functions/function.js IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typeJavaScript source, ASCII text Hash2a9d4437a54b47f78477d1459d62c412 2403968db940767ccf7a7e8dcc0b8362765439b4 ba311fcee8109c988cd072dbbbea6e7b0145eb603b2854b650c66050cf75280e
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /lib/functions/function.js HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Fri, 14 Jul 2023 00:08:04 GMT
Accept-Ranges: bytes
Content-Length: 751
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-dana2024-resmi.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 96568
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-dana2024-resmi.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 96568
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-dana2024-resmi.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 96568
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| login-dana2024-resmi.duckdns.org/assets/img/dana_logo.png | 139.180.136.134 | 200 OK | 13 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/dana_logo.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 382 x 112, 8-bit/color RGBA, interlaced Hash6fd5a7d18a8f7c04bc5effcdc5235987 c4852c577f44fcdf78fb439a30ea2c6c6983b140 c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/dana_logo.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:38:08 GMT
Accept-Ranges: bytes
Content-Length: 12786
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
|
|
| login-dana2024-resmi.duckdns.org/lib/functions/jquery.mask.min.js | 139.180.136.134 | 200 OK | 8.0 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/lib/functions/jquery.mask.min.js IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typeJavaScript source, ASCII text, with very long lines (551) Hash3c5a930556557c059672c932ee1cb6f4 210d6bbdf03eb055b3c9f4857ae39a7919298fbd d0ee3b624c75591bb550d49f508a38d0bdff62b8d8a30c59ffaf0c97a4ce494d
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /lib/functions/jquery.mask.min.js HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Tue, 01 Nov 2022 14:40:26 GMT
Accept-Ranges: bytes
Content-Length: 7996
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| login-dana2024-resmi.duckdns.org/assets/img/back.png | 139.180.136.134 | 200 OK | 1.1 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/back.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash17f283c873070f034cb9ef54a1a0c853 68850d1e164c97993dc91ed47e95ed40feaf95e2 56a3d46407a0b9246a8daf55b136656b08b23a07948e524df10bba09d94b41f5
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/back.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:11:12 GMT
Accept-Ranges: bytes
Content-Length: 1091
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
|
|
| login-dana2024-resmi.duckdns.org/assets/img/indo.png | 139.180.136.134 | 200 OK | 741 B |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/indo.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 80 x 45, 8-bit colormap, non-interlaced Hashc15c95b8db17f44e5826bb7839278578 5be0ab5aba6201a0a3a3423f9db8008ed2385430 af52bfb0ab7606d185db1457ddc3edceb61c7fe9675e099cae3e3be1eccf152c
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/indo.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 18:42:20 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| login-dana2024-resmi.duckdns.org/lib/functions/jquery.min.js | 139.180.136.134 | 200 OK | 87 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/lib/functions/jquery.min.js IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /lib/functions/jquery.min.js HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Tue, 01 Nov 2022 14:40:30 GMT
Accept-Ranges: bytes
Content-Length: 86926
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| login-dana2024-resmi.duckdns.org/assets/img/load_bg.png | 139.180.136.134 | 200 OK | 7.9 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/load_bg.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced Hashbf1d4a90de7e29b2be55237982cb30b4 ef942049631b598767fda52d54458b9f9680ee87 46518758f002d85cff9220609163f23b7e9f8f2721561d1e0ba79c4f17425c58
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/load_bg.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Tue, 01 Nov 2022 20:12:02 GMT
Accept-Ranges: bytes
Content-Length: 7863
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
|
|
| login-dana2024-resmi.duckdns.org/assets/img/load_spin.png | 139.180.136.134 | 200 OK | 5.1 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/load_spin.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 200 x 200, 8-bit gray+alpha, non-interlaced Hashe8e4e4432355a07040a7327673850223 b07f6cfaacb6a2093778b08dd8d9b8f7d718c119 50b4bad00572d07c6158459a5cb93b1b3f9bdea95d393aa56970afded2f58913
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/load_spin.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:28 GMT
Server: Apache
Last-Modified: Tue, 01 Nov 2022 20:12:08 GMT
Accept-Ranges: bytes
Content-Length: 5078
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| login-dana2024-resmi.duckdns.org/assets/img/favicon/favicon-16x16.png | 139.180.136.134 | 200 OK | 768 B |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/favicon/favicon-16x16.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash9c237fdaf513b1de8a5c885cc339ab14 99605f4126631e418dd9ae9a0580e229b889f6be 98de91ef2980f306d783292453164b76a7fc9f67f4352d5c82a4827702024388
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/favicon/favicon-16x16.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:29 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:48:18 GMT
Accept-Ranges: bytes
Content-Length: 768
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
|
|
| login-dana2024-resmi.duckdns.org/assets/img/favicon/apple-touch-icon.png | 139.180.136.134 | 200 OK | 25 kB |
URL GET HTTP/1.1login-dana2024-resmi.duckdns.org/assets/img/favicon/apple-touch-icon.png IP139.180.136.134:443
Requested byhttps://login-dana2024-resmi.duckdns.org/main.php CertificateIssuerLet's Encrypt Subjectwww.login-dana2024-resmi.duckdns.org Fingerprint9B:27:53:ED:FE:13:FD:39:CE:DF:F3:70:97:18:0A:B4:4A:95:16:A0 ValidityThu, 28 Mar 2024 12:36:42 GMT - Wed, 26 Jun 2024 12:36:41 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash7f5605d87563fde0035dda6b741020c1 34373fc74f78f5da678f82cf3261dd45aa93a665 21be7b34d93ddd125e009d7b8cd6efa0f7992bc907374ec0887a333c99d212c3
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | DANA |
GET /assets/img/favicon/apple-touch-icon.png HTTP/1.1
Host: login-dana2024-resmi.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-dana2024-resmi.duckdns.org/main.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:24:29 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:48:18 GMT
Accept-Ranges: bytes
Content-Length: 25146
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|